P
pixelbotz
Guest
Hello there,
The URL is shown as "established' even when I'm not using the Edge browser. Kindly help me clarifying the following concerns.
1. Since no browser session is opened, can this be a remote session exploit ? If so, what is the mitigation action ?
2. DISM and SFC results. Since the process is EdgeCP.exe, and even after the DISM and SFC scan is completed, I could see the same 'established' state. Does that mean it is a browser exploit or file exploit ?
C:\WINDOWS\system32>DISM.exe /Online /Cleanup-image /Restorehealth
Deployment Image Servicing and Management tool
Version: 10.0.18362.1
Image Version: 10.0.18362.535
[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.
C:\WINDOWS\system32>sfc /scannow
Beginning system scan. This process will take some time.
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files and successfully repaired them.
3. The build has no third party AV. It has built in Defender and is up-to-date. Windows update has no issues and is up-to-date. No applications are installed except Office. The build is a clean Windows 10. How to get rid of it ?
Thank you and appreciate your help.
More...
The URL is shown as "established' even when I'm not using the Edge browser. Kindly help me clarifying the following concerns.
1. Since no browser session is opened, can this be a remote session exploit ? If so, what is the mitigation action ?
2. DISM and SFC results. Since the process is EdgeCP.exe, and even after the DISM and SFC scan is completed, I could see the same 'established' state. Does that mean it is a browser exploit or file exploit ?
C:\WINDOWS\system32>DISM.exe /Online /Cleanup-image /Restorehealth
Deployment Image Servicing and Management tool
Version: 10.0.18362.1
Image Version: 10.0.18362.535
[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.
C:\WINDOWS\system32>sfc /scannow
Beginning system scan. This process will take some time.
Beginning verification phase of system scan.
Verification 100% complete.
Windows Resource Protection found corrupt files and successfully repaired them.
3. The build has no third party AV. It has built in Defender and is up-to-date. Windows update has no issues and is up-to-date. No applications are installed except Office. The build is a clean Windows 10. How to get rid of it ?
Thank you and appreciate your help.
More...