Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://fdcsa.cloud/
|
URL
|
initial url
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61020 bytes, 1 file
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\39b6b98b-7d12-40c2-b97d-752d91bbedae.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6360e0a7-6e46-4589-871d-a10cd40f8b1f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\725e4c38-90b5-4875-b707-1c5f7ea85135.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\75555033-d9d4-495c-8d13-3ef9bc2ba0a8.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\8a03defb-434f-4ac0-84ba-9295167521ca.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\589f4a07-1348-4da3-bd04-5f9d864b958a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\67dde7ba-e552-4549-8bc2-584627d9aa84.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\84ccd211-bfb7-4cba-a89a-11421272791a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9c70dfbb-5d70-4cde-9543-dae20d57e8d7.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.O (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabso (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateTM (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\4a7997b7-7e70-40f7-aa2b-246642427a01.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
Stateig (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old41
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\df8f9987-f205-4930-a922-5b9d25948763.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b76ab89e-32ff-4ad5-b7d9-0b6e8af308fc.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\d92bd89c-cf01-4f97-af30-abb6481dfe4f.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ef73dd49-96b2-447d-a078-d28d880cf8f8.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fe9de5a1-5d56-4c87-9da4-eb089892d156.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old8f (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache9. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bfe561cc-6a9f-4aa1-a343-40cf8d2d1545.tmp
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\c6e209dc-96a7-414f-8ab5-9ea627845bdc.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\17f48631-6b45-4544-a260-e8f38e57c44d.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\347a36aa-319c-48f8-8ce7-fb294122f515.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\8a96d594-65c1-4c63-85b7-ee7c5657af3d.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\feb76078-1049-4d4e-be06-b75005df854c.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\17f48631-6b45-4544-a260-e8f38e57c44d.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1577242799\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5620_1800079124\feb76078-1049-4d4e-be06-b75005df854c.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
There are 190 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://fdcsa.cloud/'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1616,316435080101015694,4571778294657744348,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1700 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.google.com
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
http://fdcsa.cloud/
|
162.0.217.32
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://fdcsa.cloud/
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://fdcsa.cloud/t
|
unknown
|
|
There are 10 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
216.58.205.77
|
|
|
|
fdcsa.cloud
|
162.0.217.32
|
|
|
|
clients.l.google.com
|
216.58.208.174
|
|
|
|
googlehosted.l.googleusercontent.com
|
216.58.208.129
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
216.58.208.174
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
162.0.217.32
|
fdcsa.cloud
|
Canada
|
|
|
|
216.58.205.77
|
accounts.google.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
216.58.208.129
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
StatusCodes
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
state
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.reporting
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
module_blacklist_cache_md5_digest
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
media.storage_id_salt
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.account_id
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_seed
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
default_search_provider_data.template_url_data
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
safebrowsing.incidents_sent
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
pinned_tabs
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
search_provider_overrides
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
prefs.preference_reset_time
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
google.services.last_username
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
session.restore_on_startup
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
software_reporter.prompt_version
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
settings_reset_prompt.prompt_wave
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
homepage_is_newtabpage
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
browser.show_home_button
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
lastrun
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
Blob
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
Blob
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
14D6EA2F000
|
unkown
|
page read and write
|
|
|
|
1988FDF0000
|
unkown
|
page readonly
|
|
|
|
7FF53F3D2000
|
unkown
|
page readonly
|
|
|
|
2602DB13000
|
unkown
|
page read and write
|
|
|
|
7FF53F4CE000
|
unkown
|
page readonly
|
|
|
|
7FF54998D000
|
unkown
|
page readonly
|
|
|
|
1988ECA0000
|
unkown
|
page readonly
|
|
|
|
F02187B000
|
unkown
|
page read and write
|
|
|
|
7FF53B7AF000
|
unkown
|
page readonly
|
|
|
|
7FF53F456000
|
unkown
|
page readonly
|
|
|
|
7FF53BB34000
|
unkown
|
page readonly
|
|
|
|
198943F4000
|
unkown
|
page readonly
|
|
|
|
2602D960000
|
unkown
|
page read and write
|
|
|
|
279F6902000
|
unkown
|
page read and write
|
|
|
|
7FF52FC79000
|
unkown
|
page readonly
|
|
|
|
198943E8000
|
unkown
|
page read and write
|
|
|
|
1988FE30000
|
unkown
|
page readonly
|
|
|
|
7FF53BABA000
|
unkown
|
page readonly
|
|
|
|
1DC8CC70000
|
heap private
|
page read and write
|
|
|
|
F0213FC000
|
unkown
|
page read and write
|
|
|
|
14D6E990000
|
heap private
|
page read and write
|
|
|
|
7FF51BE7C000
|
unkown
|
page readonly
|
|
|
|
2DDB1732000
|
unkown
|
page read and write
|
|
|
|
279F81A0000
|
unkown
|
page read and write
|
|
|
|
25198202000
|
unkown
|
page read and write
|
|
|
|
7FF577FFF000
|
unkown
|
page readonly
|
|
|
|
7B9567E000
|
unkown
|
page read and write
|
|
|
|
7FF5496D6000
|
unkown
|
page readonly
|
|
|
|
7FF51BE00000
|
unkown
|
page readonly
|
|
|
|
279F6878000
|
unkown
|
page read and write
|
|
|
|
1401EFD000
|
unkown
|
page read and write
|
|
|
|
19894450000
|
unkown
|
page readonly
|
|
|
|
279F6630000
|
heap private
|
page read and write
|
|
|
|
7FF5D5D5F000
|
unkown
|
page readonly
|
|
|
|
1988F602000
|
unkown
|
page read and write
|
|
|
|
7FF578021000
|
unkown
|
page readonly
|
|
|
|
4C7E77B000
|
unkown
|
page read and write
|
|
|
|
7FF577C77000
|
unkown
|
page readonly
|
|
|
|
7FF53B710000
|
unkown
|
page readonly
|
|
|
|
1988F000000
|
unkown
|
page readonly
|
|
|
|
1DC8CE24000
|
unkown
|
page read and write
|
|
|
|
7DFF39610000
|
unkown
|
page readonly
|
|
|
|
7FF53B951000
|
unkown
|
page readonly
|
|
|
|
1988EE91000
|
unkown
|
page read and write
|
|
|
|
7FF53F472000
|
unkown
|
page readonly
|
|
|
|
14022FE000
|
unkown
|
page read and write
|
|
|
|
7FF53B91F000
|
unkown
|
page readonly
|
|
|
|
7FF5775C3000
|
unkown
|
page readonly
|
|
|
|
1988F700000
|
unkown
|
page read and write
|
|
|
|
7FF53F365000
|
unkown
|
page readonly
|
|
|
|
140187B000
|
unkown
|
page read and write
|
|
|
|
7FF549A15000
|
unkown
|
page readonly
|
|
|
|
45BBEFF000
|
unkown
|
page read and write
|
|
|
|
19894330000
|
unkown
|
page read and write
|
|
|
|
7E383FE000
|
unkown
|
page read and write
|
|
|
|
25197A25000
|
unkown
|
page read and write
|
|
|
|
7FF5495EE000
|
unkown
|
page readonly
|
|
|
|
2602DC00000
|
unkown
|
page readonly
|
|
|
|
1DC8CE68000
|
unkown
|
page read and write
|
|
|
|
7FF5D5331000
|
unkown
|
page readonly
|
|
|
|
2602DA57000
|
unkown
|
page read and write
|
|
|
|
7FF53B93E000
|
unkown
|
page readonly
|
|
|
|
1988EE2A000
|
unkown
|
page read and write
|
|
|
|
7FF53BA77000
|
unkown
|
page readonly
|
|
|
|
2DDB1087000
|
unkown
|
page read and write
|
|
|
|
1401AFE000
|
unkown
|
page read and write
|
|
|
|
7FF53F3E2000
|
unkown
|
page readonly
|
|
|
|
19894420000
|
unkown
|
page read and write
|
|
|
|
19894570000
|
unkown
|
page readonly
|
|
|
|
7FF52FB86000
|
unkown
|
page readonly
|
|
|
|
19894600000
|
unkown
|
page read and write
|
|
|
|
1988ED70000
|
unkown
|
page readonly
|
|
|
|
7FF53B8CC000
|
unkown
|
page readonly
|
|
|
|
2DDB10E1000
|
unkown
|
page read and write
|
|
|
|
7FF53BAA6000
|
unkown
|
page readonly
|
|
|
|
7FF52FBAE000
|
unkown
|
page readonly
|
|
|
|
19894314000
|
unkown
|
page read and write
|
|
|
|
7FF5780B9000
|
unkown
|
page readonly
|
|
|
|
14D6EA55000
|
unkown
|
page read and write
|
|
|
|
279F685B000
|
unkown
|
page read and write
|
|
|
|
7FF577FB2000
|
unkown
|
page readonly
|
|
|
|
7FF53B3B0000
|
unkown
|
page readonly
|
|
|
|
198943E9000
|
unkown
|
page write copy
|
|
|
|
279F691C000
|
unkown
|
page read and write
|
|
|
|
7FF578026000
|
unkown
|
page readonly
|
|
|
|
198942FE000
|
unkown
|
page read and write
|
|
|
|
7FF53B76A000
|
unkown
|
page readonly
|
|
|
|
7FF53F3E6000
|
unkown
|
page readonly
|
|
|
|
7FF53B84E000
|
unkown
|
page readonly
|
|
|
|
7FF5D5E19000
|
unkown
|
page readonly
|
|
|
|
1988F881000
|
unkown
|
page read and write
|
|
|
|
7FF52FBDD000
|
unkown
|
page readonly
|
|
|
|
25197960000
|
unkown
|
page readonly
|
|
|
|
1DC8CDC0000
|
unkown
|
page readonly
|
|
|
|
7FF53BAE9000
|
unkown
|
page readonly
|
|
|
|
1DC8CF02000
|
unkown
|
page read and write
|
|
|
|
2DDB1043000
|
unkown
|
page read and write
|
|
|
|
14D6EA2A000
|
unkown
|
page read and write
|
|
|
|
ED9A68B000
|
unkown
|
page read and write
|
|
|
|
1989468D000
|
unkown
|
page read and write
|
|
|
|
7FF549828000
|
unkown
|
page readonly
|
|
|
|
1DC8D800000
|
unkown
|
page readonly
|
|
|
|
F02167E000
|
unkown
|
page read and write
|
|
|
|
7FF5D5BB8000
|
unkown
|
page readonly
|
|
|
|
279F6780000
|
unkown
|
page readonly
|
|
|
|
7FF52FC17000
|
unkown
|
page readonly
|
|
|
|
7DFD5A491000
|
unkown
|
page readonly
|
|
|
|
19894320000
|
unkown
|
page read and write
|
|
|
|
14D6F150000
|
unkown
|
page read and write
|
|
|
|
1DC8CDD0000
|
unkown
|
page read and write
|
|
|
|
7B9587E000
|
unkown
|
page read and write
|
|
|
|
7FF51BE86000
|
unkown
|
page readonly
|
|
|
|
7FF5499AA000
|
unkown
|
page readonly
|
|
|
|
7FF577F87000
|
unkown
|
page readonly
|
|
|
|
7FF5D5E11000
|
unkown
|
page readonly
|
|
|
|
4C7E1FE000
|
unkown
|
page read and write
|
|
|
|
19894410000
|
unkown
|
page read and write
|
|
|
|
7FF51BDB7000
|
unkown
|
page readonly
|
|
|
|
1DC8CE00000
|
unkown
|
page read and write
|
|
|
|
14D6EA5F000
|
unkown
|
page read and write
|
|
|
|
7FF5D5D3A000
|
unkown
|
page readonly
|
|
|
|
1988EE00000
|
unkown
|
page read and write
|
|
|
|
14D6EA63000
|
unkown
|
page read and write
|
|
|
|
1DC8D390000
|
unkown
|
page readonly
|
|
|
|
7FF53BA88000
|
unkown
|
page readonly
|
|
|
|
7FF53F2A9000
|
unkown
|
page readonly
|
|
|
|
7FF5D5BE9000
|
unkown
|
page readonly
|
|
|
|
1401A7B000
|
unkown
|
page read and write
|
|
|
|
7FF57802C000
|
unkown
|
page readonly
|
|
|
|
19894540000
|
unkown
|
page read and write
|
|
|
|
14D6EA6E000
|
unkown
|
page read and write
|
|
|
|
7FF577F7B000
|
unkown
|
page readonly
|
|
|
|
7FF52FB70000
|
unkown
|
page readonly
|
|
|
|
7FF51BE45000
|
unkown
|
page readonly
|
|
|
|
4C7E27E000
|
unkown
|
page read and write
|
|
|
|
7FF5D5CFC000
|
unkown
|
page readonly
|
|
|
|
7FF549662000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D7D000
|
unkown
|
page readonly
|
|
|
|
14D6EA6B000
|
unkown
|
page read and write
|
|
|
|
7FF53F25F000
|
unkown
|
page readonly
|
|
|
|
1988F758000
|
unkown
|
page read and write
|
|
|
|
14D6EA6A000
|
unkown
|
page read and write
|
|
|
|
7FF53BA5B000
|
unkown
|
page readonly
|
|
|
|
279F6800000
|
unkown
|
page read and write
|
|
|
|
14D6EA7C000
|
unkown
|
page read and write
|
|
|
|
25197980000
|
unkown
|
page read and write
|
|
|
|
14D6EA60000
|
unkown
|
page read and write
|
|
|
|
F02157E000
|
unkown
|
page read and write
|
|
|
|
7FF5D5AD5000
|
unkown
|
page readonly
|
|
|
|
1401BFF000
|
unkown
|
page read and write
|
|
|
|
7FF53B6A3000
|
unkown
|
page readonly
|
|
|
|
1988ED90000
|
unkown
|
page read and write
|
|
|
|
7FF52FBF6000
|
unkown
|
page readonly
|
|
|
|
2DDB15A0000
|
unkown
|
page write copy
|
|
|
|
7FF53ECEB000
|
unkown
|
page readonly
|
|
|
|
198943C0000
|
unkown
|
page read and write
|
|
|
|
7FF53B6D3000
|
unkown
|
page readonly
|
|
|
|
7FF51BDC1000
|
unkown
|
page readonly
|
|
|
|
7FF549907000
|
unkown
|
page readonly
|
|
|
|
198944B0000
|
unkown
|
page readonly
|
|
|
|
1988EE6E000
|
unkown
|
page read and write
|
|
|
|
2602DA13000
|
unkown
|
page read and write
|
|
|
|
2DDB1800000
|
unkown
|
page readonly
|
|
|
|
7FF53BB0C000
|
unkown
|
page readonly
|
|
|
|
7FF53BA05000
|
unkown
|
page readonly
|
|
|
|
1988F390000
|
unkown
|
page readonly
|
|
|
|
7FF52F189000
|
unkown
|
page readonly
|
|
|
|
7FF5496BE000
|
unkown
|
page readonly
|
|
|
|
7FF53B969000
|
unkown
|
page readonly
|
|
|
|
7FF5D5DB4000
|
unkown
|
page readonly
|
|
|
|
251979B0000
|
unkown
|
page read and write
|
|
|
|
14D6EA67000
|
unkown
|
page read and write
|
|
|
|
25197A02000
|
unkown
|
page read and write
|
|
|
|
7FF5780AE000
|
unkown
|
page readonly
|
|
|
|
7FF5D5AE0000
|
unkown
|
page readonly
|
|
|
|
1988FE10000
|
unkown
|
page readonly
|
|
|
|
7FF53F3D0000
|
unkown
|
page readonly
|
|
|
|
1988F718000
|
unkown
|
page read and write
|
|
|
|
279F81E0000
|
unkown
|
page readonly
|
|
|
|
279F67F0000
|
unkown
|
page readonly
|
|
|
|
7FF5D5DB0000
|
unkown
|
page readonly
|
|
|
|
7FF53F40E000
|
unkown
|
page readonly
|
|
|
|
7FF53BB06000
|
unkown
|
page readonly
|
|
|
|
279F684B000
|
unkown
|
page read and write
|
|
|
|
7FF53F1A0000
|
unkown
|
page readonly
|
|
|
|
19890190000
|
unkown
|
page read and write
|
|
|
|
1DC8CDF0000
|
unkown
|
page readonly
|
|
|
|
7FF52FC6E000
|
unkown
|
page readonly
|
|
|
|
7FF53BB30000
|
unkown
|
page readonly
|
|
|
|
2DDB1200000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D8C000
|
unkown
|
page readonly
|
|
|
|
1988F759000
|
unkown
|
page read and write
|
|
|
|
279F6913000
|
unkown
|
page read and write
|
|
|
|
7FF549A7E000
|
unkown
|
page readonly
|
|
|
|
7FF52F467000
|
unkown
|
page readonly
|
|
|
|
2602DA68000
|
unkown
|
page read and write
|
|
|
|
198943C0000
|
unkown
|
page readonly
|
|
|
|
7FF577C70000
|
unkown
|
page readonly
|
|
|
|
7FF549915000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D96000
|
unkown
|
page readonly
|
|
|
|
7FF53B860000
|
unkown
|
page readonly
|
|
|
|
2602D930000
|
heap default
|
page read and write
|
|
|
|
2DDB0E10000
|
unkown
|
page readonly
|
|
|
|
198942F0000
|
unkown
|
page read and write
|
|
|
|
7FF578045000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D28000
|
unkown
|
page readonly
|
|
|
|
2DDB10BB000
|
unkown
|
page read and write
|
|
|
|
14D6F140000
|
unkown
|
page readonly
|
|
|
|
7FF51BB3E000
|
unkown
|
page readonly
|
|
|
|
7FF53ED0C000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D9C000
|
unkown
|
page readonly
|
|
|
|
19894611000
|
unkown
|
page read and write
|
|
|
|
14D6EA48000
|
unkown
|
page read and write
|
|
|
|
7FF53BA7C000
|
unkown
|
page readonly
|
|
|
|
2DDB1B40000
|
unkown
|
page readonly
|
|
|
|
7FF5499F1000
|
unkown
|
page readonly
|
|
|
|
2602DCD0000
|
unkown
|
page readonly
|
|
|
|
7FF53F45C000
|
unkown
|
page readonly
|
|
|
|
7FF51BE71000
|
unkown
|
page readonly
|
|
|
|
198942F0000
|
unkown
|
page read and write
|
|
|
|
1988FE40000
|
unkown
|
page readonly
|
|
|
|
2602DA02000
|
unkown
|
page read and write
|
|
|
|
1988EE3D000
|
unkown
|
page read and write
|
|
|
|
7FF5499F6000
|
unkown
|
page readonly
|
|
|
|
7FF53B0B6000
|
unkown
|
page readonly
|
|
|
|
7FF52FBEC000
|
unkown
|
page readonly
|
|
|
|
14D6EA3C000
|
unkown
|
page read and write
|
|
|
|
7FF53BAA2000
|
unkown
|
page readonly
|
|
|
|
1DC8D602000
|
unkown
|
page read and write
|
|
|
|
1988EDA0000
|
unkown
|
page read and write
|
|
|
|
7FF51BDF8000
|
unkown
|
page readonly
|
|
|
|
1988F5F0000
|
unkown
|
page read and write
|
|
|
|
7FF53F43D000
|
unkown
|
page readonly
|
|
|
|
2DDB0FC0000
|
unkown
|
page readonly
|
|
|
|
7FF53F011000
|
unkown
|
page readonly
|
|
|
|
198946E6000
|
unkown
|
page read and write
|
|
|
|
7FF5D5D4E000
|
unkown
|
page readonly
|
|
|
|
2602D950000
|
unkown
|
page readonly
|
|
|
|
19894311000
|
unkown
|
page read and write
|
|
|
|
F0212FD000
|
unkown
|
page read and write
|
|
|
|
4C7E07F000
|
unkown
|
page read and write
|
|
|
|
19894530000
|
unkown
|
page readonly
|
|
|
|
7FF53B6D5000
|
unkown
|
page readonly
|
|
|
|
7FF53F4D9000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D86000
|
unkown
|
page readonly
|
|
|
|
7FF577FC8000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D10000
|
unkown
|
page readonly
|
|
|
|
279F683F000
|
unkown
|
page read and write
|
|
|
|
7FF53B7A6000
|
unkown
|
page readonly
|
|
|
|
7FF51BCDA000
|
unkown
|
page readonly
|
|
|
|
7FF53B7AC000
|
unkown
|
page readonly
|
|
|
|
14D6EA41000
|
unkown
|
page read and write
|
|
|
|
7FF53F225000
|
unkown
|
page readonly
|
|
|
|
7E38BFC000
|
unkown
|
page read and write
|
|
|
|
7FF54965F000
|
unkown
|
page readonly
|
|
|
|
1988EE13000
|
unkown
|
page read and write
|
|
|
|
7FF53B94C000
|
unkown
|
page readonly
|
|
|
|
7FF51BE95000
|
unkown
|
page readonly
|
|
|
|
7FF53B3B8000
|
unkown
|
page readonly
|
|
|
|
14020FF000
|
unkown
|
page read and write
|
|
|
|
7E387FD000
|
unkown
|
page read and write
|
|
|
|
14D6EA76000
|
unkown
|
page read and write
|
|
|
|
7FF53B8FE000
|
unkown
|
page readonly
|
|
|
|
279F67E0000
|
unkown
|
page read and write
|
|
|
|
7FF53B6D1000
|
unkown
|
page readonly
|
|
|
|
1988EE73000
|
unkown
|
page read and write
|
|
|
|
1DC8CE2A000
|
unkown
|
page read and write
|
|
|
|
7FF5498AC000
|
unkown
|
page readonly
|
|
|
|
7FF53EFE0000
|
unkown
|
page readonly
|
|
|
|
2602DA3C000
|
unkown
|
page read and write
|
|
|
|
7FF53ED14000
|
unkown
|
page readonly
|
|
|
|
7FF549671000
|
unkown
|
page readonly
|
|
|
|
7FF549A0C000
|
unkown
|
page readonly
|
|
|
|
1988EF02000
|
unkown
|
page read and write
|
|
|
|
7FF53B72E000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D22000
|
unkown
|
page readonly
|
|
|
|
7FF53F415000
|
unkown
|
page readonly
|
|
|
|
7FF51BC37000
|
unkown
|
page readonly
|
|
|
|
279F67E0000
|
unkown
|
page read and write
|
|
|
|
7FF53BADF000
|
unkown
|
page readonly
|
|
|
|
19894440000
|
unkown
|
page read and write
|
|
|
|
7FF5D5ACE000
|
unkown
|
page readonly
|
|
|
|
25197C00000
|
unkown
|
page readonly
|
|
|
|
14D6EA30000
|
unkown
|
page read and write
|
|
|
|
14D6EB02000
|
unkown
|
page read and write
|
|
|
|
7FF51BDA7000
|
unkown
|
page readonly
|
|
|
|
7FF52FBC9000
|
unkown
|
page readonly
|
|
|
|
4C7E87D000
|
unkown
|
page read and write
|
|
|
|
F020FCC000
|
unkown
|
page read and write
|
|
|
|
198946A6000
|
unkown
|
page read and write
|
|
|
|
19894655000
|
unkown
|
page read and write
|
|
|
|
198946AA000
|
unkown
|
page read and write
|
|
|
|
1989461D000
|
unkown
|
page read and write
|
|
|
|
7FF53F477000
|
unkown
|
page readonly
|
|
|
|
7FF549A06000
|
unkown
|
page readonly
|
|
|
|
19894310000
|
unkown
|
page read and write
|
|
|
|
1988ED80000
|
unkown
|
page readonly
|
|
|
|
7FF51BE76000
|
unkown
|
page readonly
|
|
|
|
14D6EA56000
|
unkown
|
page read and write
|
|
|
|
279F8202000
|
unkown
|
page read and write
|
|
|
|
25197820000
|
heap private
|
page read and write
|
|
|
|
25198060000
|
unkown
|
page read and write
|
|
|
|
14D6EED0000
|
unkown
|
page readonly
|
|
|
|
7FF577FEE000
|
unkown
|
page readonly
|
|
|
|
14D6EA42000
|
unkown
|
page read and write
|
|
|
|
14D6EA34000
|
unkown
|
page read and write
|
|
|
|
25197B02000
|
unkown
|
page read and write
|
|
|
|
279F67E0000
|
unkown
|
page read and write
|
|
|
|
19894490000
|
unkown
|
page readonly
|
|
|
|
7FF53B79D000
|
unkown
|
page readonly
|
|
|
|
1988FE00000
|
unkown
|
page readonly
|
|
|
|
2602D8D0000
|
heap private
|
page read and write
|
|
|
|
14D6F202000
|
unkown
|
page read and write
|
|
|
|
1988FB00000
|
unkown
|
page read and write
|
|
|
|
7FF52FBBF000
|
unkown
|
page readonly
|
|
|
|
7B95CFF000
|
unkown
|
page read and write
|
|
|
|
7FF5499D9000
|
unkown
|
page readonly
|
|
|
|
1988FD10000
|
unkown
|
page read and write
|
|
|
|
4C7E8FD000
|
unkown
|
page read and write
|
|
|
|
14D6EA4D000
|
unkown
|
page read and write
|
|
|
|
14D6EA5C000
|
unkown
|
page read and write
|
|
|
|
7FF51BE18000
|
unkown
|
page readonly
|
|
|
|
7FF53B8D8000
|
unkown
|
page readonly
|
|
|
|
198946B4000
|
unkown
|
page read and write
|
|
|
|
4C7E47A000
|
unkown
|
page read and write
|
|
|
|
7FF53F278000
|
unkown
|
page readonly
|
|
|
|
14D6EA2D000
|
unkown
|
page read and write
|
|
|
|
14D6EA58000
|
unkown
|
page read and write
|
|
|
|
7FF53F015000
|
unkown
|
page readonly
|
|
|
|
7FF549996000
|
unkown
|
page readonly
|
|
|
|
7FF549A89000
|
unkown
|
page readonly
|
|
|
|
7FF578057000
|
unkown
|
page readonly
|
|
|
|
7FF52FBE6000
|
unkown
|
page readonly
|
|
|
|
7FF5499FC000
|
unkown
|
page readonly
|
|
|
|
F021A7F000
|
unkown
|
page read and write
|
|
|
|
1988FC30000
|
unkown
|
page read and write
|
|
|
|
1DC8CDB0000
|
unkown
|
page readonly
|
|
|
|
4C7E17B000
|
unkown
|
page read and write
|
|
|
|
1DC8CE3F000
|
unkown
|
page read and write
|
|
|
|
4C7E37F000
|
unkown
|
page read and write
|
|
|
|
4C7D88B000
|
unkown
|
page read and write
|
|
|
|
1988F759000
|
unkown
|
page read and write
|
|
|
|
7FF5D5E19000
|
unkown
|
page readonly
|
|
|
|
14D6EA40000
|
unkown
|
page read and write
|
|
|
|
14D6EA7F000
|
unkown
|
page read and write
|
|
|
|
7FF53F446000
|
unkown
|
page readonly
|
|
|
|
198941D0000
|
unkown
|
page read and write
|
|
|
|
2DDB1113000
|
unkown
|
page read and write
|
|
|
|
251979B0000
|
unkown
|
page read and write
|
|
|
|
7FF5D5DA5000
|
unkown
|
page readonly
|
|
|
|
7FF53BA67000
|
unkown
|
page readonly
|
|
|
|
7FF5499ED000
|
unkown
|
page readonly
|
|
|
|
1988EF13000
|
unkown
|
page read and write
|
|
|
|
7B9533B000
|
unkown
|
page read and write
|
|
|
|
198941A0000
|
unkown
|
page readonly
|
|
|
|
1988F718000
|
unkown
|
page read and write
|
|
|
|
7FF549A80000
|
unkown
|
page readonly
|
|
|
|
198946C2000
|
unkown
|
page read and write
|
|
|
|
14D6EA5A000
|
unkown
|
page read and write
|
|
|
|
2602E400000
|
unkown
|
page readonly
|
|
|
|
7E3867E000
|
unkown
|
page read and write
|
|
|
|
7FF52FC05000
|
unkown
|
page readonly
|
|
|
|
7FF5499C5000
|
unkown
|
page readonly
|
|
|
|
1988F702000
|
unkown
|
page read and write
|
|
|
|
7FF5D5B9F000
|
unkown
|
page readonly
|
|
|
|
7FF53F3C4000
|
unkown
|
page readonly
|
|
|
|
7FF52F9FF000
|
unkown
|
page readonly
|
|
|
|
2DDB0E00000
|
heap default
|
page read and write
|
|
|
|
2DDB1102000
|
unkown
|
page read and write
|
|
|
|
1DC8CF13000
|
unkown
|
page read and write
|
|
|
|
2DDB1602000
|
unkown
|
page read and write
|
|
|
|
198943F0000
|
unkown
|
page read and write
|
|
|
|
7FF578009000
|
unkown
|
page readonly
|
|
|
|
1DC8D000000
|
unkown
|
page readonly
|
|
|
|
7FF5D5CA5000
|
unkown
|
page readonly
|
|
|
|
198942F8000
|
unkown
|
page read and write
|
|
|
|
7FF53B81C000
|
unkown
|
page readonly
|
|
|
|
7FF5D5B7E000
|
unkown
|
page readonly
|
|
|
|
1988F615000
|
unkown
|
page read and write
|
|
|
|
7FF549897000
|
unkown
|
page readonly
|
|
|
|
7FF53BA51000
|
unkown
|
page readonly
|
|
|
|
25197A3D000
|
unkown
|
page read and write
|
|
|
|
14D6EA70000
|
unkown
|
page read and write
|
|
|
|
198942F1000
|
unkown
|
page read and write
|
|
|
|
19894450000
|
unkown
|
page read and write
|
|
|
|
198946C7000
|
unkown
|
page read and write
|
|
|
|
14D6EC00000
|
unkown
|
page readonly
|
|
|
|
19894460000
|
unkown
|
page read and write
|
|
|
|
14D6EA75000
|
unkown
|
page read and write
|
|
|
|
7FF53E9EB000
|
unkown
|
page readonly
|
|
|
|
2DDB1029000
|
unkown
|
page read and write
|
|
|
|
7FF51BF09000
|
unkown
|
page readonly
|
|
|
|
7FF5497B4000
|
unkown
|
page readonly
|
|
|
|
7FF51BDEC000
|
unkown
|
page readonly
|
|
|
|
F02127E000
|
unkown
|
page read and write
|
|
|
|
14D6EA46000
|
unkown
|
page read and write
|
|
|
|
25197880000
|
heap default
|
page read and write
|
|
|
|
279F8480000
|
unkown
|
page readonly
|
|
|
|
2DDB0FD0000
|
unkown
|
page read and write
|
|
|
|
279F6918000
|
unkown
|
page read and write
|
|
|
|
7FF577C84000
|
unkown
|
page readonly
|
|
|
|
1988EC90000
|
heap default
|
page read and write
|
|
|
|
1988FC00000
|
unkown
|
page read and write
|
|
|
|
7FF54980F000
|
unkown
|
page readonly
|
|
|
|
198943C4000
|
unkown
|
page read and write
|
|
|
|
7FF577FB0000
|
unkown
|
page readonly
|
|
|
|
279F66A0000
|
unkown
|
page readonly
|
|
|
|
7FF52FBB5000
|
unkown
|
page readonly
|
|
|
|
2602DB00000
|
unkown
|
page read and write
|
|
|
|
1DC8CCE0000
|
unkown
|
page readonly
|
|
|
|
1DC8CE5A000
|
unkown
|
page read and write
|
|
|
|
4C7DF7A000
|
unkown
|
page read and write
|
|
|
|
19894450000
|
unkown
|
page read and write
|
|
|
|
1DC8CE78000
|
unkown
|
page read and write
|
|
|
|
7B953BE000
|
unkown
|
page read and write
|
|
|
|
1DC8CE13000
|
unkown
|
page read and write
|
|
|
|
2DDB0EE0000
|
unkown
|
page readonly
|
|
|
|
7FF5499CF000
|
unkown
|
page readonly
|
|
|
|
25197890000
|
unkown
|
page readonly
|
|
|
|
7FF51BA45000
|
unkown
|
page readonly
|
|
|
|
7FF53BAA8000
|
unkown
|
page readonly
|
|
|
|
1401DFF000
|
unkown
|
page read and write
|
|
|
|
1401FFF000
|
unkown
|
page read and write
|
|
|
|
ED9AE7F000
|
unkown
|
page read and write
|
|
|
|
7FF5D5D55000
|
unkown
|
page readonly
|
|
|
|
7FF53BB01000
|
unkown
|
page readonly
|
|
|
|
14021FE000
|
unkown
|
page read and write
|
|
|
|
7E38DFE000
|
unkown
|
page read and write
|
|
|
|
7FF53BB25000
|
unkown
|
page readonly
|
|
|
|
7FF53BB90000
|
unkown
|
page readonly
|
|
|
|
19894400000
|
unkown
|
page read and write
|
|
|
|
1988EE78000
|
unkown
|
page read and write
|
|
|
|
2DDB1590000
|
unkown
|
page readonly
|
|
|
|
1988EE75000
|
unkown
|
page read and write
|
|
|
|
7FF53BB99000
|
unkown
|
page readonly
|
|
|
|
7FF53BAFD000
|
unkown
|
page readonly
|
|
|
|
7FF549992000
|
unkown
|
page readonly
|
|
|
|
14D6EA59000
|
unkown
|
page read and write
|
|
|
|
2DDB10CC000
|
unkown
|
page read and write
|
|
|
|
7FF53BAD5000
|
unkown
|
page readonly
|
|
|
|
14D6EA13000
|
unkown
|
page read and write
|
|
|
|
7FF52FC79000
|
unkown
|
page readonly
|
|
|
|
45BBC7E000
|
unkown
|
page read and write
|
|
|
|
7FF52F99A000
|
unkown
|
page readonly
|
|
|
|
1DC8CCD0000
|
heap default
|
page read and write
|
|
|
|
1988F5E3000
|
unkown
|
page read and write
|
|
|
|
7FF57801D000
|
unkown
|
page readonly
|
|
|
|
7FF51BF00000
|
unkown
|
page readonly
|
|
|
|
2DDB106E000
|
unkown
|
page read and write
|
|
|
|
19894334000
|
unkown
|
page read and write
|
|
|
|
2602DA64000
|
unkown
|
page read and write
|
|
|
|
7FF53BA90000
|
unkown
|
page readonly
|
|
|
|
7B95A7D000
|
unkown
|
page read and write
|
|
|
|
7FF53F3E8000
|
unkown
|
page readonly
|
|
|
|
1989463F000
|
unkown
|
page read and write
|
|
|
|
7FF52FB88000
|
unkown
|
page readonly
|
|
|
|
F021B7D000
|
unkown
|
page read and write
|
|
|
|
2602DB02000
|
unkown
|
page read and write
|
|
|
|
7FF53F4D1000
|
unkown
|
page readonly
|
|
|
|
F021C7F000
|
unkown
|
page read and write
|
|
|
|
7FF5497EE000
|
unkown
|
page readonly
|
|
|
|
279F685A000
|
unkown
|
page read and write
|
|
|
|
25197A5C000
|
unkown
|
page read and write
|
|
|
|
7FF51BC70000
|
unkown
|
page readonly
|
|
|
|
2DDB10E8000
|
unkown
|
page read and write
|
|
|
|
1988FC10000
|
unkown
|
page read and write
|
|
|
|
14D6EA64000
|
unkown
|
page read and write
|
|
|
|
F02197D000
|
unkown
|
page read and write
|
|
|
|
7B957FD000
|
unkown
|
page read and write
|
|
|
|
7FF53F13D000
|
unkown
|
page readonly
|
|
|
|
7FF549980000
|
unkown
|
page readonly
|
|
|
|
7FF51BAD8000
|
unkown
|
page readonly
|
|
|
|
7FF51BEFE000
|
unkown
|
page readonly
|
|
|
|
7FF51BE3E000
|
unkown
|
page readonly
|
|
|
|
7B95AFF000
|
unkown
|
page read and write
|
|
|
|
7FF53BA73000
|
unkown
|
page readonly
|
|
|
|
7FF53F429000
|
unkown
|
page readonly
|
|
|
|
279F684C000
|
unkown
|
page read and write
|
|
|
|
7FF51BEA7000
|
unkown
|
page readonly
|
|
|
|
7FF578054000
|
unkown
|
page readonly
|
|
|
|
2DDB10C3000
|
unkown
|
page read and write
|
|
|
|
4C7DCF7000
|
unkown
|
page read and write
|
|
|
|
198946B2000
|
unkown
|
page read and write
|
|
|
|
2602D940000
|
unkown
|
page readonly
|
|
|
|
7FF53F200000
|
unkown
|
page readonly
|
|
|
|
14D6EA61000
|
unkown
|
page read and write
|
|
|
|
7E38EFE000
|
unkown
|
page read and write
|
|
|
|
7FF549998000
|
unkown
|
page readonly
|
|
|
|
ED9ABFB000
|
unkown
|
page read and write
|
|
|
|
1988EE9C000
|
unkown
|
page read and write
|
|
|
|
7FF52FC14000
|
unkown
|
page readonly
|
|
|
|
1988F79A000
|
unkown
|
page read and write
|
|
|
|
1988F5E0000
|
unkown
|
page read and write
|
|
|
|
4C7E97E000
|
unkown
|
page read and write
|
|
|
|
2DDB1000000
|
unkown
|
page read and write
|
|
|
|
7FF53BA0C000
|
unkown
|
page readonly
|
|
|
|
7E3837B000
|
unkown
|
page read and write
|
|
|
|
2602DA79000
|
unkown
|
page read and write
|
|
|
|
198944A0000
|
unkown
|
page readonly
|
|
|
|
ED9ACFB000
|
unkown
|
page read and write
|
|
|
|
25197A00000
|
unkown
|
page read and write
|
|
|
|
279F67B0000
|
unkown
|
page read and write
|
|
|
|
279F684A000
|
unkown
|
page read and write
|
|
|
|
7FF5D5336000
|
unkown
|
page readonly
|
|
|
|
7FF53F195000
|
unkown
|
page readonly
|
|
|
|
7FF51BA41000
|
unkown
|
page readonly
|
|
|
|
7FF549A24000
|
unkown
|
page readonly
|
|
|
|
279F6690000
|
heap default
|
page read and write
|
|
|
|
7FF5D5D26000
|
unkown
|
page readonly
|
|
|
|
7E389FF000
|
unkown
|
page read and write
|
|
|
|
7FF5D5BD8000
|
unkown
|
page readonly
|
|
|
|
1989462B000
|
unkown
|
page read and write
|
|
|
|
279F87C0000
|
unkown
|
page write copy
|
|
|
|
ED9A70E000
|
unkown
|
page read and write
|
|
|
|
279F8400000
|
unkown
|
page read and write
|
|
|
|
14023FE000
|
unkown
|
page read and write
|
|
|
|
F0216FC000
|
unkown
|
page read and write
|
|
|
|
14D6EA68000
|
unkown
|
page read and write
|
|
|
|
7FF53BA31000
|
unkown
|
page readonly
|
|
|
|
4C7DD7E000
|
unkown
|
page read and write
|
|
|
|
F0217FC000
|
unkown
|
page read and write
|
|
|
|
14D6ECD0000
|
unkown
|
page readonly
|
|
|
|
7FF5498A0000
|
unkown
|
page readonly
|
|
|
|
2DDB1013000
|
unkown
|
page read and write
|
|
|
|
7FF52FB9A000
|
unkown
|
page readonly
|
|
|
|
14D6EA51000
|
unkown
|
page read and write
|
|
|
|
45BC0FE000
|
unkown
|
page read and write
|
|
|
|
7FF5D5D08000
|
unkown
|
page readonly
|
|
|
|
1988F713000
|
unkown
|
page read and write
|
|
|
|
7FF53F44C000
|
unkown
|
page readonly
|
|
|
|
7FF5D5AC7000
|
unkown
|
page readonly
|
|
|
|
7FF54984A000
|
unkown
|
page readonly
|
|
|
|
7FF5495F2000
|
unkown
|
page readonly
|
|
|
|
7FF51BF09000
|
unkown
|
page readonly
|
|
|
|
45BB95B000
|
unkown
|
page read and write
|
|
|
|
1988FE20000
|
unkown
|
page readonly
|
|
|
|
7FF53B727000
|
unkown
|
page readonly
|
|
|
|
1988F718000
|
unkown
|
page read and write
|
|
|
|
1988EEFC000
|
unkown
|
page read and write
|
|
|
|
14D6EA00000
|
unkown
|
page read and write
|
|
|
|
7FF52F4B4000
|
unkown
|
page readonly
|
|
|
|
1988EC30000
|
heap private
|
page read and write
|
|
|
|
45BB9DE000
|
unkown
|
page read and write
|
|
|
|
7FF51BE02000
|
unkown
|
page readonly
|
|
|
|
4C7D98E000
|
unkown
|
page read and write
|
|
|
|
4C7D90E000
|
unkown
|
page read and write
|
|
|
|
7FF53BB37000
|
unkown
|
page readonly
|
|
|
|
7FF51BEA4000
|
unkown
|
page readonly
|
|
|
|
7FF51BE8C000
|
unkown
|
page readonly
|
|
|
|
ED9AD7E000
|
unkown
|
page read and write
|
|
|
|
279F682A000
|
unkown
|
page read and write
|
|
|
|
7FF53BB1C000
|
unkown
|
page readonly
|
|
|
|
7FF52F186000
|
unkown
|
page readonly
|
|
|
|
19894550000
|
unkown
|
page readonly
|
|
|
|
19894320000
|
unkown
|
page read and write
|
|
|
|
14018FD000
|
unkown
|
page read and write
|
|
|
|
198941F0000
|
unkown
|
page read and write
|
|
|
|
7FF54996C000
|
unkown
|
page readonly
|
|
|
|
7FF5780B1000
|
unkown
|
page readonly
|
|
|
|
7FF52FBFC000
|
unkown
|
page readonly
|
|
|
|
2602DA28000
|
unkown
|
page read and write
|
|
|
|
14D6EA62000
|
unkown
|
page read and write
|
|
|
|
25197970000
|
unkown
|
page readonly
|
|
|
|
7FF53F3C8000
|
unkown
|
page readonly
|
|
|
|
19894662000
|
unkown
|
page read and write
|
|
|
|
4C7EA7C000
|
unkown
|
page read and write
|
|
|
|
7FF54995A000
|
unkown
|
page readonly
|
|
|
|
7FF577CD5000
|
unkown
|
page readonly
|
|
|
|
7FF5498FC000
|
unkown
|
page readonly
|
|
|
|
2602DA00000
|
unkown
|
page read and write
|
|
|
|
1989464C000
|
unkown
|
page read and write
|
|
|
|
7FF53B847000
|
unkown
|
page readonly
|
|
|
|
7FF51BDBA000
|
unkown
|
page readonly
|
|
|
|
7FF5499BE000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D12000
|
unkown
|
page readonly
|
|
|
|
14D6EA85000
|
unkown
|
page read and write
|
|
|
|
7FF51BE6D000
|
unkown
|
page readonly
|
|
|
|
2DDB0DA0000
|
heap private
|
page read and write
|
|
|
|
14D6EA7E000
|
unkown
|
page read and write
|
|
|
|
198946CD000
|
unkown
|
page read and write
|
|
|
|
1401CFC000
|
unkown
|
page read and write
|
|
|
|
279F6813000
|
unkown
|
page read and write
|
|
|
|
14D6E9F0000
|
heap default
|
page read and write
|
|
|
|
7B956FF000
|
unkown
|
page read and write
|
|
|
|
14D6EA57000
|
unkown
|
page read and write
|
|
|
|
7B9597F000
|
unkown
|
page read and write
|
|
|
|
1988FE50000
|
unkown
|
page readonly
|
|
|
|
7FF52FC10000
|
unkown
|
page readonly
|
|
|
|
4C7DE7A000
|
unkown
|
page read and write
|
|
|
|
7FF549978000
|
unkown
|
page readonly
|
|
|
|
279F6790000
|
unkown
|
page read and write
|
|
|
|
7FF577FC2000
|
unkown
|
page readonly
|
|
|
|
7FF5D5D69000
|
unkown
|
page readonly
|
|
|
|
7FF51BE59000
|
unkown
|
page readonly
|
|
|
|
7FF52F4AF000
|
unkown
|
page readonly
|
|
|
|
7FF53BA47000
|
unkown
|
page readonly
|
|
|
|
14D6EA34000
|
unkown
|
page read and write
|
|
|
|
198941E0000
|
unkown
|
page read and write
|
|
|
|
19894684000
|
unkown
|
page read and write
|
|
|
|
279F685C000
|
unkown
|
page read and write
|
|
|
|
25197A29000
|
unkown
|
page read and write
|
|
|
|
7FF5D59E8000
|
unkown
|
page readonly
|
|
|
|
7FF549A20000
|
unkown
|
page readonly
|
|
|
|
7FF577C73000
|
unkown
|
page readonly
|
|
|
|
1988EE8A000
|
unkown
|
page read and write
|
|
|
|
7FF53F07D000
|
unkown
|
page readonly
|
|
|
|
7FF53F41F000
|
unkown
|
page readonly
|
|
|
|
7FF53B8BB000
|
unkown
|
page readonly
|
|
|
|
2DDB1700000
|
unkown
|
page read and write
|
|
|
|
7FF53B960000
|
unkown
|
page readonly
|
|
|
|
ED9A78E000
|
unkown
|
page read and write
|
|
|
|
25197F90000
|
unkown
|
page readonly
|
|
|
|
279F6770000
|
unkown
|
page readonly
|
|
|
|
7FF52FC71000
|
unkown
|
page readonly
|
|
|
|
19894430000
|
unkown
|
page read and write
|
|
|
|
7FF53BB8E000
|
unkown
|
page readonly
|
|
|
|
19894450000
|
unkown
|
page read and write
|
|
|
|
140197E000
|
unkown
|
page read and write
|
|
|
|
1DC8CE76000
|
unkown
|
page read and write
|
|
|
|
7FF53F4D9000
|
unkown
|
page readonly
|
|
|
|
1DC8CE02000
|
unkown
|
page read and write
|
|
|
|
7FF57803C000
|
unkown
|
page readonly
|
|
|
|
7FF53F29A000
|
unkown
|
page readonly
|
|
|
|
7FF549A27000
|
unkown
|
page readonly
|
|
|
|
25197A13000
|
unkown
|
page read and write
|
|
|
|
7FF53F474000
|
unkown
|
page readonly
|
|
|
|
4C7E2FF000
|
unkown
|
page read and write
|
|
|
|
7FF53F465000
|
unkown
|
page readonly
|
|
|
|
7FF53B958000
|
unkown
|
page readonly
|
|
|
|
7FF51BE12000
|
unkown
|
page readonly
|
|
|
|
7FF5780B9000
|
unkown
|
page readonly
|
|
|
|
7B95BFD000
|
unkown
|
page read and write
|
|
|
|
279F6D90000
|
unkown
|
page readonly
|
|
|
|
7FF53B855000
|
unkown
|
page readonly
|
|
|
|
7FF53BB99000
|
unkown
|
page readonly
|
|
|
|
19894450000
|
unkown
|
page read and write
|
|
|
|
2DDB0EF0000
|
unkown
|
page readonly
|
|
|
|
14D6EA65000
|
unkown
|
page read and write
|
|
|
|
7FF53F2E7000
|
unkown
|
page readonly
|
|
|
|
7FF53B93A000
|
unkown
|
page readonly
|
|
|
|
7FF578036000
|
unkown
|
page readonly
|
|
|
|
7FF51BE16000
|
unkown
|
page readonly
|
|
|
|
1988EE56000
|
unkown
|
page read and write
|
|
|
|
7FF577FF5000
|
unkown
|
page readonly
|
|
|
|
7FF53BB16000
|
unkown
|
page readonly
|
|
|
|
1988F600000
|
unkown
|
page read and write
|
|
|
|
198946B6000
|
unkown
|
page read and write
|
|
|
|
7FF549A89000
|
unkown
|
page readonly
|
|
|
|
7FF53BA92000
|
unkown
|
page readonly
|
|
|
|
7FF51BE4F000
|
unkown
|
page readonly
|
|
|
|
4C7E4FF000
|
unkown
|
page read and write
|
|
|
|
7FF53BA17000
|
unkown
|
page readonly
|
|
|
|
7FF5D5E0E000
|
unkown
|
page readonly
|
|
|
|
2602E202000
|
unkown
|
page read and write
|
|
|
|
7FF577E3F000
|
unkown
|
page readonly
|
|
|
|
279F6A00000
|
unkown
|
page readonly
|
|
|
|
45BBFFE000
|
unkown
|
page read and write
|
|
|
|
7FF53B6B0000
|
unkown
|
page readonly
|
|
|
|
4C7E67E000
|
unkown
|
page read and write
|
|
|
|
7FF549982000
|
unkown
|
page readonly
|
|
|
|
7FF5D5DB7000
|
unkown
|
page readonly
|
|
|
|
1988F5C1000
|
unkown
|
page read and write
|
|
|
|
7FF53B768000
|
unkown
|
page readonly
|
|
|
|
45BBDFE000
|
unkown
|
page read and write
|
|
|
|
7FF53F240000
|
unkown
|
page readonly
|
|
|
|
7E38AFF000
|
unkown
|
page read and write
|
|
|
|
4C7E57E000
|
unkown
|
page read and write
|
|
|
|
7FF53BACE000
|
unkown
|
page readonly
|
|
|
|
251979B0000
|
unkown
|
page read and write
|
|
|
|
2602E060000
|
unkown
|
page readonly
|
|
|
|
279F6900000
|
unkown
|
page read and write
|
|
|
|
19894440000
|
unkown
|
page read and write
|
|
|
|
7E388FF000
|
unkown
|
page read and write
|
|
|
|
7FF5D5CEA000
|
unkown
|
page readonly
|
|
|
|
7E38CFC000
|
unkown
|
page read and write
|
|
There are 665 hidden memdumps, click here to show them.