General Info

File name

downloadEdge.aspx

Full analysis
https://app.any.run/tasks/26718d08-1801-4705-9a77-c91ffbc21fbd
Verdict
Malicious activity
Analysis date
11/8/2019, 17:27:10
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

loader

Indicators:

MIME:
application/x-dosexec
File info:
PE32 executable (GUI) Intel 80386, for MS Windows
MD5

226991c242389eb4d93245c573318cdf

SHA1

2788629f1415f7a99e63d4745caf5dbe9d78fca2

SHA256

323848f1af8d3f1ac4b90f10e73fd231a3e5a2fb71453429b96a968a8aaab4f5

SSDEEP

49152:O62IOLwwuYrMJY/EqLZemfbIVk45+NT5aL:O65OUwuYACDLH4L

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
300 seconds
Additional time used
240 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (75.0.3770.100)
  • Google Update Helper (1.3.34.7)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.7.2 (4.7.03062)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
  • Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
  • Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
  • Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
  • Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
  • Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
  • Mozilla Firefox 68.0.1 (x86 en-US) (68.0.1)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB4019990
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • MicrosoftEdgeUpdateOnDemand.exe (PID: 3448)
  • MicrosoftEdgeUpdate.exe (PID: 2920)
  • MicrosoftEdgeUpdate.exe (PID: 2192)
  • MicrosoftEdgeUpdate.exe (PID: 2156)
  • setup.exe (PID: 2996)
  • setup.exe (PID: 912)
  • MicrosoftEdgeUpdate.exe (PID: 3336)
  • MicrosoftEdgeUpdate.exe (PID: 2484)
  • MicrosoftEdgeUpdate.exe (PID: 3096)
  • MicrosoftEdgeUpdate.exe (PID: 3016)
  • MicrosoftEdgeUpdate.exe (PID: 2264)
Loads dropped or rewritten executable
  • msedge.exe (PID: 584)
  • MicrosoftEdgeUpdate.exe (PID: 2192)
  • MicrosoftEdgeUpdate.exe (PID: 2920)
  • MicrosoftEdgeUpdate.exe (PID: 3096)
  • MicrosoftEdgeUpdate.exe (PID: 2156)
  • MicrosoftEdgeUpdate.exe (PID: 3336)
  • MicrosoftEdgeUpdate.exe (PID: 3016)
  • MicrosoftEdgeUpdate.exe (PID: 2484)
  • MicrosoftEdgeUpdate.exe (PID: 2264)
Loads the Task Scheduler COM API
  • MicrosoftEdgeUpdate.exe (PID: 2264)
Changes the autorun value in the registry
  • MicrosoftEdgeUpdate.exe (PID: 2264)
Reads Internet Cache Settings
  • msedge.exe (PID: 584)
Executed via COM
  • MicrosoftEdgeUpdate.exe (PID: 2920)
  • MicrosoftEdgeUpdateOnDemand.exe (PID: 3448)
  • MicrosoftEdgeUpdate.exe (PID: 2484)
Executable content was dropped or overwritten
  • MicrosoftEdge_X86_80.0.327.0.exe (PID: 2852)
  • setup.exe (PID: 912)
  • downloadEdge.aspx.exe (PID: 2556)
  • MicrosoftEdgeUpdate.exe (PID: 2264)
Modifies the open verb of a shell class
  • setup.exe (PID: 912)
Application launched itself
  • msedge.exe (PID: 584)
  • MicrosoftEdgeUpdate.exe (PID: 2484)
Creates files in the user directory
  • setup.exe (PID: 912)
Creates a software uninstall entry
  • setup.exe (PID: 912)
Starts itself from another location
  • MicrosoftEdgeUpdate.exe (PID: 2264)
Creates COM task schedule object
  • MicrosoftEdgeUpdate.exe (PID: 3016)
Dropped object may contain Bitcoin addresses
  • msedge.exe (PID: 584)
Reads the hosts file
  • msedge.exe (PID: 792)
  • msedge.exe (PID: 584)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Static information

TRiD
.exe
|   Win64 Executable (generic) (76.4%)
.exe
|   Win32 Executable (generic) (12.4%)
.exe
|   Generic Win/DOS Executable (5.5%)
.exe
|   DOS Executable Generic (5.5%)
EXIF
EXE
MachineType:
Intel 386 or later, and compatibles
TimeStamp:
2019:11:03 08:30:16+01:00
PEType:
PE32
LinkerVersion:
14.16
CodeSize:
94720
InitializedDataSize:
1657856
UninitializedDataSize:
null
EntryPoint:
0x5396
OSVersion:
5.1
ImageVersion:
null
SubsystemVersion:
5.1
Subsystem:
Windows GUI
FileVersionNumber:
1.3.115.45
ProductVersionNumber:
1.3.115.45
FileFlagsMask:
0x003f
FileFlags:
(none)
FileOS:
Windows NT 32-bit
ObjectFileType:
Executable application
FileSubtype:
null
LanguageCode:
English (U.S.)
CharacterSet:
Unicode
CompanyName:
Microsoft Corporation
FileDescription:
Microsoft Edge Update Setup
FileVersion:
1.3.115.45
InternalName:
Microsoft Edge Update Setup
LegalCopyright:
Copyright Microsoft Corporation
OriginalFileName:
MicrosoftEdgeUpdateSetup.exe
ProductName:
Microsoft Edge Update
ProductVersion:
1.3.115.45
UpstreamVersion:
1.3.99.0
LanguageId:
en
Summary
Architecture:
IMAGE_FILE_MACHINE_I386
Subsystem:
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date:
03-Nov-2019 07:30:16
Detected languages
Afrikaans - South Africa
Albanian - Albania
Arabic - Saudi Arabia
Armenian - Armenia
Azeri - Azerbaijan (Latin)
Basque - Spain
Belarusian - Belarus
Bulgarian - Bulgaria
Catalan - Spain
Chinese - PRC
Chinese - Taiwan
Croatian - Croatia
Czech - Czech Republic
Danish - Denmark
Dutch - Netherlands
English - United Kingdom
English - United States
Estonian - Estonia
F.Y.R.O. Macedonia - F.Y.R.O. Macedonia
Farsi - Iran
Finnish - Finland
French - Canada
French - France
Galician - Spain
Georgian - Georgia
German - Germany
Greek - Greece
Gujarati - India
Hebrew - Israel
Hindi - India
Hungarian - Hungary
Icelandic - Iceland
Indonesian - Indonesia (Bahasa)
Italian - Italy
Japanese - Japan
Kannada - India (Kannada script)
Kazakh - Kazakstan
Konkani - India
Korean - Korea
Kyrgyz - Kyrgyzstan
Latvian - Latvia
Lithuanian - Lithuania
Malay - Malaysia
Marathi - India
Mongolian (Cyrillic) - Mongolia
Norwegian - Norway (Bokmal)
Norwegian - Norway (Nynorsk)
Polish - Poland
Portuguese - Brazil
Portuguese - Portugal
Punjabi - India (Gurmukhi script)
Romanian - Romania
Russian - Russia
Serbian - Serbia (Latin)
Slovak - Slovakia
Slovenian - Slovenia
Spanish - Mexico
Spanish - Spain (International sort)
Swahili - Kenya
Swedish - Sweden
Tamil - India
Tatar - Tatarstan
Telugu - India (Telugu script)
Thai - Thailand
Turkish - Turkey
Ukrainian - Ukraine
Urdu - Pakistan
Uzbek - Uzbekistan (Latin)
Vietnamese - Viet Nam
Debug artifacts
mi_exe_stub.pdb
CompanyName:
Microsoft Corporation
FileDescription:
Microsoft Edge Update Setup
FileVersion:
1.3.115.45
InternalName:
Microsoft Edge Update Setup
LegalCopyright:
Copyright Microsoft Corporation
OriginalFilename:
MicrosoftEdgeUpdateSetup.exe
ProductName:
Microsoft Edge Update
ProductVersion:
1.3.115.45
UpstreamVersion:
1.3.99.0
LanguageId:
en
DOS Header
Magic number:
MZ
Bytes on last page of file:
0x0090
Pages in file:
0x0003
Relocations:
0x0000
Size of header:
0x0004
Min extra paragraphs:
0x0000
Max extra paragraphs:
0xFFFF
Initial SS value:
0x0000
Initial SP value:
0x00B8
Checksum:
0x0000
Initial IP value:
0x0000
Initial CS value:
0x0000
Overlay number:
0x0000
OEM identifier:
0x0000
OEM information:
0x0000
Address of NE header:
0x00000108
PE Headers
Signature:
PE
Machine:
IMAGE_FILE_MACHINE_I386
Number of sections:
5
Time date stamp:
03-Nov-2019 07:30:16
Pointer to Symbol Table:
0x00000000
Number of symbols:
0
Size of Optional Header:
0x00E0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
Sections
Name Virtual Address Virtual Size Raw Size Charateristics Entropy
.text 0x00001000 0x00017001 0x00017200 IMAGE_SCN_CNT_CODE,IMAGE_SCN_MEM_EXECUTE,IMAGE_SCN_MEM_READ 6.66417
.rdata 0x00019000 0x000073F0 0x00007400 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 5.27282
.data 0x00021000 0x00001400 0x00000A00 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ,IMAGE_SCN_MEM_WRITE 2.24299
.rsrc 0x00023000 0x0018B874 0x0018BA00 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_READ 7.98461
.reloc 0x001AF000 0x0000124C 0x00001400 IMAGE_SCN_CNT_INITIALIZED_DATA,IMAGE_SCN_MEM_DISCARDABLE,IMAGE_SCN_MEM_READ 6.28351
Resources
1

2

3

4

5

6

101

102

1223

Imports
    KERNEL32.dll

    SHLWAPI.dll

    ADVAPI32.dll

    ole32.dll

    SHELL32.dll

    USER32.dll

Exports

    No exports.

Screenshots

Processes

Total processes
80
Monitored processes
42
Malicious processes
11
Suspicious processes
1

Behavior graph

+
drop and start start drop and start drop and start drop and start drop and start drop and start downloadedge.aspx.exe microsoftedgeupdate.exe microsoftedgeupdate.exe no specs microsoftedgeupdate.exe microsoftedgeupdate.exe no specs microsoftedgeupdate.exe microsoftedge_x86_80.0.327.0.exe setup.exe setup.exe no specs msedge.exe msedge.exe no specs microsoftedgeupdate.exe msedge.exe no specs msedge.exe msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs msedge.exe no specs microsoftedgeupdateondemand.exe no specs msedge.exe no specs microsoftedgeupdate.exe no specs microsoftedgeupdate.exe msedge.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2556
CMD
"C:\Users\admin\Desktop\downloadEdge.aspx.exe"
Path
C:\Users\admin\Desktop\downloadEdge.aspx.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update Setup
Version
1.3.115.45
Modules
Image
c:\users\admin\desktop\downloadedge.aspx.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\eubaaf.tmp\microsoftedgeupdate.exe

PID
2264
CMD
C:\Users\admin\AppData\Local\Temp\EUBAAF.tmp\MicrosoftEdgeUpdate.exe /installsource taggedmi /install "appguid={65C35B14-6C1D-4122-AC46-7148CC9D6497}&appname=Microsoft%20Edge%20Canary&needsadmin=false&usagestats=0&iid={aa6d67c9-5efb-5f9c-9f8e-8ee551de80ff}&lang=en"
Path
C:\Users\admin\AppData\Local\Temp\EUBAAF.tmp\MicrosoftEdgeUpdate.exe
Indicators
Parent process
downloadEdge.aspx.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\temp\eubaaf.tmp\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\users\admin\appdata\local\temp\eubaaf.tmp\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\temp\eubaaf.tmp\msedgeupdateres_en.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\iconcodecservice.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\psapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\taskschd.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\shdocvw.dll

PID
3016
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
No indicators
Parent process
MicrosoftEdgeUpdate.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\psuser.dll

PID
2156
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xMTUuNDUiIHNoZWxsX3ZlcnNpb249IjEuMy4xMTUuNDUiIGlzbWFjaGluZT0iMCIgc2Vzc2lvbmlkPSJ7RTJGOEVENjQtRTE5Ny00MDVGLTgyMkEtREI2MzM3MzcyNDRGfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezc3M0IyNDBDLTE1QjctNENDRi1BMEU5LUIyMjZCMjc4MTI3NX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iMyIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iNi4xLjc2MDEuMCIgc3A9IlNlcnZpY2UgUGFjayAxIiBhcmNoPSJ4ODYiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMS4zLjExNS40NSIgbGFuZz0iZW4iIGJyYW5kPSIiIGNsaWVudD0iIiBpaWQ9IntBQTZENjdDOS01RUZCLTVGOUMtOUY4RS04RUU1NTFERTgwRkZ9Ij48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBpbnN0YWxsX3RpbWVfbXM9IjkzNyIvPjwvYXBwPjwvcmVxdWVzdD4
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
Parent process
MicrosoftEdgeUpdate.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\gpapi.dll

PID
3096
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={65C35B14-6C1D-4122-AC46-7148CC9D6497}&appname=Microsoft%20Edge%20Canary&needsadmin=false&usagestats=0&iid={aa6d67c9-5efb-5f9c-9f8e-8ee551de80ff}&lang=en" /installsource taggedmi /sessionid "{E2F8ED64-E197-405F-822A-DB633737244F}"
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
No indicators
Parent process
MicrosoftEdgeUpdate.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdateres_en.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\psuser.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\iconcodecservice.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\apphelp.dll

PID
2484
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" -Embedding
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdateres_en.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\psuser.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\credssp.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\qmgrprxy.dll
c:\windows\system32\bitsprx4.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\install\{bf034ab5-af27-4a0e-822e-1905a7c98da2}\microsoftedge_x86_80.0.327.0.exe
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\shdocvw.dll

PID
2852
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{BF034AB5-AF27-4A0E-822E-1905A7C98DA2}\MicrosoftEdge_X86_80.0.327.0.exe" --msedge-sxs --verbose-logging --do-not-launch-msedge
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\Install\{BF034AB5-AF27-4A0E-822E-1905A7C98DA2}\MicrosoftEdge_X86_80.0.327.0.exe
Indicators
Parent process
MicrosoftEdgeUpdate.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Installer
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\install\{bf034ab5-af27-4a0e-822e-1905a7c98da2}\microsoftedge_x86_80.0.327.0.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\cr_3b18b.tmp\setup.exe

PID
912
CMD
"C:\Users\admin\AppData\Local\Temp\CR_3B18B.tmp\setup.exe" --install-archive="C:\Users\admin\AppData\Local\Temp\CR_3B18B.tmp\MSEDGE.PACKED.7Z" --msedge-sxs --verbose-logging --do-not-launch-msedge
Path
C:\Users\admin\AppData\Local\Temp\CR_3B18B.tmp\setup.exe
Indicators
Parent process
MicrosoftEdge_X86_80.0.327.0.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Installer
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\temp\cr_3b18b.tmp\setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sechost.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\propsys.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\acppage.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\mssprxy.dll

PID
2996
CMD
C:\Users\admin\AppData\Local\Temp\CR_3B18B.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge SxS\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel=canary --annotation=chromium-version=80.0.3955.0 --annotation=exe=C:\Users\admin\AppData\Local\Temp\CR_3B18B.tmp\setup.exe --annotation=plat=Win32 --annotation=prod=Edge --annotation=ver=80.0.327.0 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0xc7b930,0xc7b940,0xc7b94c
Path
C:\Users\admin\AppData\Local\Temp\CR_3B18B.tmp\setup.exe
Indicators
No indicators
Parent process
setup.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Installer
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\temp\cr_3b18b.tmp\setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sechost.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\samcli.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
584
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe"
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
Parent process
MicrosoftEdgeUpdate.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\srvcli.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\clbcatq.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\microsoft_apis.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\libsmartscreen.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\oneauth.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\mscms.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\onramp.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\telclient.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\oneds.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\aepic.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\mfreadwrite.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\xpsprint.dll
c:\windows\system32\bthprops.cpl
c:\windows\system32\wbem\wmiperfinst.dll
c:\windows\system32\pdh.dll
c:\windows\system32\samcli.dll
c:\windows\system32\samlib.dll
c:\windows\system32\mpr.dll
c:\windows\system32\devenum.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\avicap32.dll
c:\windows\system32\msvfw32.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\psuser.dll

PID
3292
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge SxS\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge SxS\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Microsoft\Edge SxS\User Data" --annotation=IsOfficialBuild=1 --annotation=channel=canary --annotation=chromium-version=80.0.3955.0 "--annotation=exe=C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --annotation=plat=Win32 --annotation=prod=Edge --annotation=ver=80.0.327.0 --initial-client-data=0x30,0x34,0x38,0x2c,0x3c,0x6fed5a10,0x6fed5a20,0x6fed5a2c
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll

PID
3336
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xMTUuNDUiIHNoZWxsX3ZlcnNpb249IjEuMy4xMTUuNDUiIGlzbWFjaGluZT0iMCIgc2Vzc2lvbmlkPSJ7RTJGOEVENjQtRTE5Ny00MDVGLTgyMkEtREI2MzM3MzcyNDRGfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezcwMTY3QzNELTUzNkUtNEVCNi1CNDk5LTg0ODZENkI4RDlBMX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgcGh5c21lbW9yeT0iMyIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iNi4xLjc2MDEuMCIgc3A9IlNlcnZpY2UgUGFjayAxIiBhcmNoPSJ4ODYiLz48YXBwIGFwcGlkPSJ7NjVDMzVCMTQtNkMxRC00MTIyLUFDNDYtNzE0OENDOUQ2NDk3fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iODAuMC4zMjcuMCIgbGFuZz0iZW4iIGJyYW5kPSIiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIiBpaWQ9IntBQTZENjdDOS01RUZCLTVGOUMtOUY4RS04RUU1NTFERTgwRkZ9Ij48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzNmYTYyYWRkLTQzNGQtNGJiMy04MzI2LTRlMjQ4ODFhNDZiNz9QMT0xNTczMzE2ODYxJmFtcDtQMj00MDImYW1wO1AzPTImYW1wO1A0PVcwUUJPSHBFMUgwJTJmVlJ1OGJrTVZySkc1dnJQd2VhV3lBbk16cDMwa0VlbTlQTSUyYmZ4VTJpUVg4dWJZcDdTNlJSQVN4SWwxTlhhTDRMJTJiRyUyYkRUTEE1bFElM2QlM2QiIGRvd25sb2FkZWQ9IjY4ODEyODAwIiB0b3RhbD0iNjg4MTI4MDAiIGRvd25sb2FkX3RpbWVfbXM9IjQxMjgyIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc291cmNlX3VybF9pbmRleD0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iNTQ4NSIgZG93bmxvYWRfdGltZV9tcz0iNDI3OTciIGRvd25sb2FkZWQ9IjY4ODEyODAwIiB0b3RhbD0iNjg4MTI4MDAiIGluc3RhbGxfdGltZV9tcz0iMTAwNzgiLz48L2FwcD48L3JlcXVlc3Q-
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
Parent process
MicrosoftEdgeUpdate.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\schannel.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wship6.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\credssp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\gpapi.dll

PID
3836
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=gpu-process --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=18422527852792804232 --mojo-platform-channel-handle=1060 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
4
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\d3dcompiler_47.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\libglesv2.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\libegl.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\d3d9.dll
c:\windows\system32\d3d8thk.dll

PID
792
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=network --service-request-channel-token=2821863624397778172 --mojo-platform-channel-handle=1512 /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
Parent process
msedge.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll

PID
3872
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9471582932553002748 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2816 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2892
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15950391546829496841 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1048 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1552
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --no-sandbox --service-request-channel-token=4338979723436601532 --mojo-platform-channel-handle=2884 /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\iertutil.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\mlang.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\propsys.dll

PID
1268
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1472895821470680503 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2952
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9344294232538658963 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2880 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3832
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14384399949597545077 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3004 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3908
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7896384024985432618 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1148 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2452
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4187582997232932425 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1532
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=gpu-process --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=12880332982298901223 --mojo-platform-channel-handle=3356 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\swiftshader\libglesv2.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\swiftshader\libegl.dll

PID
3852
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=utility --service-request-channel-token=13591242436601026906 --mojo-platform-channel-handle=3388 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3488
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11910839039353699306 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2884 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3592
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13472939443916122979 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2784
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12837593751186643342 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1424
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15615404753474821 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2932
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11258192698947463718 --mojo-platform-channel-handle=6468 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1768
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11516702321399882755 --mojo-platform-channel-handle=6336 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2660
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=utility --service-request-channel-token=13498829622875383713 --mojo-platform-channel-handle=6236 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
272
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=utility --service-request-channel-token=19655837371601337 --mojo-platform-channel-handle=6536 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2180
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=utility --service-request-channel-token=5338228077368820905 --mojo-platform-channel-handle=6188 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2924
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10521729088652617997 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2200
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11832290267130572163 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3752
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8059045042212458226 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3052
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=renderer --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --disable-gpu-compositing --lang=en-US --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2216516320698711826 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4436 /prefetch:1
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3448
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\MicrosoftEdgeUpdateOnDemand.exe" -Embedding
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\MicrosoftEdgeUpdateOnDemand.exe
Indicators
No indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\microsoftedgeupdateondemand.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe

PID
2560
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --service-sandbox-type=audio --service-request-channel-token=14888829485375023590 --mojo-platform-channel-handle=6064 --ignored=" --type=renderer " /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
LOW
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll

PID
2192
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ondemand
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
No indicators
Parent process
MicrosoftEdgeUpdateOnDemand.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdateres_en.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\psuser.dll

PID
2920
CMD
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" -Embedding
Path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge Update
Version
1.3.115.45
Modules
Image
c:\users\admin\appdata\local\microsoft\edgeupdate\microsoftedgeupdate.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdate.dll
c:\windows\system32\version.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\msedgeupdateres_en.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\users\admin\appdata\local\microsoft\edgeupdate\1.3.115.45\psuser.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\credssp.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshqos.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\gpapi.dll

PID
2636
CMD
"C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe" --type=utility --field-trial-handle=1044,2730117674221367238,9092561558199934531,131072 --lang=en-US --no-sandbox --service-request-channel-token=7967855911664135454 --mojo-platform-channel-handle=1840 /prefetch:8
Path
C:\Users\admin\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe
Indicators
No indicators
Parent process
msedge.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Microsoft Corporation
Description
Microsoft Edge
Version
80.0.327.0
Modules
Image
c:\users\admin\appdata\local\microsoft\edge sxs\application\msedge.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\users\admin\appdata\local\microsoft\edge sxs\application\80.0.327.0\msedge.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sendmail.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\fxsresm.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

Registry activity

Total events
4447
Read events
2252
Write events
2181
Delete events
14

Modification events

PID
Process
Operation
Key
Name
Value
2264
MicrosoftEdgeUpdate.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{773B240C-15B7-4CCF-A0E9-B226B2781275}
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
consentcommunicated
0
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
usagestats
0
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
urlstats
0
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate
path
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate
UninstallCmdLine
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /uninstall
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\Clients\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
pv
1.3.115.45
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\Clients\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
name
Microsoft Edge Update
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
pv
1.3.115.45
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft Edge Update
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\MicrosoftEdgeUpdateCore.exe
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate
IsMSIHelperRegistered
0
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate
LastOSVersion
1C0100000600000001000000B11D000002000000530065007200760069006300650020005000610063006B00200031000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000010100
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate
version
1.3.115.45
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
iid
{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
brand
GGLS
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
InstallTime
1573230454
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
DayOfInstall
4294967295
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
DayOfLastActivity
4294967295
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
DayOfLastRollCall
4294967295
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}
InstallSource
taggedmi
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{773B240C-15B7-4CCF-A0E9-B226B2781275}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{773B240C-15B7-4CCF-A0E9-B226B2781275}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}" version="" nextversion="1.3.115.45" lang="en" brand="" client="" iid="{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}"><event eventtype="2" eventresult="1" errorcode="0" extracode1="0" install_time_ms="937"/></app></request>
2264
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{773B240C-15B7-4CCF-A0E9-B226B2781275}
PersistedPingTime
132177040549771250
3016
MicrosoftEdgeUpdate.exe
delete key
HKEY_CLASSES_ROOT\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32
3016
MicrosoftEdgeUpdate.exe
delete key
HKEY_CLASSES_ROOT\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}
3016
MicrosoftEdgeUpdate.exe
delete key
HKEY_CLASSES_ROOT\CLSID\{558F2D69-068B-4549-A40D-5E79810AE374}\InprocHandler32
3016
MicrosoftEdgeUpdate.exe
delete key
HKEY_CLASSES_ROOT\CLSID\{558F2D69-068B-4549-A40D-5E79810AE374}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\psuser.dll
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32
ThreadingModel
Both
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{558F2D69-068B-4549-A40D-5E79810AE374}\InprocHandler32
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\psuser.dll
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{558F2D69-068B-4549-A40D-5E79810AE374}\InprocHandler32
ThreadingModel
Both
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}\InProcServer32
C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\psuser.dll
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}\InProcServer32
ThreadingModel
Both
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
PSFactoryBuffer
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}
IGoogleUpdate
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods
5
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}
IPackage
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods
10
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}
IApp2
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods
43
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}
IProcessLauncher
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods
6
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}
IAppCommand2
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods
12
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}
IAppVersion
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods
10
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}
IBrowserHttpRequest2
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods
4
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}
IGoogleUpdateCore
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods
4
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}
ICoCreateAsyncStatus
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods
10
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}
IAppBundle
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods
41
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}
IAppWeb
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods
17
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}
IJobObserver2
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods
4
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}
ICurrentState
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods
24
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}
ICredentialDialog
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods
4
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}
IJobObserver
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods
13
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}
IApp
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods
41
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}
ICoCreateAsync
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods
4
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}
IAppCommand
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods
11
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}
IRegistrationUpdateHook
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods
8
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}
IAppCommandWeb
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods
11
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}
IGoogleUpdate3
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods
10
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}
IAppBundleWeb
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods
24
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}
IGoogleUpdate3WebSecurity
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods
4
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}
IProgressWndEvents
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods
9
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}
IGoogleUpdate3Web
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods
8
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}
IProcessLauncher2
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods
7
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32
{3F00D435-6779-4BF3-AC92-FE3E8E6A88BB}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}
IAppVersionWeb
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods
10
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3COMClassUser.1.0
Update3COMClass
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3COMClassUser.1.0\CLSID
{59E5039B-6524-481C-A78C-E680D7BF086C}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3COMClassUser
Update3COMClass
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3COMClassUser\CLSID
{59E5039B-6524-481C-A78C-E680D7BF086C}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3COMClassUser\CurVer
MicrosoftEdgeUpdate.Update3COMClassUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{59E5039B-6524-481C-A78C-E680D7BF086C}
Update3COMClass
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{59E5039B-6524-481C-A78C-E680D7BF086C}\ProgID
MicrosoftEdgeUpdate.Update3COMClassUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{59E5039B-6524-481C-A78C-E680D7BF086C}\VersionIndependentProgID
MicrosoftEdgeUpdate.Update3COMClassUser
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{59E5039B-6524-481C-A78C-E680D7BF086C}\LocalServer32
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe"
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3WebUser.1.0
Microsoft Edge Update Update3Web
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3WebUser.1.0\CLSID
{02FCF358-FC8A-4CE4-AD4F-E29CD2D17A58}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3WebUser
Microsoft Edge Update Update3Web
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3WebUser\CLSID
{02FCF358-FC8A-4CE4-AD4F-E29CD2D17A58}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.Update3WebUser\CurVer
MicrosoftEdgeUpdate.Update3WebUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{02FCF358-FC8A-4CE4-AD4F-E29CD2D17A58}
Microsoft Edge Update Update3Web
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{02FCF358-FC8A-4CE4-AD4F-E29CD2D17A58}\ProgID
MicrosoftEdgeUpdate.Update3WebUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{02FCF358-FC8A-4CE4-AD4F-E29CD2D17A58}\VersionIndependentProgID
MicrosoftEdgeUpdate.Update3WebUser
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{02FCF358-FC8A-4CE4-AD4F-E29CD2D17A58}\LocalServer32
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\MicrosoftEdgeUpdateOnDemand.exe"
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.OnDemandCOMClassUser.1.0
Microsoft Edge Update Legacy On Demand
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.OnDemandCOMClassUser.1.0\CLSID
{E0DCAE7C-1D0A-4AD0-B92C-2FFDAEE1562B}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.OnDemandCOMClassUser
Microsoft Edge Update Legacy On Demand
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.OnDemandCOMClassUser\CLSID
{E0DCAE7C-1D0A-4AD0-B92C-2FFDAEE1562B}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.OnDemandCOMClassUser\CurVer
MicrosoftEdgeUpdate.OnDemandCOMClassUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{E0DCAE7C-1D0A-4AD0-B92C-2FFDAEE1562B}
Microsoft Edge Update Legacy On Demand
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{E0DCAE7C-1D0A-4AD0-B92C-2FFDAEE1562B}\ProgID
MicrosoftEdgeUpdate.OnDemandCOMClassUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{E0DCAE7C-1D0A-4AD0-B92C-2FFDAEE1562B}\VersionIndependentProgID
MicrosoftEdgeUpdate.OnDemandCOMClassUser
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{E0DCAE7C-1D0A-4AD0-B92C-2FFDAEE1562B}\LocalServer32
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\MicrosoftEdgeUpdateOnDemand.exe"
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.CredentialDialogUser.1.0
Microsoft Edge Update CredentialDialog
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.CredentialDialogUser.1.0\CLSID
{2F49C178-F8BF-43FD-B8F2-1A5B9D6BAD8E}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.CredentialDialogUser
Microsoft Edge Update CredentialDialog
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.CredentialDialogUser\CLSID
{2F49C178-F8BF-43FD-B8F2-1A5B9D6BAD8E}
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\MicrosoftEdgeUpdate.CredentialDialogUser\CurVer
MicrosoftEdgeUpdate.CredentialDialogUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{2F49C178-F8BF-43FD-B8F2-1A5B9D6BAD8E}
Microsoft Edge Update CredentialDialog
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{2F49C178-F8BF-43FD-B8F2-1A5B9D6BAD8E}\ProgID
MicrosoftEdgeUpdate.CredentialDialogUser.1.0
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{2F49C178-F8BF-43FD-B8F2-1A5B9D6BAD8E}\VersionIndependentProgID
MicrosoftEdgeUpdate.CredentialDialogUser
3016
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\CLSID\{2F49C178-F8BF-43FD-B8F2-1A5B9D6BAD8E}\LocalServer32
"C:\Users\admin\AppData\Local\Microsoft\EdgeUpdate\1.3.115.45\MicrosoftEdgeUpdateOnDemand.exe"
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASAPI32
EnableFileTracing
0
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASAPI32
EnableConsoleTracing
0
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASAPI32
FileTracingMask
4294901760
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASAPI32
ConsoleTracingMask
4294901760
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASAPI32
MaxFileSize
1048576
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASAPI32
FileDirectory
%windir%\tracing
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASMANCS
EnableFileTracing
0
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASMANCS
EnableConsoleTracing
0
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASMANCS
FileTracingMask
4294901760
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASMANCS
ConsoleTracingMask
4294901760
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASMANCS
MaxFileSize
1048576
2156
MicrosoftEdgeUpdate.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MicrosoftEdgeUpdate_RASMANCS
FileDirectory
%windir%\tracing
2156
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2156
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000092000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2156
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
LanguageList
en-US
3096
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
consentcommunicated
0
3096
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
usagestats
0
3096
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
urlstats
0
2484
MicrosoftEdgeUpdate.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{861B4B90-D0BE-4013-B045-572F0950EEA7}
2484
MicrosoftEdgeUpdate.exe
delete key
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{861B4B90-D0BE-4013-B045-572F0950EEA7}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{861B4B90-D0BE-4013-B045-572F0950EEA7}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/></request>
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{861B4B90-D0BE-4013-B045-572F0950EEA7}
PersistedPingTime
132177040556958750
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
StateValue
3
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
LanguageList
en-US
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
@%SystemRoot%\system32\p2pcollab.dll,-8042
Peer to Peer Trust
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
@%SystemRoot%\system32\qagentrt.dll,-10
System Health Authentication
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
@%SystemRoot%\system32\dnsapi.dll,-103
Domain Name System (DNS) Server Trust
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
BitLocker Drive Encryption
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
BitLocker Data Recovery Agent
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\proxy
source
auto
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate
ConsecutiveCheckFailures
0
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
ping_freshness
{B7D35475-FBAF-48C1-BA72-E985F014BC72}
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
StateValue
4
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{70167C3D-536E-4EB6-B499-8486D6B8D9A1}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{65C35B14-6C1D-4122-AC46-7148CC9D6497}" version="" nextversion="80.0.327.0" lang="en" brand="" client="" installage="-1" installdate="-1" iid="{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/></app></request>
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingTime
132177040612896250
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
4294967295
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
0
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
StateValue
5
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{70167C3D-536E-4EB6-B499-8486D6B8D9A1}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{65C35B14-6C1D-4122-AC46-7148CC9D6497}" version="" nextversion="80.0.327.0" lang="en" brand="" client="" installage="-1" installdate="-1" iid="{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/></app></request>
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingTime
132177040619146250
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
StateValue
7
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
1
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
39603
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
3
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
38115
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
4
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
36797
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
6
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
35950
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
8
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
35195
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
9
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
34485
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
11
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
33818
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
12
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
32606
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
14
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
32027
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
15
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
31449
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
17
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
30973
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
18
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
30393
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
20
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
29813
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
21
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
29232
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
23
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
28652
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
24
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
27979
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
26
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
27401
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
27
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
26822
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
29
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
26244
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
30
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
25836
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
32
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
25254
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
33
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
24754
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
35
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
24010
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
36
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
23430
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
38
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
22849
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
40
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
23452
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
41
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
22845
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
42
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
22085
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
44
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
21482
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
45
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
20807
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
47
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
20346
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
48
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
19741
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
50
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
19136
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
51
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
17713
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
53
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
17135
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
54
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
16556
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
56
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
15978
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
57
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
15399
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
59
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
14821
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
60
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
14243
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
62
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
13664
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
64
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
13086
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
65
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
12460
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
67
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
12812
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
12206
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
69
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
11599
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
70
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
10955
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
72
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
10386
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
73
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
9780
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
75
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
9142
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
76
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
8567
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
78
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
7562
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
80
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
6986
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
81
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
6410
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
83
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
5876
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
84
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
5261
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
86
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
4684
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
87
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
4121
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
89
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
3543
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
90
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
2965
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
92
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
2491
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
93
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
1887
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
95
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
1280
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
96
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
680
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
98
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
76
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
99
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadTimeRemainingMs
0
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
DownloadProgressPercent
100
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{70167C3D-536E-4EB6-B499-8486D6B8D9A1}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{65C35B14-6C1D-4122-AC46-7148CC9D6497}" version="" nextversion="80.0.327.0" lang="en" brand="" client="" installage="-1" installdate="-1" iid="{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" source_url_index="0" downloader="bits" url="http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/3fa62add-434d-4bb3-8326-4e24881a46b7?P1=1573316861&amp;P2=402&amp;P3=2&amp;P4=W0QBOHpE1H0%2fVRu8bkMVrJG5vrPweaWyAnMzp30kEem9PM%2bfxU2iQX8ubYp7S6RRASxIl1NXaL4L%2bG%2bDTLA5lQ%3d%3d" downloaded="68812800" total="68812800" download_time_ms="41282"/></app></request>
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingTime
132177041046958750
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{70167C3D-536E-4EB6-B499-8486D6B8D9A1}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{65C35B14-6C1D-4122-AC46-7148CC9D6497}" version="" nextversion="80.0.327.0" lang="en" brand="" client="" installage="-1" installdate="-1" iid="{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" source_url_index="0" downloader="bits" url="http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/3fa62add-434d-4bb3-8326-4e24881a46b7?P1=1573316861&amp;P2=402&amp;P3=2&amp;P4=W0QBOHpE1H0%2fVRu8bkMVrJG5vrPweaWyAnMzp30kEem9PM%2bfxU2iQX8ubYp7S6RRASxIl1NXaL4L%2bG%2bDTLA5lQ%3d%3d" downloaded="68812800" total="68812800" download_time_ms="41282"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" source_url_index="0"/></app></request>
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingTime
132177041047115000
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
InstallSource
taggedmi
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
StateValue
12
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingString
<?xml version="1.0" encoding="UTF-8"?><request protocol="3.0" updater="Omaha" updaterversion="1.3.115.45" shell_version="1.3.115.45" ismachine="0" sessionid="{E2F8ED64-E197-405F-822A-DB633737244F}" installsource="taggedmi" requestid="{70167C3D-536E-4EB6-B499-8486D6B8D9A1}" dedup="cr" domainjoined="0"><hw physmemory="3" sse="1" sse2="1" sse3="1" ssse3="1" sse41="1" sse42="1" avx="1"/><os platform="win" version="6.1.7601.0" sp="Service Pack 1" arch="x86"/><app appid="{65C35B14-6C1D-4122-AC46-7148CC9D6497}" version="" nextversion="80.0.327.0" lang="en" brand="" client="" installage="-1" installdate="-1" iid="{AA6D67C9-5EFB-5F9C-9F8E-8EE551DE80FF}"><event eventtype="9" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="5" eventresult="1" errorcode="0" extracode1="0"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" source_url_index="0" downloader="bits" url="http://msedge.f.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/3fa62add-434d-4bb3-8326-4e24881a46b7?P1=1573316861&amp;P2=402&amp;P3=2&amp;P4=W0QBOHpE1H0%2fVRu8bkMVrJG5vrPweaWyAnMzp30kEem9PM%2bfxU2iQX8ubYp7S6RRASxIl1NXaL4L%2bG%2bDTLA5lQ%3d%3d" downloaded="68812800" total="68812800" download_time_ms="41282"/><event eventtype="1" eventresult="1" errorcode="0" extracode1="0" source_url_index="0"/><event eventtype="6" eventresult="1" errorcode="0" extracode1="0"/></app></request>
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\PersistedPings\{70167C3D-536E-4EB6-B499-8486D6B8D9A1}
PersistedPingTime
132177041055083750
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
lang
en
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
brand
GGLS
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
InstallTime
1573230505
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
DayOfInstall
4694
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
DayOfLastActivity
4294967295
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
DayOfLastRollCall
4294967295
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
consentcommunicated
0
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
usagestats
0
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}
urlstats
0
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
InstallTimeRemainingMs
4294967295
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
InstallProgressPercent
4294967295
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
StateValue
13
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
InstallProgressPercent
24
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentState
InstallProgressPercent
37
2484
MicrosoftEdgeUpdate.exe
write
HKEY_CURRENT_USER\Software\Microsoft\EdgeUpdate\ClientState\{65C35B14-6C1D-4122-AC46-7148CC9D6497}\CurrentSt