Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0d907e79-e240-4ace-a0e8-cf5886bdbcca.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\37470408-1879-4908-9848-7b84876422d9.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4aa76b95-007a-4a0a-8c33-217d8793ff03.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\69f1fb30-d8a3-49fe-838b-ee8259cd1559.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7bd5c86a-7b96-47d6-acb4-a27163bab98b.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\110a3ec7-d93b-4a19-ab22-a4b778a3e4ea.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1b3566d1-70d1-4245-96bc-455f198de079.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1b4f4423-75b7-4b90-8f67-1e808d009769.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2707e0e2-4311-4956-91b9-88ef1478870e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2b5d6b28-abc9-4340-9ff7-41e8f309b77f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2c6a0c24-8c93-4014-9329-732aa4582676.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3ae53830-345a-498e-8294-eb5615a7a569.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old8. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old.d (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
|
data
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsOC (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State7f (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldMP (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencess (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencestY (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesu\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences? (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\1a9e076c-5189-4c0f-ad8f-53604d4503d9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\2e3c3ba8-5ab9-48ca-a3ea-849bb783bcfa.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old.. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\TransportSecurityOi (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a7d9bbc3-d6a0-418b-a6be-6263029a82f7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aaae390b-e1ab-48b5-9e14-f8e0b7af4623.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldb (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\eba94e86-3540-4ce9-aaea-822baf42c644.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f345382a-1f34-40d5-bb6a-884195d85d26.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\e (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6564_1776176960\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\a2eec70f-8345-40a6-a2f3-e5a1974ebce7.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e021a04c-c1f4-4b4f-b0dd-053084ede837.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\4d80664c-be94-40b3-a434-8fa2d5982743.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_244370255\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_244370255\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_244370255\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_244370255\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_244370255\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6564_637119584\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ff8b64d9-6ef5-4fa7-89bf-4331ad3a3312.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1738730910\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\4d80664c-be94-40b3-a434-8fa2d5982743.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6564_1919960305\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
There are 248 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?usp=sharing_eip_m&rtpof=true&sd=true&invite=CKvaqcMD&ts=6178419e'
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1560,8177781781073637063,12308943224005517833,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1912 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?usp=sharing_eip_m&rtpof=true&sd=true&invite=CKvaqcMD&ts=6178419e
|
 |
||
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/MicrosoftAccount.htmlRefe
|
unknown
|
|
|
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/MicrosoftAccount.html
|
|
||
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/MicrosoftAccount.html3
|
unknown
|
|
|
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/MicrosoftAccount.htmlSign
|
unknown
|
|
|
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/MicrosoftAccount.html
|
66.228.55.6
|
|
|
|
https://csp.withgoogle.com/csp/report-to/docs_
|
unknown
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://edadfed.ed.ac.uk/adfs/portal/illustration/illustration.jpgI-
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/436474874-client_js_prod_voice__en_gb.jsb
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/apps-themes
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/docs
|
unknown
|
|
|
|
http://crls.pki.goog/gts1c3/QqFxbi9M48c.crl0
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/product-feedback-gathering
|
unknown
|
|
|
|
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/app
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.wk7zEZseXNs.O/m=card/exm=config/rt=j/
|
unknown
|
|
|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?invite=CKvaqcMDAdjunct
|
unknown
|
|
|
|
https://docs.google.com/
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?invite=CKvaqcMD
|
|
||
|
http://pki.goog/repo/certs/gtsr1.der04
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/1807487000-client_js_prod_peoplehovercard__en_gb.j
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://contacts.google.com/widget/hovercard/v/2?authuser&origin=https%3A%2F%2Fdocs.google.com&usega
|
unknown
|
|
|
|
https://bit.ly/3me0XGnSign
|
unknown
|
|
|
|
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.wk7zEZseXNs.O/m=config/rt=j/sv=1/d=1/
|
unknown
|
|
|
|
https://lh4.googleusercontent.com/-6DRE7a5AcB4/AAAAAAAAAAI/AAAAAAAAAKM/5K1J4UolszQ/s0-c-k-no-ns/phot
|
unknown
|
|
|
|
http://crls.pki.goog/gts1c3/QOvJ0N1sT2A.crl0
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/css/390957633-KixCss_ltr.css
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/product-feedback-gatheringCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://apis.google.com/js/api.jsCgkKBw2RYZVOGgA=j
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/apps-themesO
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/3714220469-client_js_prod_kix_core__en_gb.js
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
https://lh3.googleusercontent.com/a/AATXAJyEMzwYioPomGpTeso8L__wKY3bPrTHt3se5MVa=s50-c-k-no
|
142.250.203.97
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://apis.google.com/js/api.js
|
142.250.203.110
|
|
|
|
https://bit.ly/3me0XGn
|
67.199.248.11
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.206
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?invite=CKvaqcMD)Adjunct
|
unknown
|
|
|
|
https://lh3.googleusercontent.com
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://lh4.googleusercontent.com/-6DRE7a5AcB4/AAAAAAAAAAI/AAAAAAAAAKM/5K1J4UolszQ/s0-c-k-no-ns/photo.jpg
|
142.250.203.97
|
|
|
|
http://crl.pki.goog/gtsr1/gtsr1.crl0W
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/2467020024-client_js_prod_kix_approvals__en_gb.js
|
unknown
|
|
|
|
https://marketingandsoftwaretools.com/
|
unknown
|
|
|
|
https://pki.goog/repository/0
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://edadfed.ed.ac.uk/
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?rtpof=true&sd=true&invite=
|
unknown
|
|
|
|
https://lh5.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/436474874-client_js_prod_voice__en_gb.js
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/1222260494-client_js_prod_kix_tertiary__en_gb.js
|
unknown
|
|
|
|
https://people-pa.clients6.google.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/js/3714220469-client_js_prod_kix_core__en_gb.jsW
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
|
|
https://docs.google.com/static/document/client/css/390957633-KixCss_ltr.csse
|
unknown
|
|
|
|
http://crl.pki.goog/gsr1/gsr1.crl0;
|
unknown
|
|
|
|
https://edadfed.ed.ac.uk/adfs/portal/illustration/illustration.jpg
|
129.215.55.224
|
|
|
|
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.wk7zEZseXNs.O/m=gapi_iframes/rt=j/sv=
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/365.php
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/docscross-origin-resource-policy:cross-origincross-origin-opener-poli
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/docs
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://0.docs.google.com
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
http://crls.pki.goog/gts1c3/zdATt0Ex_Fk.crl0
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl0
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/apps-themescross-origin-resource-policy:cross-origincross-origin-open
|
unknown
|
|
|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?usp=sharing_eip_m&rtpof=tr
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/social-frontend-mpm-access
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
172.217.168.35
|
|
|
|
docs.google.com
|
172.217.168.78
|
|
|
|
accounts.google.com
|
172.217.168.13
|
|
|
|
plus.l.google.com
|
142.250.203.110
|
|
|
|
marketingandsoftwaretools.com
|
66.228.55.6
|
|
|
|
play.google.com
|
172.217.168.14
|
|
|
|
browserchannel-sites.l.google.com
|
74.125.143.189
|
|
|
|
fc6y67oygyo8.wpeproxy.com
|
141.193.213.21
|
|
|
|
bit.ly
|
67.199.248.11
|
|
|
|
clients.l.google.com
|
142.250.185.206
|
|
|
|
people-pa.clients6.google.com
|
172.217.168.10
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
edadfed.ed.ac.uk
|
129.215.55.224
|
|
|
|
lh3.googleusercontent.com
|
unknown
|
|
|
|
0.docs.google.com
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
lh5.googleusercontent.com
|
unknown
|
|
|
|
contacts.google.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
secure.aadcdn.microsoftonline-p.com
|
unknown
|
|
|
|
apis.google.com
|
unknown
|
|
|
|
lh4.googleusercontent.com
|
unknown
|
|
There are 12 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.206
|
clients.l.google.com
|
United States
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
129.215.55.224
|
edadfed.ed.ac.uk
|
United Kingdom
|
|
|
|
66.228.55.6
|
marketingandsoftwaretools.com
|
United States
|
|
|
|
74.125.143.189
|
browserchannel-sites.l.google.com
|
United States
|
|
|
|
142.250.203.110
|
plus.l.google.com
|
United States
|
|
|
|
172.217.168.13
|
accounts.google.com
|
United States
|
|
|
|
172.217.168.35
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
172.217.168.78
|
docs.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
|
|
67.199.248.11
|
bit.ly
|
United States
|
|
There are 3 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF5BEB53000
|
unkown image
|
page readonly
|
|
|
|
2235FE80000
|
heap default
|
page read and write
|
|
|
|
27AD1D40000
|
heap default
|
page read and write
|
|
|
|
2388B8D0000
|
unkown image
|
page readonly
|
|
|
|
1CA481D4000
|
unkown
|
page read and write
|
|
|
|
3BE2B7E000
|
stack
|
page read and write
|
|
|
|
245F25D1000
|
unkown
|
page read and write
|
|
|
|
7FF5A44A3000
|
unkown image
|
page readonly
|
|
|
|
1CA47854000
|
unkown
|
page read and write
|
|
|
|
1CA481C3000
|
unkown
|
page read and write
|
|
|
|
7FF55FF3D000
|
unkown image
|
page readonly
|
|
|
|
245F2810000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
7FF5A427D000
|
unkown image
|
page readonly
|
|
|
|
7DF59F980000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4217000
|
unkown image
|
page readonly
|
|
|
|
2276EBC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8157000
|
unkown image
|
page readonly
|
|
|
|
7FF5292B7000
|
unkown image
|
page readonly
|
|
|
|
1CA4819D000
|
unkown
|
page read and write
|
|
|
|
210B08B0000
|
heap private
|
page read and write
|
|
|
|
1CA478E5000
|
unkown
|
page read and write
|
|
|
|
1CA4785C000
|
unkown
|
page read and write
|
|
|
|
1AE90E27000
|
unkown
|
page read and write
|
|
|
|
2BDA3FB000
|
stack
|
page read and write
|
|
|
|
1CA47760000
|
unkown image
|
page readonly
|
|
|
|
7FF54994D000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4213000
|
unkown image
|
page readonly
|
|
|
|
8F784FF000
|
stack
|
page read and write
|
|
|
|
B8B6579000
|
stack
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
2E13FA3D000
|
unkown
|
page read and write
|
|
|
|
210B0A13000
|
unkown
|
page read and write
|
|
|
|
44E177D000
|
stack
|
page read and write
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
1CA48192000
|
unkown
|
page read and write
|
|
|
|
7FF5A3D09000
|
unkown image
|
page readonly
|
|
|
|
8F788FD000
|
stack
|
page read and write
|
|
|
|
20D9F860000
|
unkown image
|
page readonly
|
|
|
|
7DF5CC8B2000
|
unkown image
|
page readonly
|
|
|
|
1CA4818C000
|
unkown
|
page read and write
|
|
|
|
7DF51E8B2000
|
unkown image
|
page readonly
|
|
|
|
1CA4817E000
|
unkown
|
page read and write
|
|
|
|
7FF54992E000
|
unkown image
|
page readonly
|
|
|
|
2276EC63000
|
unkown
|
page read and write
|
|
|
|
2E13F9B0000
|
unkown image
|
page readonly
|
|
|
|
7FF52924F000
|
unkown image
|
page readonly
|
|
|
|
B269E7F000
|
stack
|
page read and write
|
|
|
|
7DF59F990000
|
unkown image
|
page readonly
|
|
|
|
1CA477F0000
|
unkown
|
page read and write
|
|
|
|
7FF560614000
|
unkown image
|
page readonly
|
|
|
|
7FF5497BB000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4031000
|
unkown image
|
page readonly
|
|
|
|
7FF516AB1000
|
unkown image
|
page readonly
|
|
|
|
2BD9F1E000
|
stack
|
page read and write
|
|
|
|
7FF5D7FE1000
|
unkown image
|
page readonly
|
|
|
|
2E13FB02000
|
unkown
|
page read and write
|
|
|
|
1CA4816A000
|
unkown
|
page read and write
|
|
|
|
1CA481A3000
|
unkown
|
page read and write
|
|
|
|
7FF5A4124000
|
unkown image
|
page readonly
|
|
|
|
44E1A7C000
|
stack
|
page read and write
|
|
|
|
8F787FE000
|
stack
|
page read and write
|
|
|
|
7FF5D8183000
|
unkown image
|
page readonly
|
|
|
|
7FF549189000
|
unkown image
|
page readonly
|
|
|
|
7FF56BDA4000
|
unkown image
|
page readonly
|
|
|
|
44E14FE000
|
stack
|
page read and write
|
|
|
|
7DF524712000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3DE1000
|
unkown image
|
page readonly
|
|
|
|
1F618270000
|
unkown image
|
page readonly
|
|
|
|
7DF557650000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F72000
|
unkown image
|
page readonly
|
|
|
|
1F618990000
|
unkown image
|
page readonly
|
|
|
|
2E13FA75000
|
unkown
|
page read and write
|
|
|
|
1CA481B2000
|
unkown
|
page read and write
|
|
|
|
7DF56E372000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE445000
|
unkown image
|
page readonly
|
|
|
|
7FF516AAA000
|
unkown image
|
page readonly
|
|
|
|
2E13FED0000
|
unkown image
|
page readonly
|
|
|
|
1CA48175000
|
unkown
|
page read and write
|
|
|
|
7FF5169DE000
|
unkown image
|
page readonly
|
|
|
|
1CA48173000
|
unkown
|
page read and write
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
7FF591D11000
|
unkown image
|
page readonly
|
|
|
|
7FF591C40000
|
unkown image
|
page readonly
|
|
|
|
210B0A29000
|
unkown
|
page read and write
|
|
|
|
1F618270000
|
unkown image
|
page readonly
|
|
|
|
1F618980000
|
unkown image
|
page readonly
|
|
|
|
7FF549851000
|
unkown image
|
page readonly
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
7FF5A4447000
|
unkown image
|
page readonly
|
|
|
|
1CA48115000
|
unkown
|
page read and write
|
|
|
|
2235FE60000
|
unkown image
|
page readonly
|
|
|
|
B8B6279000
|
stack
|
page read and write
|
|
|
|
7FF5D8209000
|
unkown image
|
page readonly
|
|
|
|
7FF591C29000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42A1000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE912000
|
unkown image
|
page readonly
|
|
|
|
1CA48190000
|
unkown
|
page read and write
|
|
|
|
7FF56BF4B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3D03000
|
unkown image
|
page readonly
|
|
|
|
7DF4B0080000
|
unkown image
|
page readonly
|
|
|
|
1CA477A0000
|
unkown image
|
page readonly
|
|
|
|
1CA481D4000
|
unkown
|
page read and write
|
|
|
|
210B0A51000
|
unkown
|
page read and write
|
|
|
|
2235FE20000
|
heap private
|
page read and write
|
|
|
|
1CA4863C000
|
unkown
|
page read and write
|
|
|
|
1CA4786F000
|
unkown
|
page read and write
|
|
|
|
7FF5498DF000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5EA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8127000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEA57000
|
unkown image
|
page readonly
|
|
|
|
7FF5D822A000
|
unkown image
|
page readonly
|
|
|
|
2276ED13000
|
unkown
|
page read and write
|
|
|
|
1CA4863C000
|
unkown
|
page read and write
|
|
|
|
7FF5A4305000
|
unkown image
|
page readonly
|
|
|
|
7DF524712000
|
unkown image
|
page readonly
|
|
|
|
1CA47630000
|
unkown image
|
page readonly
|
|
|
|
27AD1F00000
|
unkown
|
page read and write
|
|
|
|
7FF5A4222000
|
unkown image
|
page readonly
|
|
|
|
2388B670000
|
unkown
|
page read and write
|
|
|
|
1AE90E5B000
|
unkown
|
page read and write
|
|
|
|
7FF5604AF000
|
unkown image
|
page readonly
|
|
|
|
1CA481D2000
|
unkown
|
page read and write
|
|
|
|
7FF5A3EBB000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F62000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4412000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE793000
|
unkown image
|
page readonly
|
|
|
|
1CA478A0000
|
unkown
|
page read and write
|
|
|
|
7FF5BEB92000
|
unkown image
|
page readonly
|
|
|
|
1CA4818A000
|
unkown
|
page read and write
|
|
|
|
2E13F9D0000
|
heap default
|
page read and write
|
|
|
|
3BE297F000
|
stack
|
page read and write
|
|
|
|
1AE90E58000
|
unkown
|
page read and write
|
|
|
|
1CA48113000
|
unkown
|
page read and write
|
|
|
|
7DF51E8B2000
|
unkown image
|
page readonly
|
|
|
|
7FF5292BA000
|
unkown image
|
page readonly
|
|
|
|
7FF56046F000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF0A000
|
unkown image
|
page readonly
|
|
|
|
7DF524722000
|
unkown image
|
page readonly
|
|
|
|
1AE90E57000
|
unkown
|
page read and write
|
|
|
|
7DF5B21B0000
|
unkown image
|
page readonly
|
|
|
|
27AD1D10000
|
unkown image
|
page readonly
|
|
|
|
1CA47EB0000
|
unkown image
|
page read and write
|
|
|
|
7FF529293000
|
unkown image
|
page readonly
|
|
|
|
7FF56063E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A427A000
|
unkown image
|
page readonly
|
|
|
|
7FF5606FA000
|
unkown image
|
page readonly
|
|
|
|
7FF56BEE3000
|
unkown image
|
page readonly
|
|
|
|
7DF56E380000
|
unkown image
|
page readonly
|
|
|
|
7FF5605F3000
|
unkown image
|
page readonly
|
|
|
|
7DF4AFE30000
|
unkown image
|
page readonly
|
|
|
|
2388B5A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE9F3000
|
unkown image
|
page readonly
|
|
|
|
7FF5605E1000
|
unkown image
|
page readonly
|
|
|
|
7FF560637000
|
unkown image
|
page readonly
|
|
|
|
E9276FF000
|
stack
|
page read and write
|
|
|
|
7FF5BE9C6000
|
unkown image
|
page readonly
|
|
|
|
1CA4818A000
|
unkown
|
page read and write
|
|
|
|
7DF59F990000
|
unkown image
|
page readonly
|
|
|
|
7DF5B21D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A40B7000
|
unkown image
|
page readonly
|
|
|
|
7DF51E8B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B21B2000
|
unkown image
|
page readonly
|
|
|
|
B269AFB000
|
stack
|
page read and write
|
|
|
|
1AE90E3D000
|
unkown
|
page read and write
|
|
|
|
1CA48100000
|
unkown
|
page read and write
|
|
|
|
7FF5D80B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB9E000
|
unkown image
|
page readonly
|
|
|
|
D0A167C000
|
unkown
|
page read and write
|
|
|
|
1F6182C0000
|
heap default
|
page read and write
|
|
|
|
1CA477F0000
|
unkown
|
page read and write
|
|
|
|
2E140050000
|
unkown image
|
page readonly
|
|
|
|
7FF5A442A000
|
unkown image
|
page readonly
|
|
|
|
7DF51E8A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A453A000
|
unkown image
|
page readonly
|
|
|
|
1AE90CD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB2B000
|
unkown image
|
page readonly
|
|
|
|
2276EC13000
|
unkown
|
page read and write
|
|
|
|
1CA48193000
|
unkown
|
page read and write
|
|
|
|
210B08A0000
|
unkown image
|
page read and write
|
|
|
|
210B08F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5499D1000
|
unkown image
|
page readonly
|
|
|
|
7DF557632000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F72000
|
unkown image
|
page readonly
|
|
|
|
7FF591C2D000
|
unkown image
|
page readonly
|
|
|
|
245F23A0000
|
unkown image
|
page read and write
|
|
|
|
7FF549756000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE405000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4463000
|
unkown image
|
page readonly
|
|
|
|
7FF510B4D000
|
unkown image
|
page readonly
|
|
|
|
20D9F180000
|
heap private
|
page read and write
|
|
|
|
7FF5290C6000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE06F000
|
unkown image
|
page readonly
|
|
|
|
1CA4818F000
|
unkown
|
page read and write
|
|
|
|
1AE90E61000
|
unkown
|
page read and write
|
|
|
|
7DF5CC8A0000
|
unkown image
|
page readonly
|
|
|
|
7DF579C70000
|
unkown image
|
page readonly
|
|
|
|
27AD1E49000
|
unkown
|
page read and write
|
|
|
|
7FF591D04000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
D0A19FF000
|
stack
|
page read and write
|
|
|
|
1F618260000
|
heap private
|
page read and write
|
|
|
|
210B0B13000
|
unkown
|
page read and write
|
|
|
|
1CA4818A000
|
unkown
|
page read and write
|
|
|
|
7FF5A435F000
|
unkown image
|
page readonly
|
|
|
|
2388BE02000
|
unkown
|
page read and write
|
|
|
|
7DF536FA2000
|
unkown image
|
page readonly
|
|
|
|
1AE90CE0000
|
unkown image
|
page readonly
|
|
|
|
B26987E000
|
stack
|
page read and write
|
|
|
|
7FF5498E3000
|
unkown image
|
page readonly
|
|
|
|
7DF5CC8C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE3E7000
|
unkown image
|
page readonly
|
|
|
|
7FF560595000
|
unkown image
|
page readonly
|
|
|
|
7FF510BBA000
|
unkown image
|
page readonly
|
|
|
|
1CA477F0000
|
unkown
|
page read and write
|
|
|
|
7FF5BE9FC000
|
unkown image
|
page readonly
|
|
|
|
2236003C000
|
unkown
|
page read and write
|
|
|
|
27AD1E59000
|
unkown
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
1CA47888000
|
unkown
|
page read and write
|
|
|
|
7FF5A4320000
|
unkown image
|
page readonly
|
|
|
|
1CA481A1000
|
unkown
|
page read and write
|
|
|
|
210B1070000
|
unkown
|
page read and write
|
|
|
|
1CA478A7000
|
unkown
|
page read and write
|
|
|
|
7FF5BEBBA000
|
unkown image
|
page readonly
|
|
|
|
8F786FC000
|
stack
|
page read and write
|
|
|
|
7FF56BF20000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC41000
|
unkown image
|
page readonly
|
|
|
|
2388B570000
|
unkown image
|
page readonly
|
|
|
|
1CA4818C000
|
unkown
|
page read and write
|
|
|
|
7FF510B93000
|
unkown image
|
page readonly
|
|
|
|
7FF56BDC1000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC31000
|
unkown image
|
page readonly
|
|
|
|
245F25ED000
|
unkown
|
page read and write
|
|
|
|
7FF5A4534000
|
unkown image
|
page readonly
|
|
|
|
7FF56BFEA000
|
unkown image
|
page readonly
|
|
|
|
27AD1E8A000
|
unkown
|
page read and write
|
|
|
|
2276ED02000
|
unkown
|
page read and write
|
|
|
|
7FF5A40C6000
|
unkown image
|
page readonly
|
|
|
|
2E13FA5B000
|
unkown
|
page read and write
|
|
|
|
1F618502000
|
unkown
|
page read and write
|
|
|
|
1F618290000
|
unkown image
|
page readonly
|
|
|
|
1CA48173000
|
unkown
|
page read and write
|
|
|
|
2E13FCD0000
|
unkown image
|
page readonly
|
|
|
|
7FF591BCF000
|
unkown image
|
page readonly
|
|
|
|
7FF549825000
|
unkown image
|
page readonly
|
|
|
|
1CA481A1000
|
unkown
|
page read and write
|
|
|
|
7FF5BEC41000
|
unkown image
|
page readonly
|
|
|
|
2388BC50000
|
unkown image
|
page readonly
|
|
|
|
1CA48192000
|
unkown
|
page read and write
|
|
|
|
7FF5A4477000
|
unkown image
|
page readonly
|
|
|
|
7FF5499A2000
|
unkown image
|
page readonly
|
|
|
|
7FF549781000
|
unkown image
|
page readonly
|
|
|
|
2388B590000
|
heap default
|
page read and write
|
|
|
|
7FF56BED1000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC2A000
|
unkown image
|
page readonly
|
|
|
|
7DF56E382000
|
unkown image
|
page readonly
|
|
|
|
7DF579C72000
|
unkown image
|
page readonly
|
|
|
|
7DF56E390000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE8E4000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3F85000
|
unkown image
|
page readonly
|
|
|
|
7DF5B21C0000
|
unkown image
|
page readonly
|
|
|
|
7FF549947000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5EB0000
|
unkown image
|
page readonly
|
|
|
|
D0A1EFF000
|
stack
|
page read and write
|
|
|
|
27AD1E59000
|
unkown
|
page read and write
|
|
|
|
1CA4819F000
|
unkown
|
page read and write
|
|
|
|
2E13F970000
|
heap private
|
page read and write
|
|
|
|
1CA48198000
|
unkown
|
page read and write
|
|
|
|
7FF5A425B000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8139000
|
unkown image
|
page readonly
|
|
|
|
1CA47857000
|
unkown
|
page read and write
|
|
|
|
E9279FE000
|
stack
|
page read and write
|
|
|
|
7FF510B4F000
|
unkown image
|
page readonly
|
|
|
|
7FF5D80B5000
|
unkown image
|
page readonly
|
|
|
|
1CA4810C000
|
unkown
|
page read and write
|
|
|
|
7FF5A4155000
|
unkown image
|
page readonly
|
|
|
|
7FF510B8B000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB4F000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8231000
|
unkown image
|
page readonly
|
|
|
|
1CA4817F000
|
unkown
|
page read and write
|
|
|
|
1AE90E3C000
|
unkown
|
page read and write
|
|
|
|
245F2520000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4227000
|
unkown image
|
page readonly
|
|
|
|
1AE90E3A000
|
unkown
|
page read and write
|
|
|
|
2276F0E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A422E000
|
unkown image
|
page readonly
|
|
|
|
7FF591A16000
|
unkown image
|
page readonly
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
7FF5169BD000
|
unkown image
|
page readonly
|
|
|
|
B02FAFF000
|
stack
|
page read and write
|
|
|
|
1CA4816A000
|
unkown
|
page read and write
|
|
|
|
7FF56BEEE000
|
unkown image
|
page readonly
|
|
|
|
245F2800000
|
heap private
|
page read and write
|
|
|
|
7FF510B77000
|
unkown image
|
page readonly
|
|
|
|
27AD38F0000
|
unkown
|
page read and write
|
|
|
|
7FF5D809C000
|
unkown image
|
page readonly
|
|
|
|
7FF516A2D000
|
unkown image
|
page readonly
|
|
|
|
1CA48182000
|
unkown
|
page read and write
|
|
|
|
7DF524730000
|
unkown image
|
page readonly
|
|
|
|
1CA48193000
|
unkown
|
page read and write
|
|
|
|
20D9F6D0000
|
unkown image
|
page readonly
|
|
|
|
1F618C02000
|
unkown
|
page read and write
|
|
|
|
7FF5A4037000
|
unkown image
|
page readonly
|
|
|
|
7FF591CF9000
|
unkown image
|
page readonly
|
|
|
|
1F61843C000
|
unkown
|
page read and write
|
|
|
|
27AD1D90000
|
unkown
|
page read and write
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
27AD1E58000
|
unkown
|
page read and write
|
|
|
|
2388B644000
|
unkown
|
page read and write
|
|
|
|
7DF5E5E92000
|
unkown image
|
page readonly
|
|
|
|
7FF56BFD9000
|
unkown image
|
page readonly
|
|
|
|
B8B647E000
|
stack
|
page read and write
|
|
|
|
1CA47C00000
|
unkown image
|
page readonly
|
|
|
|
7FF59154D000
|
unkown image
|
page readonly
|
|
|
|
2235FF60000
|
unkown image
|
page readonly
|
|
|
|
1CA4787F000
|
unkown
|
page read and write
|
|
|
|
7FF56BDEB000
|
unkown image
|
page readonly
|
|
|
|
1CA4869D000
|
unkown
|
page read and write
|
|
|
|
7FF52926E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A449B000
|
unkown image
|
page readonly
|
|
|
|
7DF579C60000
|
unkown image
|
page readonly
|
|
|
|
20D9F1B0000
|
unkown image
|
page readonly
|
|
|
|
22360013000
|
unkown
|
page read and write
|
|
|
|
1AE91000000
|
unkown image
|
page readonly
|
|
|
|
B02F75A000
|
unkown
|
page read and write
|
|
|
|
7C9567F000
|
stack
|
page read and write
|
|
|
|
245F25F8000
|
unkown
|
page read and write
|
|
|
|
7FF5494B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5A40EB000
|
unkown image
|
page readonly
|
|
|
|
22360400000
|
unkown image
|
page readonly
|
|
|
|
7FF5A416C000
|
unkown image
|
page readonly
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
7DF557642000
|
unkown image
|
page readonly
|
|
|
|
2E13F960000
|
unkown image
|
page read and write
|
|
|
|
7FF5D818E000
|
unkown image
|
page readonly
|
|
|
|
27AD22D0000
|
unkown image
|
page readonly
|
|
|
|
1AE90CB0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D7D11000
|
unkown image
|
page readonly
|
|
|
|
27AD1E49000
|
unkown
|
page read and write
|
|
|
|
7FF5BEB60000
|
unkown image
|
page readonly
|
|
|
|
22360100000
|
unkown
|
page read and write
|
|
|
|
7FF5169C3000
|
unkown image
|
page readonly
|
|
|
|
7FF5498DD000
|
unkown image
|
page readonly
|
|
|
|
7FF5162F2000
|
unkown image
|
page readonly
|
|
|
|
7DF524730000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC3A000
|
unkown image
|
page readonly
|
|
|
|
27AD1CD0000
|
unkown image
|
page read and write
|
|
|
|
1F618250000
|
unkown image
|
page read and write
|
|
|
|
1CA47908000
|
unkown
|
page read and write
|
|
|
|
7DF49D850000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42F1000
|
unkown image
|
page readonly
|
|
|
|
7FF5A425E000
|
unkown image
|
page readonly
|
|
|
|
27AD1F13000
|
unkown
|
page read and write
|
|
|
|
7FF54983C000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE80C000
|
unkown image
|
page readonly
|
|
|
|
7FF5A445D000
|
unkown image
|
page readonly
|
|
|
|
7DF579C70000
|
unkown image
|
page readonly
|
|
|
|
7FF591C47000
|
unkown image
|
page readonly
|
|
|
|
2388B688000
|
unkown
|
page read and write
|
|
|
|
210B0F80000
|
unkown image
|
page readonly
|
|
|
|
7FF591A6E000
|
unkown image
|
page readonly
|
|
|
|
7FF5499A9000
|
unkown image
|
page readonly
|
|
|
|
1AE90E7A000
|
unkown
|
page read and write
|
|
|
|
7FF529331000
|
unkown image
|
page readonly
|
|
|
|
7FF516AA1000
|
unkown image
|
page readonly
|
|
|
|
7FF5499C1000
|
unkown image
|
page readonly
|
|
|
|
1CA478C7000
|
unkown
|
page read and write
|
|
|
|
7FF5A3D8E000
|
unkown image
|
page readonly
|
|
|
|
7DF51E8A0000
|
unkown image
|
page readonly
|
|
|
|
1AE90E69000
|
unkown
|
page read and write
|
|
|
|
1CA4816A000
|
unkown
|
page read and write
|
|
|
|
7DF59F982000
|
unkown image
|
page readonly
|
|
|
|
7FF529263000
|
unkown image
|
page readonly
|
|
|
|
7FF529253000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4296000
|
unkown image
|
page readonly
|
|
|
|
7FF529341000
|
unkown image
|
page readonly
|
|
|
|
D0A1C7D000
|
stack
|
page read and write
|
|
|
|
1CA47680000
|
heap default
|
page read and write
|
|
|
|
7C9547E000
|
stack
|
page read and write
|
|
|
|
1AE90E7E000
|
unkown
|
page read and write
|
|
|
|
7FF560496000
|
unkown image
|
page readonly
|
|
|
|
1CA4817D000
|
unkown
|
page read and write
|
|
|
|
7FF5A44CD000
|
unkown image
|
page readonly
|
|
|
|
2276ED08000
|
unkown
|
page read and write
|
|
|
|
FE2D077000
|
stack
|
page read and write
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
7FF52929E000
|
unkown image
|
page readonly
|
|
|
|
2388BAD0000
|
unkown image
|
page readonly
|
|
|
|
7DF557630000
|
unkown image
|
page readonly
|
|
|
|
7FF5A443E000
|
unkown image
|
page readonly
|
|
|
|
B8B617E000
|
stack
|
page read and write
|
|
|
|
27AD1E3F000
|
unkown
|
page read and write
|
|
|
|
7DF524710000
|
unkown image
|
page readonly
|
|
|
|
7DFFB7D46000
|
unkown image
|
page readonly
|
|
|
|
FE2CC7E000
|
stack
|
page read and write
|
|
|
|
2388B520000
|
unkown image
|
page read and write
|
|
|
|
210B0A4F000
|
unkown
|
page read and write
|
|
|
|
2E13FA02000
|
unkown
|
page read and write
|
|
|
|
44E167E000
|
stack
|
page read and write
|
|
|
|
7DF524710000
|
unkown image
|
page readonly
|
|
|
|
210B0E00000
|
unkown image
|
page readonly
|
|
|
|
1CA4816B000
|
unkown
|
page read and write
|
|
|
|
2388B629000
|
unkown
|
page read and write
|
|
|
|
210B0A02000
|
unkown
|
page read and write
|
|
|
|
7FF56BF5E000
|
unkown image
|
page readonly
|
|
|
|
2276F350000
|
unkown
|
page read and write
|
|
|
|
7FF5A424B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A454A000
|
unkown image
|
page readonly
|
|
|
|
B02FA7E000
|
stack
|
page read and write
|
|
|
|
7FF5A3EB7000
|
unkown image
|
page readonly
|
|
|
|
7FF560630000
|
unkown image
|
page readonly
|
|
|
|
1CA47E60000
|
unkown image
|
page write copy
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
7FF510C31000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F62000
|
unkown image
|
page readonly
|
|
|
|
7FF52932A000
|
unkown image
|
page readonly
|
|
|
|
7FF5A41F7000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC24000
|
unkown image
|
page readonly
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
2E140060000
|
unkown image
|
page readonly
|
|
|
|
7FF560687000
|
unkown image
|
page readonly
|
|
|
|
7C94FFE000
|
stack
|
page read and write
|
|
|
|
7DF4225E0000
|
unkown image
|
page readonly
|
|
|
|
27AD1DC0000
|
unkown
|
page read and write
|
|
|
|
7FF5D79D7000
|
unkown image
|
page readonly
|
|
|
|
7DF5CC8B2000
|
unkown image
|
page readonly
|
|
|
|
1CA47780000
|
unkown
|
page read and write
|
|
|
|
20D9F279000
|
unkown
|
page read and write
|
|
|
|
7FF5D8150000
|
unkown image
|
page readonly
|
|
|
|
7FF591889000
|
unkown image
|
page readonly
|
|
|
|
2388B713000
|
unkown
|
page read and write
|
|
|
|
20D9F300000
|
unkown
|
page read and write
|
|
|
|
7FF591BD1000
|
unkown image
|
page readonly
|
|
|
|
1CA48190000
|
unkown
|
page read and write
|
|
|
|
7FF5D801B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4470000
|
unkown image
|
page readonly
|
|
|
|
7FF591BBE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4127000
|
unkown image
|
page readonly
|
|
|
|
245F25E7000
|
unkown
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
1AE90C90000
|
unkown image
|
page read and write
|
|
|
|
7DF56E382000
|
unkown image
|
page readonly
|
|
|
|
7DF536FA0000
|
unkown image
|
page readonly
|
|
|
|
7FF56070E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4253000
|
unkown image
|
page readonly
|
|
|
|
1CA481B2000
|
unkown
|
page read and write
|
|
|
|
7FF5D8231000
|
unkown image
|
page readonly
|
|
|
|
2276EC4D000
|
unkown
|
page read and write
|
|
|
|
7FF5D8153000
|
unkown image
|
page readonly
|
|
|
|
27AD1E2A000
|
unkown
|
page read and write
|
|
|
|
7FF528B56000
|
unkown image
|
page readonly
|
|
|
|
7FF5603E2000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF53000
|
unkown image
|
page readonly
|
|
|
|
1AE90E6B000
|
unkown
|
page read and write
|
|
|
|
7FF591D21000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB49000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8143000
|
unkown image
|
page readonly
|
|
|
|
27AD3930000
|
unkown image
|
page write copy
|
|
|
|
7DF536FB0000
|
unkown image
|
page readonly
|
|
|
|
7FF510B67000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F80000
|
unkown image
|
page readonly
|
|
|
|
27AD1F02000
|
unkown
|
page read and write
|
|
|
|
7DF5CC8A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE839000
|
unkown image
|
page readonly
|
|
|
|
7FF5D81A7000
|
unkown image
|
page readonly
|
|
|
|
1AE90E55000
|
unkown
|
page read and write
|
|
|
|
2BD9F9E000
|
stack
|
page read and write
|
|
|
|
1CA48113000
|
unkown
|
page read and write
|
|
|
|
1AE90E42000
|
unkown
|
page read and write
|
|
|
|
1CA481D2000
|
unkown
|
page read and write
|
|
|
|
7FF560647000
|
unkown image
|
page readonly
|
|
|
|
1F61845C000
|
unkown
|
page read and write
|
|
|
|
7FF5A43D1000
|
unkown image
|
page readonly
|
|
|
|
1CA4819F000
|
unkown
|
page read and write
|
|
|
|
1CA47610000
|
unkown image
|
page read and write
|
|
|
|
7FF52928B000
|
unkown image
|
page readonly
|
|
|
|
7FF591887000
|
unkown image
|
page readonly
|
|
|
|
7FF55FF11000
|
unkown image
|
page readonly
|
|
|
|
1CA478E1000
|
unkown
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
7FF549655000
|
unkown image
|
page readonly
|
|
|
|
245F2B90000
|
unkown image
|
page readonly
|
|
|
|
2388B530000
|
heap private
|
page read and write
|
|
|
|
7FF5A43AB000
|
unkown image
|
page readonly
|
|
|
|
27AD1F18000
|
unkown
|
page read and write
|
|
|
|
22360102000
|
unkown
|
page read and write
|
|
|
|
7FF5BE9DF000
|
unkown image
|
page readonly
|
|
|
|
7FF5D7D17000
|
unkown image
|
page readonly
|
|
|
|
2276EC63000
|
unkown
|
page read and write
|
|
|
|
7FF56008C000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF13000
|
unkown image
|
page readonly
|
|
|
|
2235FE30000
|
unkown image
|
page readonly
|
|
|
|
7FF5499B4000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5EA2000
|
unkown image
|
page readonly
|
|
|
|
7DF5CC8A0000
|
unkown image
|
page readonly
|
|
|
|
1CA481A2000
|
unkown
|
page read and write
|
|
|
|
7FF56BD9F000
|
unkown image
|
page readonly
|
|
|
|
2BDA4F7000
|
stack
|
page read and write
|
|
|
|
7C94F7B000
|
unkown
|
page read and write
|
|
|
|
1CA48191000
|
unkown
|
page read and write
|
|
|
|
8F783FF000
|
stack
|
page read and write
|
|
|
|
7FF5A42FA000
|
unkown image
|
page readonly
|
|
|
|
7DF5B21C0000
|
unkown image
|
page readonly
|
|
|
|
2235FE30000
|
unkown image
|
page readonly
|
|
|
|
2E13F980000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC19000
|
unkown image
|
page readonly
|
|
|
|
1CA47800000
|
unkown
|
page read and write
|
|
|
|
7DF5B21B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5913EF000
|
unkown image
|
page readonly
|
|
|
|
7FF5603F4000
|
unkown image
|
page readonly
|
|
|
|
210B0A83000
|
unkown
|
page read and write
|
|
|
|
D0A187C000
|
stack
|
page read and write
|
|
|
|
7FF5BEABC000
|
unkown image
|
page readonly
|
|
|
|
E9270FB000
|
stack
|
page read and write
|
|
|
|
245F25ED000
|
unkown
|
page read and write
|
|
|
|
210B0910000
|
heap default
|
page read and write
|
|
|
|
1CA4816F000
|
unkown
|
page read and write
|
|
|
|
7FF56BE7C000
|
unkown image
|
page readonly
|
|
|
|
7FF529260000
|
unkown image
|
page readonly
|
|
|
|
1CA47916000
|
unkown
|
page read and write
|
|
|
|
7FF54920E000
|
unkown image
|
page readonly
|
|
|
|
2388B560000
|
unkown image
|
page readonly
|
|
|
|
27AD1E48000
|
unkown
|
page read and write
|
|
|
|
7DF59F9A0000
|
unkown image
|
page readonly
|
|
|
|
7FF51006F000
|
unkown image
|
page readonly
|
|
|
|
1CA481B4000
|
unkown
|
page read and write
|
|
|
|
1CA47913000
|
unkown
|
page read and write
|
|
|
|
27AD2450000
|
unkown image
|
page readonly
|
|
|
|
7FF549855000
|
unkown image
|
page readonly
|
|
|
|
8F785FC000
|
stack
|
page read and write
|
|
|
|
7DF557630000
|
unkown image
|
page readonly
|
|
|
|
2E13FA59000
|
unkown
|
page read and write
|
|
|
|
7FF5BEB6E000
|
unkown image
|
page readonly
|
|
|
|
7FF591C33000
|
unkown image
|
page readonly
|
|
|
|
7FF5499CA000
|
unkown image
|
page readonly
|
|
|
|
2E13F9E0000
|
unkown image
|
page readonly
|
|
|
|
1AE90CB0000
|
unkown image
|
page readonly
|
|
|
|
7FF529335000
|
unkown image
|
page readonly
|
|
|
|
7FF510464000
|
unkown image
|
page readonly
|
|
|
|
1CA481C3000
|
unkown
|
page read and write
|
|
|
|
44E127B000
|
unkown
|
page read and write
|
|
|
|
7DF59F992000
|
unkown image
|
page readonly
|
|
|
|
7DF579C62000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8085000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8000000
|
unkown image
|
page readonly
|
|
|
|
1CA48165000
|
unkown
|
page read and write
|
|
|
|
7DF4E3D60000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5E90000
|
unkown image
|
page readonly
|
|
|
|
1AE91460000
|
unkown
|
page read and write
|
|
|
|
7FF560259000
|
unkown image
|
page readonly
|
|
|
|
7FF5D813D000
|
unkown image
|
page readonly
|
|
|
|
FE2D27F000
|
stack
|
page read and write
|
|
|
|
1CA48600000
|
unkown
|
page read and write
|
|
|
|
FE2CF7B000
|
stack
|
page read and write
|
|
|
|
1AE90E29000
|
unkown
|
page read and write
|
|
|
|
1AE90CA0000
|
heap private
|
page read and write
|
|
|
|
2236006B000
|
unkown
|
page read and write
|
|
|
|
7FF52933A000
|
unkown image
|
page readonly
|
|
|
|
1CA4817A000
|
unkown
|
page read and write
|
|
|
|
210B0A3C000
|
unkown
|
page read and write
|
|
|
|
1AE90E5C000
|
unkown
|
page read and write
|
|
|
|
245F23C0000
|
unkown image
|
page readonly
|
|
|
|
7FF516A0E000
|
unkown image
|
page readonly
|
|
|
|
7FF5499D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5606F4000
|
unkown image
|
page readonly
|
|
|
|
7FF56BCF6000
|
unkown image
|
page readonly
|
|
|
|
245F25F7000
|
unkown
|
page read and write
|
|
|
|
1CA481A4000
|
unkown
|
page read and write
|
|
|
|
2388BC60000
|
unkown image
|
page readonly
|
|
|
|
7FF591C9A000
|
unkown image
|
page readonly
|
|
|
|
7FF560527000
|
unkown image
|
page readonly
|
|
|
|
1AE90E84000
|
unkown
|
page read and write
|
|
|
|
7FF510B37000
|
unkown image
|
page readonly
|
|
|
|
1AE90E7B000
|
unkown
|
page read and write
|
|
|
|
D0A1DFD000
|
stack
|
page read and write
|
|
|
|
27AD3870000
|
unkown
|
page read and write
|
|
|
|
1CA4819B000
|
unkown
|
page read and write
|
|
|
|
D0A1B7C000
|
stack
|
page read and write
|
|
|
|
7FF5A40B9000
|
unkown image
|
page readonly
|
|
|
|
7FF5603E5000
|
unkown image
|
page readonly
|
|
|
|
1CA48192000
|
unkown
|
page read and write
|
|
|
|
1CA481AD000
|
unkown
|
page read and write
|
|
|
|
7FF5A4220000
|
unkown image
|
page readonly
|
|
|
|
1AE90E5A000
|
unkown
|
page read and write
|
|
|
|
7DF536FB2000
|
unkown image
|
page readonly
|
|
|
|
7FF510BB7000
|
unkown image
|
page readonly
|
|
|
|
7DF557632000
|
unkown image
|
page readonly
|
|
|
|
E9275FE000
|
stack
|
page read and write
|
|
|
|
22360108000
|
unkown
|
page read and write
|
|
|
|
7DF579C62000
|
unkown image
|
page readonly
|
|
|
|
27AD1E02000
|
unkown
|
page read and write
|
|
|
|
7FF5A43BC000
|
unkown image
|
page readonly
|
|
|
|
7FF5169BF000
|
unkown image
|
page readonly
|
|
|
|
2E13FA6F000
|
unkown
|
page read and write
|
|
|
|
7FF5A3ECC000
|
unkown image
|
page readonly
|
|
|
|
7DF536FC0000
|
unkown image
|
page readonly
|
|
|
|
210B1202000
|
unkown
|
page read and write
|
|
|
|
7DF524720000
|
unkown image
|
page readonly
|
|
|
|
B02F7DF000
|
stack
|
page read and write
|
|
|
|
7DF579C80000
|
unkown image
|
page readonly
|
|
|
|
1F618429000
|
unkown
|
page read and write
|
|
|
|
2388B702000
|
unkown
|
page read and write
|
|
|
|
7FF5A4209000
|
unkown image
|
page readonly
|
|
|
|
1AE90E56000
|
unkown
|
page read and write
|
|
|
|
7FF591C72000
|
unkown image
|
page readonly
|
|
|
|
7FF5D7FB6000
|
unkown image
|
page readonly
|
|
|
|
2276EC00000
|
unkown
|
page read and write
|
|
|
|
2276EC3C000
|
unkown
|
page read and write
|
|
|
|
1AE90E77000
|
unkown
|
page read and write
|
|
|
|
7FF591AC4000
|
unkown image
|
page readonly
|
|
|
|
1CA4818A000
|
unkown
|
page read and write
|
|
|
|
7DF5B21B2000
|
unkown image
|
page readonly
|
|
|
|
1CA47620000
|
heap private
|
page read and write
|
|
|
|
1CA48190000
|
unkown
|
page read and write
|
|
|
|
7FF5A4541000
|
unkown image
|
page readonly
|
|
|
|
7DF579C72000
|
unkown image
|
page readonly
|
|
|
|
B8B6678000
|
stack
|
page read and write
|
|
|
|
1F6183F0000
|
unkown
|
page read and write
|
|
|
|
2276EB80000
|
unkown image
|
page read and write
|
|
|
|
1CA481AC000
|
unkown
|
page read and write
|
|
|
|
7DF51E8C0000
|
unkown image
|
page readonly
|
|
|
|
7FF591D1A000
|
unkown image
|
page readonly
|
|
|
|
2276EC50000
|
unkown
|
page read and write
|
|
|
|
7DF56E380000
|
unkown image
|
page readonly
|
|
|
|
245F25D6000
|
heap default
|
page read and write
|
|
|
|
1CA48198000
|
unkown
|
page read and write
|
|
|
|
B2698FE000
|
stack
|
page read and write
|
|
|
|
2388B6CA000
|
unkown
|
page read and write
|
|
|
|
7C9557F000
|
stack
|
page read and write
|
|
|
|
7FF591C4E000
|
unkown image
|
page readonly
|
|
|
|
7C9527E000
|
stack
|
page read and write
|
|
|
|
20D9F213000
|
unkown
|
page read and write
|
|
|
|
7FF5606E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42EA000
|
unkown image
|
page readonly
|
|
|
|
7FF56B435000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42B5000
|
unkown image
|
page readonly
|
|
|
|
FE2D17F000
|
stack
|
page read and write
|
|
|
|
7FF5BE3E4000
|
unkown image
|
page readonly
|
|
|
|
2276EC88000
|
unkown
|
page read and write
|
|
|
|
2388B6B9000
|
unkown
|
page read and write
|
|
|
|
210B0A8D000
|
unkown
|
page read and write
|
|
|
|
7DF59F992000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4551000
|
unkown image
|
page readonly
|
|
|
|
27AD1D50000
|
unkown image
|
page readonly
|
|
|
|
1CA47650000
|
unkown image
|
page readonly
|
|
|
|
245F2805000
|
heap private
|
page read and write
|
|
|
|
2276F402000
|
unkown
|
page read and write
|
|
|
|
7FF56BD5F000
|
unkown image
|
page readonly
|
|
|
|
7DF557650000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE9BB000
|
unkown image
|
page readonly
|
|
|
|
1CA4785B000
|
unkown
|
page read and write
|
|
|
|
7DF56E390000
|
unkown image
|
page readonly
|
|
|
|
7FF56065B000
|
unkown image
|
page readonly
|
|
|
|
2276EC7C000
|
unkown
|
page read and write
|
|
|
|
7FF56BF23000
|
unkown image
|
page readonly
|
|
|
|
1CA48193000
|
unkown
|
page read and write
|
|
|
|
7FF5108C5000
|
unkown image
|
page readonly
|
|
|
|
FE2CCFE000
|
stack
|
page read and write
|
|
|
|
7FF5BEB8B000
|
unkown image
|
page readonly
|
|
|
|
7DF56E370000
|
unkown image
|
page readonly
|
|
|
|
27AD1CF0000
|
unkown image
|
page readonly
|
|
|
|
245F23C0000
|
unkown image
|
page readonly
|
|
|
|
7FF549183000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4473000
|
unkown image
|
page readonly
|
|
|
|
1CA481C3000
|
unkown
|
page read and write
|
|
|
|
20D9F228000
|
unkown
|
page read and write
|
|
|
|
7FF56C000000
|
unkown image
|
page readonly
|
|
|
|
2E13FB13000
|
unkown
|
page read and write
|
|
|
|
7FF5498C7000
|
unkown image
|
page readonly
|
|
|
|
1CA4817A000
|
unkown
|
page read and write
|
|
|
|
7DF5E5EA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5169C6000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE071000
|
unkown image
|
page readonly
|
|
|
|
7FF56031D000
|
unkown image
|
page readonly
|
|
|
|
2E13FA29000
|
unkown
|
page read and write
|
|
|
|
7FF5A42D2000
|
unkown image
|
page readonly
|
|
|
|
20D9F1E0000
|
heap default
|
page read and write
|
|
|
|
7FF54991B000
|
unkown image
|
page readonly
|
|
|
|
1CA47855000
|
unkown
|
page read and write
|
|
|
|
2E13FA13000
|
unkown
|
page read and write
|
|
|
|
245F2A10000
|
unkown image
|
page readonly
|
|
|
|
7FF510C41000
|
unkown image
|
page readonly
|
|
|
|
7FF56068A000
|
unkown image
|
page readonly
|
|
|
|
1AE90E5F000
|
unkown
|
page read and write
|
|
|
|
7DF5B1F60000
|
unkown image
|
page readonly
|
|
|
|
7DF536FA0000
|
unkown image
|
page readonly
|
|
|
|
7FF52920E000
|
unkown image
|
page readonly
|
|
|
|
B8B5C7C000
|
unkown
|
page read and write
|
|
|
|
E9272FD000
|
stack
|
page read and write
|
|
|
|
1CA47902000
|
unkown
|
page read and write
|
|
|
|
1CA47853000
|
unkown
|
page read and write
|
|
|
|
7FF54982B000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE07C000
|
unkown image
|
page readonly
|
|
|
|
1CA48193000
|
unkown
|
page read and write
|
|
|
|
7FF5A4309000
|
unkown image
|
page readonly
|
|
|
|
7DF51E8C0000
|
unkown image
|
page readonly
|
|
|
|
210B0C00000
|
unkown image
|
page readonly
|
|
|
|
D0A20FF000
|
stack
|
page read and write
|
|
|
|
1F618413000
|
unkown
|
page read and write
|
|
|
|
7FF5D79F5000
|
unkown image
|
page readonly
|
|
|
|
7FF591C6B000
|
unkown image
|
page readonly
|
|
|
|
1CA481BD000
|
unkown
|
page read and write
|
|
|
|
7FF591C9D000
|
unkown image
|
page readonly
|
|
|
|
1CA48002000
|
unkown
|
page read and write
|
|
|
|
1CA481B4000
|
unkown
|
page read and write
|
|
|
|
1CA48191000
|
unkown
|
page read and write
|
|
|
|
D0A1FFC000
|
stack
|
page read and write
|
|
|
|
2E13F980000
|
unkown image
|
page readonly
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
7FF56BF37000
|
unkown image
|
page readonly
|
|
|
|
20D9F1F0000
|
unkown image
|
page readonly
|
|
|
|
B8B62FE000
|
stack
|
page read and write
|
|
|
|
1CA48193000
|
unkown
|
page read and write
|
|
|
|
1F618A60000
|
unkown
|
page read and write
|
|
|
|
7FF55FB4D000
|
unkown image
|
page readonly
|
|
|
|
20D9F940000
|
unkown
|
page read and write
|
|
|
|
7FF5498F0000
|
unkown image
|
page readonly
|
|
|
|
7FF510C3A000
|
unkown image
|
page readonly
|
|
|
|
1CA4866A000
|
unkown
|
page read and write
|
|
|
|
7FF5606E9000
|
unkown image
|
page readonly
|
|
|
|
7DF51E8B0000
|
unkown image
|
page readonly
|
|
|
|
1AE90E4D000
|
unkown
|
page read and write
|
|
|
|
1CA48179000
|
unkown
|
page read and write
|
|
|
|
1CA478E8000
|
unkown
|
page read and write
|
|
|
|
7FF5499BA000
|
unkown image
|
page readonly
|
|
|
|
2E13F9A0000
|
unkown image
|
page readonly
|
|
|
|
1CA481A0000
|
unkown
|
page read and write
|
|
|
|
7FF5A3AB3000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42AF000
|
unkown image
|
page readonly
|
|
|
|
1AE90DE0000
|
unkown image
|
page readonly
|
|
|
|
E9277FE000
|
stack
|
page read and write
|
|
|
|
7FF5BEA2B000
|
unkown image
|
page readonly
|
|
|
|
7DF536FB0000
|
unkown image
|
page readonly
|
|
|
|
210B09F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5292BD000
|
unkown image
|
page readonly
|
|
|
|
1CA478D4000
|
unkown
|
page read and write
|
|
|
|
7FF5BEBB7000
|
unkown image
|
page readonly
|
|
|
|
7FF516A2A000
|
unkown image
|
page readonly
|
|
|
|
7DF434E70000
|
unkown image
|
page readonly
|
|
|
|
7FF5498FE000
|
unkown image
|
page readonly
|
|
|
|
7FF56BCD2000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F80000
|
unkown image
|
page readonly
|
|
|
|
7FF510C2A000
|
unkown image
|
page readonly
|
|
|
|
7FF5A3DE7000
|
unkown image
|
page readonly
|
|
|
|
7FF5A445F000
|
unkown image
|
page readonly
|
|
|
|
2388B5C0000
|
unkown
|
page read and write
|
|
|
|
1AE90D00000
|
heap default
|
page read and write
|
|
|
|
27AD1E66000
|
unkown
|
page read and write
|
|
|
|
7FF560662000
|
unkown image
|
page readonly
|
|
|
|
2236004F000
|
unkown
|
page read and write
|
|
|
|
20D9F4D0000
|
unkown image
|
page readonly
|
|
|
|
1CA4819F000
|
unkown
|
page read and write
|
|
|
|
7FF5A44CA000
|
unkown image
|
page readonly
|
|
|
|
2235FE10000
|
unkown image
|
page read and write
|
|
|
|
1CA48614000
|
unkown
|
page read and write
|
|
|
|
7FF5D81AD000
|
unkown image
|
page readonly
|
|
|
|
2E140202000
|
unkown
|
page read and write
|
|
|
|
7FF5498F7000
|
unkown image
|
page readonly
|
|
|
|
1CA481A3000
|
unkown
|
page read and write
|
|
|
|
1CA4819F000
|
unkown
|
page read and write
|
|
|
|
7FF529202000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
1CA4819D000
|
unkown
|
page read and write
|
|
|
|
7DF56E370000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE441000
|
unkown image
|
page readonly
|
|
|
|
7FF516A03000
|
unkown image
|
page readonly
|
|
|
|
FE2CDFB000
|
stack
|
page read and write
|
|
|
|
FE2C9DB000
|
unkown
|
page read and write
|
|
|
|
1CA4814A000
|
unkown
|
page read and write
|
|
|
|
245F25E6000
|
unkown
|
page read and write
|
|
|
|
7FF56BF27000
|
unkown image
|
page readonly
|
|
|
|
1CA481B0000
|
unkown
|
page read and write
|
|
|
|
1CA481B1000
|
unkown
|
page read and write
|
|
|
|
20D9F268000
|
unkown
|
page read and write
|
|
|
|
7FF591CF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4522000
|
unkown image
|
page readonly
|
|
|
|
245F25ED000
|
unkown
|
page read and write
|
|
|
|
2388BF00000
|
unkown
|
page read and write
|
|
|
|
7FF591A9B000
|
unkown image
|
page readonly
|
|
|
|
7FF56BFFA000
|
unkown image
|
page readonly
|
|
|
|
7FF510B53000
|
unkown image
|
page readonly
|
|
|
|
22360802000
|
unkown
|
page read and write
|
|
|
|
1CA4818C000
|
unkown
|
page read and write
|
|
|
|
245F23E0000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
7FF5BEC12000
|
unkown image
|
page readonly
|
|
|
|
7FF5A410F000
|
unkown image
|
page readonly
|
|
|
|
245F2540000
|
unkown image
|
page read and write
|
|
|
|
1CA481A1000
|
unkown
|
page read and write
|
|
|
|
7FF516AA5000
|
unkown image
|
page readonly
|
|
|
|
2388B540000
|
unkown image
|
page readonly
|
|
|
|
1F6183F0000
|
unkown
|
page read and write
|
|
|
|
7DF5B1F70000
|
unkown image
|
page readonly
|
|
|
|
22360580000
|
unkown image
|
page readonly
|
|
|
|
7FF5A431D000
|
unkown image
|
page readonly
|
|
|
|
27AD1D20000
|
unkown image
|
page readonly
|
|
|
|
7FF510B9E000
|
unkown image
|
page readonly
|
|
|
|
1AE90E00000
|
unkown
|
page read and write
|
|
|
|
7FF529237000
|
unkown image
|
page readonly
|
|
|
|
7FF5D817B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A40D0000
|
unkown image
|
page readonly
|
|
|
|
3BE287B000
|
stack
|
page read and write
|
|
|
|
7FF5169D7000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
7FF56BF7A000
|
unkown image
|
page readonly
|
|
|
|
7FF56BDC7000
|
unkown image
|
page readonly
|
|
|
|
1AE91380000
|
unkown image
|
page readonly
|
|
|
|
2276EBD0000
|
unkown image
|
page readonly
|
|
|
|
210B08E0000
|
unkown image
|
page readonly
|
|
|
|
7FF591D0A000
|
unkown image
|
page readonly
|
|
|
|
7FF54994A000
|
unkown image
|
page readonly
|
|
|
|
7DF477B30000
|
unkown image
|
page readonly
|
|
|
|
7DF536FC0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A40CD000
|
unkown image
|
page readonly
|
|
|
|
1CA47660000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
1CA47A00000
|
unkown image
|
page readonly
|
|
|
|
7FF5A40B1000
|
unkown image
|
page readonly
|
|
|
|
1CA481A4000
|
unkown
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
7FF5D81AA000
|
unkown image
|
page readonly
|
|
|
|
7FF516A89000
|
unkown image
|
page readonly
|
|
|
|
2388B600000
|
unkown
|
page read and write
|
|
|
|
2388B540000
|
unkown image
|
page readonly
|
|
|
|
7DF579C60000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB67000
|
unkown image
|
page readonly
|
|
|
|
1CA48176000
|
unkown
|
page read and write
|
|
|
|
7DF579C80000
|
unkown image
|
page readonly
|
|
|
|
1CA4819F000
|
unkown
|
page read and write
|
|
|
|
7FF529249000
|
unkown image
|
page readonly
|
|
|
|
7FF5D7FFD000
|
unkown image
|
page readonly
|
|
|
|
2276EBA0000
|
unkown image
|
page readonly
|
|
|
|
1F618800000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
20D9FA02000
|
unkown
|
page read and write
|
|
|
|
210B08C0000
|
unkown image
|
page readonly
|
|
|
|
2BD9E9B000
|
unkown
|
page read and write
|
|
|
|
27AD38F0000
|
unkown
|
page read and write
|
|
|
|
27AD1E13000
|
unkown
|
page read and write
|
|
|
|
7FF529319000
|
unkown image
|
page readonly
|
|
|
|
210B0A4A000
|
unkown
|
page read and write
|
|
|
|
7FF5A3D92000
|
unkown image
|
page readonly
|
|
|
|
1CA48179000
|
unkown
|
page read and write
|
|
|
|
2388B613000
|
unkown
|
page read and write
|
|
|
|
7FF5A420D000
|
unkown image
|
page readonly
|
|
|
|
44E18FD000
|
stack
|
page read and write
|
|
|
|
7FF5A4459000
|
unkown image
|
page readonly
|
|
|
|
1CA47D80000
|
unkown image
|
page readonly
|
|
|
|
245F25EF000
|
unkown
|
page read and write
|
|
|
|
7FF560623000
|
unkown image
|
page readonly
|
|
|
|
E9278FE000
|
stack
|
page read and write
|
|
|
|
2E13FA00000
|
unkown
|
page read and write
|
|
|
|
1CA48197000
|
unkown
|
page read and write
|
|
|
|
7DF5CC8B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5EA2000
|
unkown image
|
page readonly
|
|
|
|
1CA48175000
|
unkown
|
page read and write
|
|
|
|
7FF5A4294000
|
unkown image
|
page readonly
|
|
|
|
1CA478E9000
|
unkown
|
page read and write
|
|
|
|
7FF529224000
|
unkown image
|
page readonly
|
|
|
|
7FF54979D000
|
unkown image
|
page readonly
|
|
|
|
B269D7F000
|
stack
|
page read and write
|
|
|
|
245F24D0000
|
unkown
|
page read and write
|
|
|
|
7FF560522000
|
unkown image
|
page readonly
|
|
|
|
7FF5A43A5000
|
unkown image
|
page readonly
|
|
|
|
7FF516A9A000
|
unkown image
|
page readonly
|
|
|
|
7DF56E372000
|
unkown image
|
page readonly
|
|
|
|
7FF56BCE4000
|
unkown image
|
page readonly
|
|
|
|
1CA47859000
|
unkown
|
page read and write
|
|
|
|
7FF560701000
|
unkown image
|
page readonly
|
|
|
|
2236008A000
|
unkown
|
page read and write
|
|
|
|
7FF5497A0000
|
unkown image
|
page readonly
|
|
|
|
7FF549923000
|
unkown image
|
page readonly
|
|
|
|
2276F0D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB63000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4529000
|
unkown image
|
page readonly
|
|
|
|
210B0B08000
|
unkown
|
page read and write
|
|
|
|
2276EBA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8214000
|
unkown image
|
page readonly
|
|
|
|
1AE90E31000
|
unkown
|
page read and write
|
|
|
|
210B0A4E000
|
unkown
|
page read and write
|
|
|
|
1CA4784C000
|
unkown
|
page read and write
|
|
|
|
D0A1CFB000
|
stack
|
page read and write
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
7FF529341000
|
unkown image
|
page readonly
|
|
|
|
27AD1CE0000
|
heap private
|
page read and write
|
|
|
|
7FF5D8221000
|
unkown image
|
page readonly
|
|
|
|
7FF5A433B000
|
unkown image
|
page readonly
|
|
|
|
1CA478B1000
|
unkown
|
page read and write
|
|
|
|
7FF5D815E000
|
unkown image
|
page readonly
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
7FF5A4237000
|
unkown image
|
page readonly
|
|
|
|
1AE91602000
|
unkown
|
page read and write
|
|
|
|
20D9F190000
|
unkown image
|
page readonly
|
|
|
|
20D9F170000
|
unkown image
|
page read and write
|
|
|
|
7FF560619000
|
unkown image
|
page readonly
|
|
|
|
20D9F200000
|
unkown
|
page read and write
|
|
|
|
7DF455500000
|
unkown image
|
page readonly
|
|
|
|
7FF5D8202000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
7FF5D821A000
|
unkown image
|
page readonly
|
|
|
|
1CA4818A000
|
unkown
|
page read and write
|
|
|
|
22360002000
|
unkown
|
page read and write
|
|
|
|
7DF524720000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB4D000
|
unkown image
|
page readonly
|
|
|
|
7FF56BCC7000
|
unkown image
|
page readonly
|
|
|
|
1CA48180000
|
unkown
|
page read and write
|
|
|
|
1CA47829000
|
unkown
|
page read and write
|
|
|
|
7FF5BE7A9000
|
unkown image
|
page readonly
|
|
|
|
7FF5498D9000
|
unkown image
|
page readonly
|
|
|
|
7FF56BEF7000
|
unkown image
|
page readonly
|
|
|
|
2388B6C2000
|
unkown
|
page read and write
|
|
|
|
1CA481B7000
|
unkown
|
page read and write
|
|
|
|
2276EC70000
|
unkown
|
page read and write
|
|
|
|
7FF5A4550000
|
unkown image
|
page readonly
|
|
|
|
27AD1E42000
|
unkown
|
page read and write
|
|
|
|
7FF5A42D6000
|
unkown image
|
page readonly
|
|
|
|
210B0A6D000
|
unkown
|
page read and write
|
|
|
|
20D9F264000
|
unkown
|
page read and write
|
|
|
|
7FF56066E000
|
unkown image
|
page readonly
|
|
|
|
7FF560607000
|
unkown image
|
page readonly
|
|
|
|
7FF529324000
|
unkown image
|
page readonly
|
|
|
|
1CA48620000
|
unkown
|
page read and write
|
|
|
|
7FF516A94000
|
unkown image
|
page readonly
|
|
|
|
7FF591C03000
|
unkown image
|
page readonly
|
|
|
|
1CA48186000
|
unkown
|
page read and write
|
|
|
|
210B0A4B000
|
unkown
|
page read and write
|
|
|
|
B8B63FC000
|
stack
|
page read and write
|
|
|
|
1F618400000
|
unkown
|
page read and write
|
|
|
|
7DF5CC8A2000
|
unkown image
|
page readonly
|
|
|
|
1AE90F02000
|
unkown
|
page read and write
|
|
|
|
1CA481BB000
|
unkown
|
page read and write
|
|
|
|
7FF5A3AB9000
|
unkown image
|
page readonly
|
|
|
|
7FF52905A000
|
unkown image
|
page readonly
|
|
|
|
7FF5D803F000
|
unkown image
|
page readonly
|
|
|
|
7DF5CC8C0000
|
unkown image
|
page readonly
|
|
|
|
1CA48172000
|
unkown
|
page read and write
|
|
|
|
1CA48179000
|
unkown
|
page read and write
|
|
|
|
1CA48193000
|
unkown
|
page read and write
|
|
|
|
8F782FE000
|
stack
|
page read and write
|
|
|
|
2276EBF0000
|
heap default
|
page read and write
|
|
|
|
7FF56061D000
|
unkown image
|
page readonly
|
|
|
|
7DF4CA770000
|
unkown image
|
page readonly
|
|
|
|
7FF529000000
|
unkown image
|
page readonly
|
|
|
|
7FF56061F000
|
unkown image
|
page readonly
|
|
|
|
B269C77000
|
stack
|
page read and write
|
|
|
|
7FF516A82000
|
unkown image
|
page readonly
|
|
|
|
1CA481A1000
|
unkown
|
page read and write
|
|
|
|
1CA478C0000
|
unkown
|
page read and write
|
|
|
|
7FF5D813F000
|
unkown image
|
page readonly
|
|
|
|
2276F260000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4301000
|
unkown image
|
page readonly
|
|
|
|
7FF56BFD2000
|
unkown image
|
page readonly
|
|
|
|
20D9F302000
|
unkown
|
page read and write
|
|
|
|
7FF56BF0D000
|
unkown image
|
page readonly
|
|
|
|
1AE90E3E000
|
unkown
|
page read and write
|
|
|
|
1F618454000
|
unkown
|
page read and write
|
|
|
|
20D9F25A000
|
unkown
|
page read and write
|
|
|
|
1CA4816B000
|
unkown
|
page read and write
|
|
|
|
7FF560591000
|
unkown image
|
page readonly
|
|
|
|
210B0A82000
|
unkown
|
page read and write
|
|
|
|
1CA481B8000
|
unkown
|
page read and write
|
|
|
|
1CA47813000
|
unkown
|
page read and write
|
|
|
|
7FF56C001000
|
unkown image
|
page readonly
|
|
|
|
7FF510C12000
|
unkown image
|
page readonly
|
|
|
|
FE2CE7F000
|
stack
|
page read and write
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
D0A1AFF000
|
stack
|
page read and write
|
|
|
|
8F77D4B000
|
unkown
|
page read and write
|
|
|
|
1CA4818B000
|
unkown
|
page read and write
|
|
|
|
210B08C0000
|
unkown image
|
page readonly
|
|
|
|
1F618402000
|
unkown
|
page read and write
|
|
|
|
1CA48620000
|
unkown
|
page read and write
|
|
|
|
7FF5A43FF000
|
unkown image
|
page readonly
|
|
|
|
7FF56025D000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF77000
|
unkown image
|
page readonly
|
|
|
|
245F2530000
|
unkown image
|
page readonly
|
|
|
|
245F25EF000
|
unkown
|
page read and write
|
|
|
|
27AD38F0000
|
unkown
|
page read and write
|
|
|
|
7FF5A3B23000
|
unkown image
|
page readonly
|
|
|
|
20D9F313000
|
unkown
|
page read and write
|
|
|
|
2235FF80000
|
unkown
|
page read and write
|
|
|
|
7DF524722000
|
unkown image
|
page readonly
|
|
|
|
245F24F0000
|
unkown
|
page read and write
|
|
|
|
1CA4811E000
|
unkown
|
page read and write
|
|
|
|
7FF5A4367000
|
unkown image
|
page readonly
|
|
|
|
B8B5F77000
|
stack
|
page read and write
|
|
|
|
7FF5A4362000
|
unkown image
|
page readonly
|
|
|
|
7FF591C17000
|
unkown image
|
page readonly
|
|
|
|
7FF5A415B000
|
unkown image
|
page readonly
|
|
|
|
7FF591D1E000
|
unkown image
|
page readonly
|
|
|
|
210B0B02000
|
unkown
|
page read and write
|
|
|
|
1AE90E13000
|
unkown
|
page read and write
|
|
|
|
1CA478AA000
|
unkown
|
page read and write
|
|
|
|
7FF510B6E000
|
unkown image
|
page readonly
|
|
|
|
1F618600000
|
unkown image
|
page readonly
|
|
|
|
1CA481BB000
|
unkown
|
page read and write
|
|
|
|
7FF5169D0000
|
unkown image
|
page readonly
|
|
|
|
7FF549907000
|
unkown image
|
page readonly
|
|
|
|
20D9F202000
|
unkown
|
page read and write
|
|
|
|
1CA4818D000
|
unkown
|
page read and write
|
|
|
|
7FF560633000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF2E000
|
unkown image
|
page readonly
|
|
|
|
7FF591873000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE7A7000
|
unkown image
|
page readonly
|
|
|
|
1CA48702000
|
unkown
|
page read and write
|
|
|
|
1AE90E60000
|
unkown
|
page read and write
|
|
|
|
7FF5D7EB5000
|
unkown image
|
page readonly
|
|
|
|
B8B6077000
|
stack
|
page read and write
|
|
|
|
7FF5A4223000
|
unkown image
|
page readonly
|
|
|
|
1AE90E6D000
|
unkown
|
page read and write
|
|
|
|
7DF5B21D0000
|
unkown image
|
page readonly
|
|
|
|
2E140130000
|
unkown
|
page read and write
|
|
|
|
7FF516AB1000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5E92000
|
unkown image
|
page readonly
|
|
|
|
2276EC29000
|
unkown
|
page read and write
|
|
|
|
7FF529267000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42D9000
|
unkown image
|
page readonly
|
|
|
|
B8B677D000
|
stack
|
page read and write
|
|
|
|
1F6183A0000
|
unkown image
|
page readonly
|
|
|
|
7FF56BFE4000
|
unkown image
|
page readonly
|
|
|
|
1F6183C0000
|
unkown
|
page read and write
|
|
|
|
3BE235B000
|
unkown
|
page read and write
|
|
|
|
22360000000
|
unkown
|
page read and write
|
|
|
|
1CA48604000
|
unkown
|
page read and write
|
|
|
|
2236007F000
|
unkown
|
page read and write
|
|
|
|
1CA4819F000
|
unkown
|
page read and write
|
|
|
|
27AD3A02000
|
unkown
|
page read and write
|
|
|
|
7FF5162EE000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF0F000
|
unkown image
|
page readonly
|
|
|
|
1AE91200000
|
unkown image
|
page readonly
|
|
|
|
7DF557642000
|
unkown image
|
page readonly
|
|
|
|
210B0B00000
|
unkown
|
page read and write
|
|
|
|
7FF5D8167000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEC35000
|
unkown image
|
page readonly
|
|
|
|
7DF5E5EB0000
|
unkown image
|
page readonly
|
|
|
|
1CA48700000
|
unkown
|
page read and write
|
|
|
|
1F6182A0000
|
unkown image
|
page readonly
|
|
|
|
2BDA5FF000
|
stack
|
page read and write
|
|
|
|
245F25EF000
|
unkown
|
page read and write
|
|
|
|
7FF5A44C7000
|
unkown image
|
page readonly
|
|
|
|
7FF5A447E000
|
unkown image
|
page readonly
|
|
|
|
2276EC4A000
|
unkown
|
page read and write
|
|
|
|
22360054000
|
unkown
|
page read and write
|
|
|
|
7FF5605FE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4401000
|
unkown image
|
page readonly
|
|
|
|
7DF5CC8B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B21C2000
|
unkown image
|
page readonly
|
|
|
|
1CA47630000
|
unkown image
|
page readonly
|
|
|
|
7FF56BD86000
|
unkown image
|
page readonly
|
|
|
|
E9271FD000
|
stack
|
page read and write
|
|
|
|
B2695DB000
|
unkown
|
page read and write
|
|
|
|
2E13FA65000
|
unkown
|
page read and write
|
|
|
|
7FF52924D000
|
unkown image
|
page readonly
|
|
|
|
1CA4784F000
|
unkown
|
page read and write
|
|
|
|
7DF536FA2000
|
unkown image
|
page readonly
|
|
|
|
1CA48603000
|
unkown
|
page read and write
|
|
|
|
2276EC53000
|
unkown
|
page read and write
|
|
|
|
1CA4784D000
|
unkown
|
page read and write
|
|
|
|
27AD1D70000
|
unkown
|
page read and write
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
1CA48602000
|
unkown
|
page read and write
|
|
|
|
B8B5D7E000
|
stack
|
page read and write
|
|
|
|
7FF591C2F000
|
unkown image
|
page readonly
|
|
|
|
210B0A00000
|
unkown
|
page read and write
|
|
|
|
2236002A000
|
unkown
|
page read and write
|
|
|
|
7DF5E5E90000
|
unkown image
|
page readonly
|
|
|
|
7FF5497DF000
|
unkown image
|
page readonly
|
|
|
|
7FF529298000
|
unkown image
|
page readonly
|
|
|
|
2276ED00000
|
unkown
|
page read and write
|
|
|
|
7DF5B1F60000
|
unkown image
|
page readonly
|
|
|
|
7FF591D15000
|
unkown image
|
page readonly
|
|
|
|
7FF56068D000
|
unkown image
|
page readonly
|
|
|
|
7DF59F9A0000
|
unkown image
|
page readonly
|
|
|
|
1AE90E41000
|
unkown
|
page read and write
|
|
|
|
7DF51E8A2000
|
unkown image
|
page readonly
|
|
|
|
1CA481B0000
|
unkown
|
page read and write
|
|
|
|
7FF5A420F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A42E4000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4277000
|
unkown image
|
page readonly
|
|
|
|
1CA4784B000
|
unkown
|
page read and write
|
|
|
|
1CA4817C000
|
unkown
|
page read and write
|
|
|
|
1CA48173000
|
unkown
|
page read and write
|
|
|
|
1CA4810D000
|
unkown
|
page read and write
|
|
|
|
2235FE50000
|
unkown image
|
page readonly
|
|
|
|
7FF56058B000
|
unkown image
|
page readonly
|
|
|
|
B02FBFE000
|
stack
|
page read and write
|
|
|
|
2388BD30000
|
unkown image
|
page write copy
|
|
|
|
7FF5498F3000
|
unkown image
|
page readonly
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
2236004C000
|
unkown
|
page read and write
|
|
|
|
7FF5A41D5000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4487000
|
unkown image
|
page readonly
|
|
|
|
7FF5A442E000
|
unkown image
|
page readonly
|
|
|
|
7FF591C0E000
|
unkown image
|
page readonly
|
|
|
|
7FF591C78000
|
unkown image
|
page readonly
|
|
|
|
7FF560711000
|
unkown image
|
page readonly
|
|
|
|
7FF5494B7000
|
unkown image
|
page readonly
|
|
|
|
44E157E000
|
stack
|
page read and write
|
|
|
|
2276EB90000
|
heap private
|
page read and write
|
|
|
|
7FF510BBD000
|
unkown image
|
page readonly
|
|
|
|
7FF510C24000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEBBD000
|
unkown image
|
page readonly
|
|
|
|
7FF56BFF1000
|
unkown image
|
page readonly
|
|
|
|
7DF557640000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4181000
|
unkown image
|
page readonly
|
|
|
|
7FF5A43D5000
|
unkown image
|
page readonly
|
|
|
|
7DF59F982000
|
unkown image
|
page readonly
|
|
|
|
2236004A000
|
unkown
|
page read and write
|
|
|
|
22360200000
|
unkown image
|
page readonly
|
|
|
|
2276EC3A000
|
unkown
|
page read and write
|
|
|
|
27AD1E81000
|
unkown
|
page read and write
|
|
|
|
B269B7E000
|
stack
|
page read and write
|
|
|
|
7FF5A44AE000
|
unkown image
|
page readonly
|
|
|
|
7DF41C770000
|
unkown image
|
page readonly
|
|
|
|
1CA48115000
|
unkown
|
page read and write
|
|
|
|
7FF5169FB000
|
unkown image
|
page readonly
|
|
|
|
7FF591C97000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1F70000
|
unkown image
|
page readonly
|
|
|
|
20D9F850000
|
unkown image
|
page readonly
|
|
|
|
1AE90E46000
|
unkown
|
page read and write
|
|
|
|
7FF510B63000
|
unkown image
|
page readonly
|
|
|
|
20D9F1C0000
|
unkown image
|
page readonly
|
|
|
|
7FF510C41000
|
unkown image
|
page readonly
|
|
|
|
B8B5CFE000
|
stack
|
page read and write
|
|
|
|
1CA478F8000
|
unkown
|
page read and write
|
|
|
|
7FF591AED000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4185000
|
unkown image
|
page readonly
|
|
|
|
210B0A4C000
|
unkown
|
page read and write
|
|
|
|
7FF5A4301000
|
unkown image
|
page readonly
|
|
|
|
7FF56070A000
|
unkown image
|
page readonly
|
|
|
|
2BDA6FE000
|
stack
|
page read and write
|
|
|
|
27AD2460000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4086000
|
unkown image
|
page readonly
|
|
|
|
7DF51E8A2000
|
unkown image
|
page readonly
|
|
|
|
1CA4783C000
|
unkown
|
page read and write
|
|
|
|
1CA48195000
|
unkown
|
page read and write
|
|
|
|
27AD1CF0000
|
unkown image
|
page readonly
|
|
|
|
3BE2A7E000
|
stack
|
page read and write
|
|
|
|
7FF528FF7000
|
unkown image
|
page readonly
|
|
|
|
7FF5169D3000
|
unkown image
|
page readonly
|
|
|
|
7FF56BF7D000
|
unkown image
|
page readonly
|
|
|
|
7DF557640000
|
unkown image
|
page readonly
|
|
|
|
7FF529312000
|
unkown image
|
page readonly
|
|
|
|
1CA481C6000
|
unkown
|
page read and write
|
|
|
|
1AE90E5E000
|
unkown
|
page read and write
|
|
|
|
7DF59F980000
|
unkown image
|
page readonly
|
|
|
|
20D9F190000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE59D000
|
unkown image
|
page readonly
|
|
|
|
7DF5B21C2000
|
unkown image
|
page readonly
|
|
|
|
20D9F240000
|
unkown
|
page read and write
|
|
|
|
1AE90E66000
|
unkown
|
page read and write
|
|
|
|
1CA4818E000
|
unkown
|
page read and write
|
|
|
|
27AD1E00000
|
unkown
|
page read and write
|
|
|
|
E926CBC000
|
unkown
|
page read and write
|
|
|
|
22360113000
|
unkown
|
page read and write
|
|
|
|
7FF5BEB37000
|
unkown image
|
page readonly
|
|
|
|
7FF5BE907000
|
unkown image
|
page readonly
|
|
|
|
7DF536FB2000
|
unkown image
|
page readonly
|
|
|
|
1F6183F0000
|
unkown
|
page read and write
|
|
|
|
B02FB79000
|
stack
|
page read and write
|
|
|
|
7DF46C240000
|
unkown image
|
page readonly
|
|
|
|
7FF5109C6000
|
unkown image
|
page readonly
|
|
|
|
1CA4869D000
|
unkown
|
page read and write
|
|
|
|
7FF5BEA52000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4301000
|
unkown image
|
page readonly
|
|
|
|
7FF5D808B000
|
unkown image
|
page readonly
|
|
|
|
27AD20D0000
|
unkown image
|
page readonly
|
|
|
|
245F25C0000
|
heap default
|
page read and write
|
|
|
|
E9274FD000
|
stack
|
page read and write
|
|
|
|
2276EED0000
|
unkown image
|
page readonly
|
|
|
|
7FF591C43000
|
unkown image
|
page readonly
|
|
|
|
44E17FF000
|
stack
|
page read and write
|
|
|
|
7FF5A4433000
|
unkown image
|
page readonly
|
|
|
|
7FF5BEB2F000
|
unkown image
|
page readonly
|
|
|
|
7FF510B60000
|
unkown image
|
page readonly
|
|
|
|
7FF591C7E000
|
unkown image
|
page readonly
|
|
There are 1168 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://marketingandsoftwaretools.com/wp-content/plugins/autoptimize/ANGEL/MicrosoftAccount.html
|
|
|
|
https://docs.google.com/document/d/1hHFEB09XYOGm1F87Todc5etNXb38nGMo/edit?invite=CKvaqcMD
|
|
|
|
https://contacts.google.com/widget/hovercard/v/2?authuser&origin=https%3A%2F%2Fdocs.google.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.wk7zEZseXNs.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOmgtod9hyJVly8FtL6dHsuETJ2AQ%2Fm%3D__features__#id=__HC_94253229&_gfid=__HC_94253229&parent=https%3A%2F%2Fdocs.google.com&pfname=&rpctoken=29249539
|
|