Why Directory Opus try to access my Edge browser's user data?

I used an assistant software which has a HIPS-like feature to protect data access.

Recently I found there are some strange access record on the log made by Directory Opus.

Here are some place the Directory Opus try to access(under %userprofile%\AppData\Local\Microsoft\Edge\User Data):

  • \Default\TransportSecurity
  • \Local State
  • \Service Worker\CacheStorage\*
  • \Service Worker\ScriptCache\index-dir\the-real-index
  • \Default\Secure Preferences
  • \Default\Preferences
  • \Default\Network Persistent State
  • \Default\IndexedDB\*
  • \Default\Code Cache\js\*
  • \CrashpadMetrics.pma
  • \Ad Blocking\blocklist

Can anyone explain why Directory Opus try to do this? I can not find any related option to turn it off.

It's nothing Opus is doing. Maybe a false positive, or a shell extension loaded into the Opus process. See if it happens when browsing to a particular folder or viewing a particular type of file, and then try the same thing in Explorer - probably the same thing will happen.

What kind of access? It's probably just responding to change notifications, and checking if the things being changed affect the folder tree or folders that are currently displayed. That can involve testing the file attributes (e.g. to check if something is a file, folder or junction) but shouldn't involve actually reading the file contents.

You can probably ignore it entirely.

Maybe you're right. But I checked the windows and folder tree I opened in Opus, just found no one related to the Edge browser. Now I consider it was the Edge browser's problem. Thanks.

If the folder tree is open, the whole drive is monitored, since the tree can potentially show any folder.

Even if the folder tree didn't open on the C drive? (for example: tree opened on the D drive which in the same disk with C drive)

The folder tree tends to show all drives, as well as lots of folders that are below the C drive, like the Desktop folder.