Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
_Ggerlach_Benefits_and_Commission_2024.svg
|
SVG Scalable Vector Graphics image
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0736222e-3b74-4be9-b55d-77c14bf8bd53.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\083fba8f-bd86-4b71-80b7-2fb72e1b22b6.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\30f7d711-bdde-4103-8ebe-d9bcf0fc2d55.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\56563531-98ff-4eeb-b631-b7cc2da2115b.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\90b7c6f2-cbfc-4966-b055-83a6cf5a688e.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6704517A-D68.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6704517B-1A50.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0c34d7f7-24e0-41c8-a3cc-389eba4190d6.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3b4de697-d0ca-4551-8079-51784d94d4ee.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\57dd5b1c-6ddb-46b8-ac26-2b46233d46d7.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5972e13a-5609-4d90-bc9e-10128f0a9ade.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\6a836405-8601-4916-a65e-6de7bdc4ffad.tmp
|
ASCII text, with very long lines (1597), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8fa24d0a-1914-4acb-b532-1431ddff98e3.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\938e1561-67df-40e2-bf41-61810d7b5ac7.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5,
schema 4, UTF-8, version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 16, cookie
0x8, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
|
ASCII text, with very long lines (1597), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\02fa281a-20b5-4ff1-ac37-13e2fb54c445.tmp
|
MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\51ce0f7a-321a-45dc-ab82-5602ed153573.tmp
|
MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\039c3a7e-caa6-4ce1-88c2-d93c06180f92.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\27758115-861a-4e7d-b027-513cb56f2aff.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\46310893-06d2-411c-9024-0973ab1a4067.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\59bb6c52-a06e-44a8-8c93-d1019159a813.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF2d538.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF34632.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF1c0f9.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF1cee4.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a04585d0-7636-4cd6-9302-8f8bda126ce8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ee337360-9307-46c0-b000-c413b53ecca5.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\efaa457c-2f54-4b95-86ae-8727e048a4f3.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF23aec.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF266fd.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2ce43.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF32655.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF35361.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF38d4d.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF22282.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13372809853927186
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13372809966312300
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3516d9ef-abff-471f-abff-d43e22498706.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\47fc9adb-abe5-4d63-8117-20be9b9b3f13.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\71c8b8cb-5fd5-44f7-ae8a-ef85358f4e66.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8aa6e17a-a932-4a3e-8151-8bd7c35b69d1.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF34632.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports~RF1cef3.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\feb732d6-849e-436a-9ff2-32d42f6472f0.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie
0x36, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b832e5e5-ebca-4231-a332-0620a0120378.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c2a63877-c70a-4b11-b880-78fbaabb4e36.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c537488b-9f4e-4fb9-b8cc-7de6c0740485.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ca5554e4-2230-4949-91e6-462ca167e355.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\de717b2c-14b8-430c-bdcb-e4a4d5018eab.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 2, database
pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF1bb9a.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF1bd30.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF1e431.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2ce14.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32636.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35361.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39af9.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
|
raw G3 (Group 3) FAX, byte-padded
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\dbec4cb6-344f-432e-8b35-f75221a9f4d8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e99debad-500e-458d-9076-0947d5f6e852.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f689411c-0bb5-4f52-9d8a-d29bc3d3570f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\.ses
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\46b84e1f-644f-41c0-b8f9-5ba9a2aef32c.tmp
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5d395314-5413-4b2b-86a1-56f1aafd7b93.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\75f45a42-6bff-420b-9af2-993a24cfb6ab.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41926
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\b4963bde-9912-4290-93af-fec5c01ce9d9.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\d7725399-ee09-4744-9f15-d80e69ca601b.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e8217381-1723-4001-b9ac-7637b658ba1f.tmp
|
PNG image data, 342 x 126, 8-bit colormap, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fbde4b75-5c54-43f0-9fa3-751df5604815.tmp
|
PNG image data, 1356 x 1466, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fc86dd97-dca4-445d-bd83-cc48e254a869.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\content.js
|
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\content_new.js
|
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\d7725399-ee09-4744-9f15-d80e69ca601b.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\af\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\am\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ar\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\az\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\be\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\bg\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\bn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ca\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\cs\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\cy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\da\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\de\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\el\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en_GB\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en_US\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\es\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\es_419\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\et\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\eu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fil\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fr_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\gl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\gu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\id\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\is\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\it\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\iw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ja\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ka\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\kk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\km\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\kn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ko\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\lo\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\lt\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\lv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ml\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\mn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\mr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ms\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\my\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ne\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\nl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\no\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pt_BR\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pt_PT\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ro\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ru\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\si\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ta\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\te\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\th\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\tr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\uk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ur\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\vi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zh_CN\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zh_HK\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zh_TW\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\dasherSettingSchema.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\offscreendocument.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\offscreendocument_main.js
|
ASCII text, with very long lines (3700)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\page_embed_script.js
|
ASCII text, with very long lines (337)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\service_worker_bin_prod.js
|
ASCII text, with very long lines (3705)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\fc86dd97-dca4-445d-bd83-cc48e254a869.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 247 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\Desktop\_Ggerlach_Benefits_and_Commission_2024.svg
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1960,i,12678008410117373553,10809593292764261393,262144
/prefetch:3
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
--single-argument C:\Users\user\Desktop\_Ggerlach_Benefits_and_Commission_2024.svg
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144
/prefetch:3
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6468 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144
/prefetch:8
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6416 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144
/prefetch:8
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker
--lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6488 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/in
|
unknown
|
||
|
https://web.whatsapp.com
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
|
unknown
|
||
|
https://m.kugou.com/
|
unknown
|
||
|
https://www.office.com
|
unknown
|
||
|
https://outlook.live.com/mail/0/
|
unknown
|
||
|
https://www.last.fm/
|
unknown
|
||
|
https://i.imgur.com/i0nWQPo.png
|
199.232.196.193
|
||
|
https://powerpoint.new?from=EdgeM365Shoreline
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
https://services.bingapis.com/undersideproactive/api/v1/trigger
|
13.107.5.80
|
||
|
https://tidal.com/
|
unknown
|
||
|
https://docs.google.com/
|
unknown
|
||
|
https://www.youtube.com
|
unknown
|
||
|
https://www.instagram.com
|
unknown
|
||
|
https://web.skype.com/?browsername=edge_canary_shoreline
|
unknown
|
||
|
https://gaana.com/
|
unknown
|
||
|
https://drive-staging.corp.google.com/
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://outlook.live.com/mail/compose?isExtension=true
|
unknown
|
||
|
https://www.netflix.com/
|
unknown
|
||
|
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
|
unknown
|
||
|
https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/index.html
|
172.233.128.227
|
||
|
https://www.messenger.com
|
unknown
|
||
|
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
|
unknown
|
||
|
https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
|
unknown
|
||
|
https://outlook.office.com/mail/compose?isExtension=true
|
unknown
|
||
|
https://imgur.com/i0nWQPo.png
|
199.232.196.193
|
||
|
https://www.reddit.com/
|
unknown
|
||
|
https://unitedstates4.ss.wd.microsoft.us/
|
unknown
|
||
|
https://i.y.qq.com/n2/m/index.html
|
unknown
|
||
|
https://www.deezer.com/
|
unknown
|
||
|
https://latest.web.skype.com/?browsername=edge_canary_shoreline
|
unknown
|
||
|
https://word.new?from=EdgeM365Shoreline
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
https://web.telegram.org/
|
unknown
|
||
|
https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
|
unknown
|
||
|
https://outlook.office.com/mail/0/
|
unknown
|
||
|
https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://m.soundcloud.com/
|
unknown
|
||
|
https://www.live.com/
|
unknown
|
||
|
https://mail.google.com/mail/mu/mp/266/#tl/Inbox
|
unknown
|
||
|
https://drive-daily-2.corp.google.com/
|
unknown
|
||
|
https://drive-autopush.corp.google.com/
|
unknown
|
||
|
https://music.amazon.com
|
unknown
|
||
|
https://www.amazon.com/
|
unknown
|
||
|
https://drive-daily-4.corp.google.com/
|
unknown
|
||
|
https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/
|
unknown
|
||
|
https://vibe.naver.com/today
|
unknown
|
||
|
https://unitedstates1.ss.wd.microsoft.us/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
|
unknown
|
||
|
https://open.spotify.com
|
unknown
|
||
|
https://twitter.com/
|
unknown
|
||
|
https://drive-daily-1.corp.google.com/
|
unknown
|
||
|
https://excel.new?from=EdgeM365Shoreline
|
unknown
|
||
|
https://web.skype.com/?browsername=edge_stable_shoreline
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
https://www.onenote.com/stickynotesstaging?isEdgeHub=true
|
unknown
|
||
|
https://drive-daily-5.corp.google.com/
|
unknown
|
||
|
https://m.vk.com/
|
unknown
|
||
|
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
23.55.235.170
|
||
|
https://chrome.cloudflare-dns.com/dns-query
|
172.64.41.3
|
||
|
https://www.google.com/chrome
|
unknown
|
||
|
https://www.tiktok.com/
|
unknown
|
||
|
https://drive-daily-6.corp.google.com/
|
unknown
|
||
|
https://drive-daily-0.corp.google.com/
|
unknown
|
||
|
https://www.onenote.com/stickynotes?isEdgeHub=true
|
unknown
|
||
|
https://www.iheart.com/podcast/
|
unknown
|
||
|
https://music.yandex.com
|
unknown
|
||
|
https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/favicon.ico
|
172.233.128.227
|
||
|
https://chromewebstore.google.com/
|
unknown
|
||
|
https://drive-preprod.corp.google.com/
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
|
unknown
|
||
|
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
|
unknown
|
||
|
https://chrome.google.com/webstore/
|
unknown
|
||
|
https://y.music.163.com/m/
|
unknown
|
||
|
https://unitedstates2.ss.wd.microsoft.us/
|
unknown
|
||
|
https://bard.google.com/
|
unknown
|
||
|
https://drive-daily-3.corp.google.com/
|
unknown
|
There are 77 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
|
imgur.com
|
199.232.196.193
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.185.129
|
||
|
sni1gl.wpc.nucdn.net
|
152.199.21.175
|
||
|
ipv4.imgur.map.fastly.net
|
199.232.196.193
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
bzib.nelreports.net
|
unknown
|
||
|
i.imgur.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.129
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
13.107.246.40
|
unknown
|
United States
|
||
|
13.107.246.45
|
s-part-0017.t-0009.t-msedge.net
|
United States
|
||
|
23.55.235.170
|
unknown
|
United States
|
||
|
152.195.19.97
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
20.42.72.131
|
unknown
|
United States
|
||
|
96.17.66.27
|
unknown
|
United States
|
||
|
199.232.196.193
|
imgur.com
|
United States
|
||
|
172.233.128.227
|
unknown
|
United States
|
||
|
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
4.152.133.8
|
unknown
|
United States
|
||
|
13.107.5.80
|
unknown
|
United States
|
||
|
13.107.21.237
|
unknown
|
United States
|
||
|
4.153.57.10
|
unknown
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
23.45.193.222
|
unknown
|
United States
|
There are 7 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
dr
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
freseenversion
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
freseen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
|
is_dse_recommended
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
|
is_startup_page_recommended
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahokoikenoafgppiblgpenaaaolecifn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
bhmhibnbialendcafinliemndanacfaj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
bobbggphonhgdonfdibkfipfepfcildj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ceaifoolopnigfpidlheoagpheiplgii
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
cjneempfhkonkkbcmnfdibgobmhbagaj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dabfebgaghanlbehmkmaflipiohdimmc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dcaajljecejllikfgbhjdgeognacjkkp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dmbljphlfghcnbohaoffiedmodfmkmol
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ehlmnljdoejdahfjdfobmpfancoibmig
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
eijpepilkjkofamihbmjcnihgpbebafj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
enkoeamdnimieoooocohgbdajhhkajko
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fjngpfnaikknjdhkckmncgicobbkcnle
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gbihlnbpmfkodghomcinpblknjhneknc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gbmoeijgfngecijpcnbooedokgafmmji
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gecfnmoodchdkebjjffmdcmeghkflpib
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gekagaaiohabmaknhkbaofhhedhelemf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghglcnachgghkhbafjogogiggghcpjig
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hciemgmhplhpinoohcjpafmncmjapioh
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hloomjjkinpbjldhobfkfdamkmikjmdo
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hmlhageoffiiefnmojcgoagebofoifpl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jbleckejnaboogigodiafflhkajdmpcl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jlipacegilfgfpgkefbjcncbfcoeecgj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jpfjdekhebcolnfkpicpciaknbgcdcbm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kfihiegbjaloebkmglnjnljoljgkkchm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
khffkadolmfbdgahbabbhipadklfmhgf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kjncpkplfnolibapodobnnjfgmjmiaba
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kkobcodijbdelbnhbfkkfncbeildnpie
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kmojgmpmopiiagdfbilgognmlegkonbk
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkbndigcebkoaejohleckhekfmcecfja
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nnpnekncnhiglbokoiffmejlimgmgoam
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ofefcgjbeghpigppfmkologfjadafddi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
olkdlefmaniacnmgofabnpmomgcpdaip
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
olmhchkiafniffcaiciiomfdplnmklak
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
pencekojiebcjhifbkfdncgmmooepclc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ppnnjfpaneghjbcepgedmlcgmfgkjhah
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahokoikenoafgppiblgpenaaaolecifn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
bhmhibnbialendcafinliemndanacfaj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
bobbggphonhgdonfdibkfipfepfcildj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ceaifoolopnigfpidlheoagpheiplgii
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
cjneempfhkonkkbcmnfdibgobmhbagaj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dabfebgaghanlbehmkmaflipiohdimmc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dcaajljecejllikfgbhjdgeognacjkkp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dmbljphlfghcnbohaoffiedmodfmkmol
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ehlmnljdoejdahfjdfobmpfancoibmig
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
eijpepilkjkofamihbmjcnihgpbebafj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
enkoeamdnimieoooocohgbdajhhkajko
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fjngpfnaikknjdhkckmncgicobbkcnle
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gbihlnbpmfkodghomcinpblknjhneknc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gbmoeijgfngecijpcnbooedokgafmmji
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gecfnmoodchdkebjjffmdcmeghkflpib
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gekagaaiohabmaknhkbaofhhedhelemf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghglcnachgghkhbafjogogiggghcpjig
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hciemgmhplhpinoohcjpafmncmjapioh
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hloomjjkinpbjldhobfkfdamkmikjmdo
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hmlhageoffiiefnmojcgoagebofoifpl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jbleckejnaboogigodiafflhkajdmpcl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jlipacegilfgfpgkefbjcncbfcoeecgj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jmjflgjpcpepeafmmgdpfkogkghcpiha
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jpfjdekhebcolnfkpicpciaknbgcdcbm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kfihiegbjaloebkmglnjnljoljgkkchm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
khffkadolmfbdgahbabbhipadklfmhgf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kjncpkplfnolibapodobnnjfgmjmiaba
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kkobcodijbdelbnhbfkkfncbeildnpie
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kmojgmpmopiiagdfbilgognmlegkonbk
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkbndigcebkoaejohleckhekfmcecfja
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nnpnekncnhiglbokoiffmejlimgmgoam
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ofefcgjbeghpigppfmkologfjadafddi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
olkdlefmaniacnmgofabnpmomgcpdaip
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
olmhchkiafniffcaiciiomfdplnmklak
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
pencekojiebcjhifbkfdncgmmooepclc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ppnnjfpaneghjbcepgedmlcgmfgkjhah
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CloudExperienceHost\Intent\ContinuousMigration
|
ConsentState
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018000DDDFEBB86
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{C89E2069-AF13-46DB-9E39-216131494B87}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197318
|
WindowTabManagerFileMappingId
|
There are 137 hidden registries, click here to show them.