Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TxIDbatch#7809.htm
|
HTML document, ASCII text, with very long lines, with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\0248a65c-db10-4f26-8ff5-8cd8225645ce.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\19a9e266-361c-4072-838e-06171986e717.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1ccba741-1299-45e2-a85f-9834671e9f7f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\4c644a4f-fea3-4d9b-9eec-3c11cf37b5d5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\53aab4da-8126-4c49-a119-9bebb08eb94c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\032be4fd-a71e-4eea-9812-4ed9a57e64c6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\12634ae0-59a1-4980-9ec0-c42c1c16a58c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\163f5da4-a1d3-49fb-8fcd-518441ee46bf.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\16e2f9d2-c66a-44ed-9484-0ecb7703f1e0.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\26684715-2089-4b3a-962b-d65d5fb52b41.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2adde119-6163-4f6c-97fe-1b80d34c7542.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2d1b0248-1266-4407-9501-a541ca3c9c3c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3ff69eef-4df2-4a79-8c08-23a20e26f6b3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\592ce62a-cff0-4266-99a0-6bc5f06329f1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldg (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.oldg (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.# (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last TabsOG (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent Statemp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.olds (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences.\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesm\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesp (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencesr\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencess (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old:" (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State.. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.oldR.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old/i
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\fbe56958-8d69-4f25-b5ae-051dca5b4c18.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldx
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old..
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old/i
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\f4689082-390c-460f-9441-3655a1e9fca5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.olds
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a4879a03-ffd3-4955-a9c4-e5f58c78f547.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b23f73e9-79e2-4536-a6f5-ccffe9c10c57.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c1aee5b7-139f-4b71-9d2d-4defcb28a010.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c752d66a-b4fd-4702-8653-eb59e3d64e56.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dac9cea8-3180-4725-babe-2831d8ed2c68.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\dbd05012-53ee-428b-af3d-afc7dec1296a.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e8a7d15e-80d0-4b5f-a830-a157c4d95c1b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ea0d8b59-cbbe-41cc-8c76-37c181f68e6a.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f26b3193-39c8-4934-b3c1-e6a92a014186.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f3366787-c94b-428c-b6b1-887c8a61c6b2.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fc698353-6ba4-459d-8c59-68320d0043f5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local StateS (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statee (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\b (copy)
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache\l (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir5816_1477101159\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\afc85be9-697b-415b-9c03-e6206380a357.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d007c77f-7a4f-430d-8b09-7f1c5d6feb90.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\d1bf07bf-d684-4359-8fec-af62e412852f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\e6112690-8970-4e46-ad9b-2b3070d31ee6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fa43c118-83a1-4f43-b038-1c7c284f1965.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fd315cb1-ec5e-423e-a3ab-79cb314f1d64.tmp
|
SysEx File -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fe71b72d-ab05-43e3-ba98-2e615cf6ff1f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1570166297\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1604074396\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1604074396\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1604074396\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1604074396\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1604074396\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1745284111\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1745284111\download_file_types.pb
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1745284111\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1745284111\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1868351932\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1868351932\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1868351932\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_1868351932\ssl_error_assistant.pb
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_651979994\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_651979994\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_651979994\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_651979994\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_651979994\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_74073977\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_74073977\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\5816_74073977\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\60860a61-507c-4584-8f25-8e96ec8995a2.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\a223857e-9737-4f60-9543-e3e4dca13e5a.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ee3b0b38-a74c-4f0a-95a7-965b791669ae.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\fe5f2b15-f9b1-46fb-abb1-30a2ac3694cf.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1551703714\ee3b0b38-a74c-4f0a-95a7-965b791669ae.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\60860a61-507c-4584-8f25-8e96ec8995a2.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir5816_1865900962\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
There are 281 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "C:\Users\user\Desktop\TxIDbatch#7809.htm
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,1339798014619223461,1528903278145705779,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1924 /prefetch:8
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
file:///C:/Users/user/Desktop/TxIDbatch%237809.htm#garth.brooks@tetratech.com
|
|
||
|
https://a.nel.cloudflare.com/report/v3?s=zpixM%2BUGODgTIG9rptNTC0Z5IbmQK3gklBFTUGglBnblzPbSaHLXUmr4A
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jskf
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.2.1.slim.min.js
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.icop
|
unknown
|
|
|
|
https://use.fontawesome.com/releases/v5.7.0/css/all.css
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
|
104.18.11.207
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
172.217.168.46
|
|
|
|
https://todosec.org/images/bg.jpg
|
104.21.78.148
|
|
|
|
https://code.jquery.com/jquery-3.1.1.min.js
|
unknown
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushers
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://code.jquery.com/jquery-3.3.1.js
|
unknown
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
|
104.16.18.94
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=T%2FPpfK%2FWzjbIf90tUrmni3uuwhAJBOXK%2F8R2cytiPE1kkzs6dLNun
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
|
unknown
|
|
|
|
https://a.nel.cloudflare.com/report/v3?s=xZUq1LAIKOqlOyVtvplvkp0rzDK7ol5FAU5B2TESCEQKlSt0cR%2BzweXJj
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
There are 63 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
gstaticadssl.l.google.com
|
172.217.168.3
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
cdnjs.cloudflare.com
|
104.16.18.94
|
|
|
|
todosec.org
|
104.21.78.148
|
|
|
|
maxcdn.bootstrapcdn.com
|
104.18.11.207
|
|
|
|
clients.l.google.com
|
172.217.168.46
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
use.fontawesome.com
|
unknown
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
code.jquery.com
|
unknown
|
|
|
|
aadcdn.msauth.net
|
unknown
|
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
172.217.168.46
|
clients.l.google.com
|
United States
|
|
|
|
104.18.11.207
|
maxcdn.bootstrapcdn.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
172.217.168.3
|
gstaticadssl.l.google.com
|
United States
|
|
|
|
104.21.78.148
|
todosec.org
|
United States
|
|
|
|
104.16.18.94
|
cdnjs.cloudflare.com
|
United States
|
|
|
|
192.168.2.255
|
unknown
|
unknown
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
There are 34 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2BED6990000
|
unkown
|
page read and write
|
|
|
|
7FF59C03F000
|
unkown image
|
page readonly
|
|
|
|
2BED1F5A000
|
unkown
|
page read and write
|
|
|
|
15275908000
|
unkown
|
page read and write
|
|
|
|
1D911A5D000
|
unkown
|
page read and write
|
|
|
|
7FF4FA4DC000
|
unkown image
|
page readonly
|
|
|
|
2BED70B0000
|
unkown
|
page read and write
|
|
|
|
24B328E2000
|
unkown
|
page read and write
|
|
|
|
1D911A7F000
|
unkown
|
page read and write
|
|
|
|
2BED15C0000
|
unkown
|
page read and write
|
|
|
|
1DCA5840000
|
heap default
|
page read and write
|
|
|
|
7DF40FF00000
|
unkown image
|
page readonly
|
|
|
|
313A37B000
|
stack
|
page read and write
|
|
|
|
AA4A07E000
|
stack
|
page read and write
|
|
|
|
7FF5A2763000
|
unkown image
|
page readonly
|
|
|
|
7FF5817ED000
|
unkown image
|
page readonly
|
|
|
|
2BED6C3A000
|
unkown
|
page read and write
|
|
|
|
1D9123EC000
|
unkown
|
page read and write
|
|
|
|
7FF507B1A000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52E4000
|
unkown image
|
page readonly
|
|
|
|
169D5400000
|
unkown image
|
page readonly
|
|
|
|
7DF51D4E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4E7A000
|
unkown image
|
page readonly
|
|
|
|
24B32800000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAA1A000
|
unkown image
|
page readonly
|
|
|
|
7FF581957000
|
unkown image
|
page readonly
|
|
|
|
E37F7B000
|
stack
|
page read and write
|
|
|
|
1D9123C0000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FF1000
|
unkown image
|
page readonly
|
|
|
|
DA443F9000
|
stack
|
page read and write
|
|
|
|
50630FE000
|
stack
|
page read and write
|
|
|
|
AA49B9B000
|
unkown
|
page read and write
|
|
|
|
329217E000
|
stack
|
page read and write
|
|
|
|
7FF53CA93000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAC7B000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF75000
|
unkown image
|
page readonly
|
|
|
|
E37C7B000
|
unkown
|
page read and write
|
|
|
|
12B3B77000
|
stack
|
page read and write
|
|
|
|
7FF5A273D000
|
unkown image
|
page readonly
|
|
|
|
7DF547512000
|
unkown image
|
page readonly
|
|
|
|
7DF5F04D0000
|
unkown image
|
page readonly
|
|
|
|
169D5080000
|
heap private
|
page read and write
|
|
|
|
7DF54A8B0000
|
unkown image
|
page readonly
|
|
|
|
2074A702000
|
unkown
|
page read and write
|
|
|
|
15275902000
|
unkown
|
page read and write
|
|
|
|
A685FD000
|
stack
|
page read and write
|
|
|
|
1D9123EF000
|
unkown
|
page read and write
|
|
|
|
7FF507BBB000
|
unkown image
|
page readonly
|
|
|
|
7FF5C51EC000
|
unkown image
|
page readonly
|
|
|
|
2BED6B20000
|
unkown
|
page read and write
|
|
|
|
19F4543C000
|
unkown
|
page read and write
|
|
|
|
1D911B16000
|
unkown
|
page read and write
|
|
|
|
7DF4453E0000
|
unkown image
|
page readonly
|
|
|
|
2074A687000
|
unkown
|
page read and write
|
|
|
|
7FF4FC73F000
|
unkown image
|
page readonly
|
|
|
|
2BED1671000
|
unkown
|
page read and write
|
|
|
|
2BED6CF8000
|
unkown
|
page read and write
|
|
|
|
1DCA6200000
|
unkown
|
page read and write
|
|
|
|
AA4A1FE000
|
stack
|
page read and write
|
|
|
|
2BED163D000
|
unkown
|
page read and write
|
|
|
|
24B328DC000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FFD000
|
unkown image
|
page readonly
|
|
|
|
313A17E000
|
stack
|
page read and write
|
|
|
|
7FF5C51D0000
|
unkown image
|
page readonly
|
|
|
|
1D9123A0000
|
unkown
|
page read and write
|
|
|
|
7DF5F04C2000
|
unkown image
|
page readonly
|
|
|
|
12B3A7B000
|
stack
|
page read and write
|
|
|
|
7FF59BFFF000
|
unkown image
|
page readonly
|
|
|
|
2BED6D00000
|
unkown
|
page read and write
|
|
|
|
7FF5DABB4000
|
unkown image
|
page readonly
|
|
|
|
7FF5C514F000
|
unkown image
|
page readonly
|
|
|
|
19F45448000
|
unkown
|
page read and write
|
|
|
|
2BED2080000
|
unkown
|
page read and write
|
|
|
|
7FF5DA368000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD6F000
|
unkown image
|
page readonly
|
|
|
|
329227B000
|
stack
|
page read and write
|
|
|
|
7DF597360000
|
unkown image
|
page readonly
|
|
|
|
15275D80000
|
unkown image
|
page readonly
|
|
|
|
7FF507AFD000
|
unkown image
|
page readonly
|
|
|
|
7FF53CB23000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
7FF53CC1D000
|
unkown image
|
page readonly
|
|
|
|
7FF53CCA5000
|
unkown image
|
page readonly
|
|
|
|
1DCA5A00000
|
unkown
|
page read and write
|
|
|
|
7DF552680000
|
unkown image
|
page readonly
|
|
|
|
7DF510592000
|
unkown image
|
page readonly
|
|
|
|
1D9123E7000
|
unkown
|
page read and write
|
|
|
|
2BED6D0C000
|
unkown
|
page read and write
|
|
|
|
7FF4EE93E000
|
unkown image
|
page readonly
|
|
|
|
1536E20B000
|
unkown
|
page read and write
|
|
|
|
7FF4FC6A5000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5137000
|
unkown image
|
page readonly
|
|
|
|
7FF4FA482000
|
unkown image
|
page readonly
|
|
|
|
F9DCE7E000
|
stack
|
page read and write
|
|
|
|
7FF531A42000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAAC7000
|
unkown image
|
page readonly
|
|
|
|
AA4A2FE000
|
stack
|
page read and write
|
|
|
|
7DF54A8B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4A98000
|
unkown image
|
page readonly
|
|
|
|
7DF512050000
|
unkown image
|
page readonly
|
|
|
|
152755E0000
|
heap private
|
page read and write
|
|
|
|
7FF5C5094000
|
unkown image
|
page readonly
|
|
|
|
7FF531B27000
|
unkown image
|
page readonly
|
|
|
|
7FF53C833000
|
unkown image
|
page readonly
|
|
|
|
7FF5A28A7000
|
unkown image
|
page readonly
|
|
|
|
32926FA000
|
stack
|
page read and write
|
|
|
|
7DF54A8C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4E31000
|
unkown image
|
page readonly
|
|
|
|
1FC4285D000
|
unkown
|
page read and write
|
|
|
|
A6807C000
|
stack
|
page read and write
|
|
|
|
7DF5F04E0000
|
unkown image
|
page readonly
|
|
|
|
2074A560000
|
unkown image
|
page readonly
|
|
|
|
7DF547510000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF33000
|
unkown image
|
page readonly
|
|
|
|
5062DFD000
|
stack
|
page read and write
|
|
|
|
7FF4FC73D000
|
unkown image
|
page readonly
|
|
|
|
7DF547510000
|
unkown image
|
page readonly
|
|
|
|
1D911930000
|
unkown image
|
page readonly
|
|
|
|
1FC42790000
|
unkown image
|
page readonly
|
|
|
|
2BED1F19000
|
unkown
|
page read and write
|
|
|
|
1536E1FD000
|
unkown
|
page read and write
|
|
|
|
1D9123EA000
|
unkown
|
page read and write
|
|
|
|
2BED6CF8000
|
unkown
|
page read and write
|
|
|
|
1536E200000
|
unkown
|
page read and write
|
|
|
|
1D911AA7000
|
unkown
|
page read and write
|
|
|
|
24B334F0000
|
unkown
|
page read and write
|
|
|
|
1D912050000
|
unkown image
|
page readonly
|
|
|
|
7FF534C73000
|
unkown image
|
page readonly
|
|
|
|
15275800000
|
unkown
|
page read and write
|
|
|
|
1FC42760000
|
unkown image
|
page readonly
|
|
|
|
32925FE000
|
stack
|
page read and write
|
|
|
|
7DF5F04C0000
|
unkown image
|
page readonly
|
|
|
|
2BED6CA3000
|
unkown
|
page read and write
|
|
|
|
1D911ABB000
|
unkown
|
page read and write
|
|
|
|
2BED6F70000
|
unkown
|
page read and write
|
|
|
|
7FF5DAB88000
|
unkown image
|
page readonly
|
|
|
|
7FF507BB4000
|
unkown image
|
page readonly
|
|
|
|
F9DD17F000
|
stack
|
page read and write
|
|
|
|
50629FB000
|
stack
|
page read and write
|
|
|
|
DEE26FE000
|
stack
|
page read and write
|
|
|
|
7FF5A299F000
|
unkown image
|
page readonly
|
|
|
|
313A07C000
|
unkown
|
page read and write
|
|
|
|
2BED15A0000
|
unkown image
|
page readonly
|
|
|
|
15275870000
|
unkown
|
page read and write
|
|
|
|
1D91235C000
|
unkown
|
page read and write
|
|
|
|
1D912963000
|
unkown
|
page read and write
|
|
|
|
1FC4286B000
|
unkown
|
page read and write
|
|
|
|
7DF5B1930000
|
unkown image
|
page readonly
|
|
|
|
7FF581993000
|
unkown image
|
page readonly
|
|
|
|
1C0D9FE000
|
stack
|
page read and write
|
|
|
|
1FC42780000
|
heap default
|
page read and write
|
|
|
|
1D9123A0000
|
unkown
|
page read and write
|
|
|
|
7FF5DAB09000
|
unkown image
|
page readonly
|
|
|
|
7FF531B2C000
|
unkown image
|
page readonly
|
|
|
|
7FF581A34000
|
unkown image
|
page readonly
|
|
|
|
7FF4FABC9000
|
unkown image
|
page readonly
|
|
|
|
7FF531A2D000
|
unkown image
|
page readonly
|
|
|
|
2BED2980000
|
unkown
|
page read and write
|
|
|
|
2BED6B24000
|
unkown
|
page read and write
|
|
|
|
7FF534EB7000
|
unkown image
|
page readonly
|
|
|
|
1D911ED0000
|
unkown image
|
page readonly
|
|
|
|
19F45454000
|
unkown
|
page read and write
|
|
|
|
7DF552672000
|
unkown image
|
page readonly
|
|
|
|
7FF5DAADD000
|
unkown image
|
page readonly
|
|
|
|
7FF50701B000
|
unkown image
|
page readonly
|
|
|
|
DEE21FF000
|
stack
|
page read and write
|
|
|
|
7FF59BB03000
|
unkown image
|
page readonly
|
|
|
|
19F45429000
|
unkown
|
page read and write
|
|
|
|
F9DD37F000
|
stack
|
page read and write
|
|
|
|
1D912317000
|
unkown
|
page read and write
|
|
|
|
7FF5A299F000
|
unkown image
|
page readonly
|
|
|
|
329287F000
|
stack
|
page read and write
|
|
|
|
7FF531C1F000
|
unkown image
|
page readonly
|
|
|
|
2BED25D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC637000
|
unkown image
|
page readonly
|
|
|
|
7FF53CAC0000
|
unkown image
|
page readonly
|
|
|
|
7DF597352000
|
unkown image
|
page readonly
|
|
|
|
7FF53CC5C000
|
unkown image
|
page readonly
|
|
|
|
7DF5DAC02000
|
unkown image
|
page readonly
|
|
|
|
A686FF000
|
stack
|
page read and write
|
|
|
|
7DF547520000
|
unkown image
|
page readonly
|
|
|
|
1D9123D9000
|
unkown
|
page read and write
|
|
|
|
2BED15D0000
|
unkown image
|
page read and write
|
|
|
|
7FF59BF8A000
|
unkown image
|
page readonly
|
|
|
|
2BED6C80000
|
unkown
|
page read and write
|
|
|
|
7DF5B8290000
|
unkown image
|
page readonly
|
|
|
|
19F45310000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
7FF5A211B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC73B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC72B000
|
unkown image
|
page readonly
|
|
|
|
2BED6C11000
|
unkown
|
page read and write
|
|
|
|
2BED6D02000
|
unkown
|
page read and write
|
|
|
|
1C0D8FC000
|
stack
|
page read and write
|
|
|
|
15275A00000
|
unkown image
|
page readonly
|
|
|
|
2BED16FD000
|
unkown
|
page read and write
|
|
|
|
7FF5316CF000
|
unkown image
|
page readonly
|
|
|
|
24B337B0000
|
unkown
|
page read and write
|
|
|
|
2BED6B50000
|
unkown
|
page read and write
|
|
|
|
7FF4FC5BE000
|
unkown image
|
page readonly
|
|
|
|
2BED6CF2000
|
unkown
|
page read and write
|
|
|
|
2BED6D15000
|
unkown
|
page read and write
|
|
|
|
24B32850000
|
unkown
|
page read and write
|
|
|
|
2BED6CF8000
|
unkown
|
page read and write
|
|
|
|
1D912800000
|
unkown
|
page read and write
|
|
|
|
169D51E0000
|
unkown
|
page read and write
|
|
|
|
7FF58189F000
|
unkown image
|
page readonly
|
|
|
|
1DCA57D0000
|
unkown image
|
page read and write
|
|
|
|
7FF507AC7000
|
unkown image
|
page readonly
|
|
|
|
2BED1800000
|
unkown image
|
page readonly
|
|
|
|
1D911960000
|
heap default
|
page read and write
|
|
|
|
1FC42878000
|
unkown
|
page read and write
|
|
|
|
2BED1F59000
|
unkown
|
page read and write
|
|
|
|
DA4427B000
|
unkown
|
page read and write
|
|
|
|
2BED6CEA000
|
unkown
|
page read and write
|
|
|
|
7DF5B1950000
|
unkown image
|
page readonly
|
|
|
|
1FC42E50000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52EE000
|
unkown image
|
page readonly
|
|
|
|
7FF581A3E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A296B000
|
unkown image
|
page readonly
|
|
|
|
7FF531B59000
|
unkown image
|
page readonly
|
|
|
|
7DF510590000
|
unkown image
|
page readonly
|
|
|
|
169D5302000
|
unkown
|
page read and write
|
|
|
|
7FF507B9B000
|
unkown image
|
page readonly
|
|
|
|
2BED6CFC000
|
unkown
|
page read and write
|
|
|
|
7FF5C50CC000
|
unkown image
|
page readonly
|
|
|
|
7FF507886000
|
unkown image
|
page readonly
|
|
|
|
2BED6D02000
|
unkown
|
page read and write
|
|
|
|
7DF5B1932000
|
unkown image
|
page readonly
|
|
|
|
2BED1F13000
|
unkown
|
page read and write
|
|
|
|
1D911A66000
|
unkown
|
page read and write
|
|
|
|
7FF53C81F000
|
unkown image
|
page readonly
|
|
|
|
7FF4FABF5000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC72E000
|
unkown image
|
page readonly
|
|
|
|
1D911AD5000
|
unkown
|
page read and write
|
|
|
|
7FF5C5235000
|
unkown image
|
page readonly
|
|
|
|
1D91235E000
|
unkown
|
page read and write
|
|
|
|
7FF5A2807000
|
unkown image
|
page readonly
|
|
|
|
1D911A5B000
|
unkown
|
page read and write
|
|
|
|
19F45340000
|
unkown image
|
page readonly
|
|
|
|
1E9EEB13000
|
unkown
|
page read and write
|
|
|
|
1DCA5A13000
|
unkown
|
page read and write
|
|
|
|
2BED6C47000
|
unkown
|
page read and write
|
|
|
|
506259B000
|
unkown
|
page read and write
|
|
|
|
7FF534F90000
|
unkown image
|
page readonly
|
|
|
|
7FF59C00B000
|
unkown image
|
page readonly
|
|
|
|
7FF534FAE000
|
unkown image
|
page readonly
|
|
|
|
15275859000
|
unkown
|
page read and write
|
|
|
|
1527584D000
|
unkown
|
page read and write
|
|
|
|
2BED6B60000
|
unkown
|
page read and write
|
|
|
|
1FC42829000
|
unkown
|
page read and write
|
|
|
|
1D912190000
|
unkown image
|
page read and write
|
|
|
|
7FF5A2966000
|
unkown image
|
page readonly
|
|
|
|
7FF531BE6000
|
unkown image
|
page readonly
|
|
|
|
1536E140000
|
unkown image
|
page readonly
|
|
|
|
2BED6CF0000
|
unkown
|
page read and write
|
|
|
|
152755F0000
|
unkown image
|
page readonly
|
|
|
|
2BED6FC0000
|
unkown
|
page read and write
|
|
|
|
7FF4FAC74000
|
unkown image
|
page readonly
|
|
|
|
7FF59C03F000
|
unkown image
|
page readonly
|
|
|
|
DEE227F000
|
stack
|
page read and write
|
|
|
|
2BED6D0B000
|
unkown
|
page read and write
|
|
|
|
7FF5C51C0000
|
unkown image
|
page readonly
|
|
|
|
1D911A00000
|
unkown
|
page read and write
|
|
|
|
7FF5A27F5000
|
unkown image
|
page readonly
|
|
|
|
19F45330000
|
unkown image
|
page readonly
|
|
|
|
24B32820000
|
unkown image
|
page readonly
|
|
|
|
7FF534F78000
|
unkown image
|
page readonly
|
|
|
|
1527584B000
|
unkown
|
page read and write
|
|
|
|
3292978000
|
stack
|
page read and write
|
|
|
|
2BED1F19000
|
unkown
|
page read and write
|
|
|
|
1D911AC2000
|
unkown
|
page read and write
|
|
|
|
2074A650000
|
unkown
|
page read and write
|
|
|
|
7DF5DAC00000
|
unkown image
|
page readonly
|
|
|
|
7FF4FABBD000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2958000
|
unkown image
|
page readonly
|
|
|
|
2BED1F58000
|
unkown
|
page read and write
|
|
|
|
E382FE000
|
stack
|
page read and write
|
|
|
|
1DCA5810000
|
unkown image
|
page readonly
|
|
|
|
7FF5078C8000
|
unkown image
|
page readonly
|
|
|
|
1E9EE950000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
24B32800000
|
unkown image
|
page readonly
|
|
|
|
7FF53CA77000
|
unkown image
|
page readonly
|
|
|
|
7DF54A8C2000
|
unkown image
|
page readonly
|
|
|
|
1D911A57000
|
unkown
|
page read and write
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
1D9123ED000
|
unkown
|
page read and write
|
|
|
|
1E9EEED0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD40000
|
unkown image
|
page readonly
|
|
|
|
2BED1658000
|
unkown
|
page read and write
|
|
|
|
7FF5A278E000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4AD0000
|
unkown image
|
page readonly
|
|
|
|
1D91235C000
|
unkown
|
page read and write
|
|
|
|
7FF5347F2000
|
unkown image
|
page readonly
|
|
|
|
7FF507B05000
|
unkown image
|
page readonly
|
|
|
|
7FF5A27B3000
|
unkown image
|
page readonly
|
|
|
|
7DF547522000
|
unkown image
|
page readonly
|
|
|
|
7DF512040000
|
unkown image
|
page readonly
|
|
|
|
19F45478000
|
unkown
|
page read and write
|
|
|
|
19F45413000
|
unkown
|
page read and write
|
|
|
|
1FC42847000
|
unkown
|
page read and write
|
|
|
|
DEE23FF000
|
stack
|
page read and write
|
|
|
|
2BED6B20000
|
unkown
|
page read and write
|
|
|
|
2BED1F18000
|
unkown
|
page read and write
|
|
|
|
15275829000
|
unkown
|
page read and write
|
|
|
|
15275890000
|
unkown
|
page read and write
|
|
|
|
2BED7030000
|
unkown
|
page read and write
|
|
|
|
1D912392000
|
unkown
|
page read and write
|
|
|
|
169D5780000
|
unkown image
|
page readonly
|
|
|
|
1E9EEA13000
|
unkown
|
page read and write
|
|
|
|
7FF531BD8000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4FEA000
|
unkown image
|
page readonly
|
|
|
|
15275813000
|
unkown
|
page read and write
|
|
|
|
7FF581A2D000
|
unkown image
|
page readonly
|
|
|
|
1536E1D0000
|
heap default
|
page read and write
|
|
|
|
1D911AF3000
|
unkown
|
page read and write
|
|
|
|
2BED6D58000
|
unkown
|
page read and write
|
|
|
|
DEE1A7C000
|
unkown
|
page read and write
|
|
|
|
2BED16A1000
|
unkown
|
page read and write
|
|
|
|
7FF53CC52000
|
unkown image
|
page readonly
|
|
|
|
7DF5F04C0000
|
unkown image
|
page readonly
|
|
|
|
7FF531B6A000
|
unkown image
|
page readonly
|
|
|
|
24B32C30000
|
heap private
|
page read and write
|
|
|
|
313A4F7000
|
stack
|
page read and write
|
|
|
|
1536E560000
|
unkown image
|
page readonly
|
|
|
|
2BED6B20000
|
unkown
|
page read and write
|
|
|
|
7DF5B8292000
|
unkown image
|
page readonly
|
|
|
|
2BED6C1E000
|
unkown
|
page read and write
|
|
|
|
1D912130000
|
unkown image
|
page write copy
|
|
|
|
7FF5C50B3000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD6D000
|
unkown image
|
page readonly
|
|
|
|
2074AE02000
|
unkown
|
page read and write
|
|
|
|
1FC42720000
|
heap private
|
page read and write
|
|
|
|
2BED6B28000
|
unkown
|
page read and write
|
|
|
|
7DF41B390000
|
unkown image
|
page readonly
|
|
|
|
2BED1713000
|
unkown
|
page read and write
|
|
|
|
2BED6CF8000
|
unkown
|
page read and write
|
|
|
|
2BED1F59000
|
unkown
|
page read and write
|
|
|
|
2BED1F19000
|
unkown
|
page read and write
|
|
|
|
169D5200000
|
unkown
|
page read and write
|
|
|
|
7FF4FAC5B000
|
unkown image
|
page readonly
|
|
|
|
5062AFD000
|
stack
|
page read and write
|
|
|
|
1D912383000
|
unkown
|
page read and write
|
|
|
|
2BED7040000
|
unkown
|
page read and write
|
|
|
|
1D9123EA000
|
unkown
|
page read and write
|
|
|
|
7FF53C839000
|
unkown image
|
page readonly
|
|
|
|
1D912902000
|
unkown
|
page read and write
|
|
|
|
7FF531B15000
|
unkown image
|
page readonly
|
|
|
|
1536E555000
|
heap private
|
page read and write
|
|
|
|
1FC42750000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4DAF000
|
unkown image
|
page readonly
|
|
|
|
1536E1FD000
|
unkown
|
page read and write
|
|
|
|
7DF54A8C2000
|
unkown image
|
page readonly
|
|
|
|
12B35BD000
|
stack
|
page read and write
|
|
|
|
2074A613000
|
unkown
|
page read and write
|
|
|
|
7DF5DAC02000
|
unkown image
|
page readonly
|
|
|
|
7FF53CC77000
|
unkown image
|
page readonly
|
|
|
|
2BED6E30000
|
unkown
|
page read and write
|
|
|
|
2BED6CF9000
|
unkown
|
page read and write
|
|
|
|
7DF4D8AC0000
|
unkown image
|
page readonly
|
|
|
|
3292A7C000
|
stack
|
page read and write
|
|
|
|
1D911A68000
|
unkown
|
page read and write
|
|
|
|
169D51C0000
|
unkown image
|
page readonly
|
|
|
|
2BED1629000
|
unkown
|
page read and write
|
|
|
|
1FC4287B000
|
unkown
|
page read and write
|
|
|
|
7DF512042000
|
unkown image
|
page readonly
|
|
|
|
7DF5F04D2000
|
unkown image
|
page readonly
|
|
|
|
19F45513000
|
unkown
|
page read and write
|
|
|
|
1E9EEACD000
|
unkown
|
page read and write
|
|
|
|
1FC42730000
|
unkown image
|
page readonly
|
|
|
|
7FF581A1B000
|
unkown image
|
page readonly
|
|
|
|
1D9123CA000
|
unkown
|
page read and write
|
|
|
|
1D9123E0000
|
unkown
|
page read and write
|
|
|
|
1FC42730000
|
unkown image
|
page readonly
|
|
|
|
1D9123ED000
|
unkown
|
page read and write
|
|
|
|
1FC42AD0000
|
unkown image
|
page readonly
|
|
|
|
7DF512042000
|
unkown image
|
page readonly
|
|
|
|
169D5090000
|
unkown image
|
page readonly
|
|
|
|
169D5090000
|
unkown image
|
page readonly
|
|
|
|
2BED1B80000
|
unkown image
|
page readonly
|
|
|
|
7FF53CA80000
|
unkown image
|
page readonly
|
|
|
|
1FC4287C000
|
unkown
|
page read and write
|
|
|
|
7FF5C52DD000
|
unkown image
|
page readonly
|
|
|
|
7FF507B8F000
|
unkown image
|
page readonly
|
|
|
|
A67E7B000
|
unkown
|
page read and write
|
|
|
|
7FF59BFA5000
|
unkown image
|
page readonly
|
|
|
|
24B328DC000
|
unkown
|
page read and write
|
|
|
|
7FF4FAC7E000
|
unkown image
|
page readonly
|
|
|
|
169D50E0000
|
heap default
|
page read and write
|
|
|
|
2BED6C50000
|
unkown
|
page read and write
|
|
|
|
7FF5C509D000
|
unkown image
|
page readonly
|
|
|
|
2074AAD0000
|
unkown image
|
page readonly
|
|
|
|
7DF5B82A2000
|
unkown image
|
page readonly
|
|
|
|
7DF552660000
|
unkown image
|
page readonly
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
1D911A3C000
|
unkown
|
page read and write
|
|
|
|
1D912381000
|
unkown
|
page read and write
|
|
|
|
7FF5C51F7000
|
unkown image
|
page readonly
|
|
|
|
2BED6980000
|
unkown
|
page read and write
|
|
|
|
1527585A000
|
unkown
|
page read and write
|
|
|
|
7FF4FA841000
|
unkown image
|
page readonly
|
|
|
|
2BED1702000
|
unkown
|
page read and write
|
|
|
|
2BED6D00000
|
unkown
|
page read and write
|
|
|
|
7DF4AF800000
|
unkown image
|
page readonly
|
|
|
|
2074A530000
|
heap private
|
page read and write
|
|
|
|
7FF53CB28000
|
unkown image
|
page readonly
|
|
|
|
50632FE000
|
stack
|
page read and write
|
|
|
|
2BED25F0000
|
unkown image
|
page readonly
|
|
|
|
1D912900000
|
unkown
|
page read and write
|
|
|
|
7FF59BF47000
|
unkown image
|
page readonly
|
|
|
|
7DF510582000
|
unkown image
|
page readonly
|
|
|
|
1D9123E0000
|
unkown
|
page read and write
|
|
|
|
1E9EF060000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4EAD000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52CE000
|
unkown image
|
page readonly
|
|
|
|
1D911900000
|
heap private
|
page read and write
|
|
|
|
24B32C39000
|
heap private
|
page read and write
|
|
|
|
2BED6CF8000
|
unkown
|
page read and write
|
|
|
|
1FC43002000
|
unkown
|
page read and write
|
|
|
|
7FF5C51D4000
|
unkown image
|
page readonly
|
|
|
|
1D912363000
|
unkown
|
page read and write
|
|
|
|
2BED1F18000
|
unkown
|
page read and write
|
|
|
|
1D912363000
|
unkown
|
page read and write
|
|
|
|
19F45508000
|
unkown
|
page read and write
|
|
|
|
2074A63C000
|
unkown
|
page read and write
|
|
|
|
7FF531A9E000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC706000
|
unkown image
|
page readonly
|
|
|
|
19F456D0000
|
unkown image
|
page readonly
|
|
|
|
2BED6D07000
|
unkown
|
page read and write
|
|
|
|
7FF531968000
|
unkown image
|
page readonly
|
|
|
|
2BED69C3000
|
unkown
|
page read and write
|
|
|
|
7FF531B55000
|
unkown image
|
page readonly
|
|
|
|
7FF531B0C000
|
unkown image
|
page readonly
|
|
|
|
1536E160000
|
unkown image
|
page readonly
|
|
|
|
2BED6B20000
|
unkown
|
page read and write
|
|
|
|
2BED6D07000
|
unkown
|
page read and write
|
|
|
|
DEE1B7D000
|
stack
|
page read and write
|
|
|
|
1D91236B000
|
unkown
|
page read and write
|
|
|
|
2BED1F00000
|
unkown
|
page read and write
|
|
|
|
2BED1B90000
|
unkown image
|
page readonly
|
|
|
|
1D912364000
|
unkown
|
page read and write
|
|
|
|
15275DA0000
|
unkown
|
page read and write
|
|
|
|
7FF4FAB94000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
1D911AAD000
|
unkown
|
page read and write
|
|
|
|
7FF53C539000
|
unkown image
|
page readonly
|
|
|
|
2BED6D04000
|
unkown
|
page read and write
|
|
|
|
7FF5C5239000
|
unkown image
|
page readonly
|
|
|
|
7FF581985000
|
unkown image
|
page readonly
|
|
|
|
12B3C7F000
|
stack
|
page read and write
|
|
|
|
E381FF000
|
stack
|
page read and write
|
|
|
|
7FF5A295F000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAC8F000
|
unkown image
|
page readonly
|
|
|
|
1536E1E1000
|
unkown
|
page read and write
|
|
|
|
329207C000
|
unkown
|
page read and write
|
|
|
|
7DF5B82B0000
|
unkown image
|
page readonly
|
|
|
|
7FF581968000
|
unkown image
|
page readonly
|
|
|
|
1D9123CF000
|
unkown
|
page read and write
|
|
|
|
7FF59C024000
|
unkown image
|
page readonly
|
|
|
|
1D911A29000
|
unkown
|
page read and write
|
|
|
|
1D911A9C000
|
unkown
|
page read and write
|
|
|
|
2BED14C0000
|
heap default
|
page read and write
|
|
|
|
2074A520000
|
unkown image
|
page read and write
|
|
|
|
7FF534D5D000
|
unkown image
|
page readonly
|
|
|
|
1D912902000
|
unkown
|
page read and write
|
|
|
|
1D9123A2000
|
unkown
|
page read and write
|
|
|
|
7FF5C477A000
|
unkown image
|
page readonly
|
|
|
|
1D912391000
|
unkown
|
page read and write
|
|
|
|
7FF59BE03000
|
unkown image
|
page readonly
|
|
|
|
2BED1613000
|
unkown
|
page read and write
|
|
|
|
7FF5C5050000
|
unkown image
|
page readonly
|
|
|
|
1E9EEA29000
|
unkown
|
page read and write
|
|
|
|
1D912381000
|
unkown
|
page read and write
|
|
|
|
1DCA57F0000
|
unkown image
|
page readonly
|
|
|
|
1DCA5F80000
|
unkown image
|
page readonly
|
|
|
|
1FC4287F000
|
unkown
|
page read and write
|
|
|
|
2BED6D00000
|
unkown
|
page read and write
|
|
|
|
7FF534F0A000
|
unkown image
|
page readonly
|
|
|
|
7DF597350000
|
unkown image
|
page readonly
|
|
|
|
1D91235F000
|
unkown
|
page read and write
|
|
|
|
1FC42902000
|
unkown
|
page read and write
|
|
|
|
7FF4FA515000
|
unkown image
|
page readonly
|
|
|
|
24B334E0000
|
unkown
|
page read and write
|
|
|
|
1D911940000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4F8A000
|
unkown image
|
page readonly
|
|
|
|
DEE247F000
|
stack
|
page read and write
|
|
|
|
1527583C000
|
unkown
|
page read and write
|
|
|
|
7FF53CD2F000
|
unkown image
|
page readonly
|
|
|
|
32924F7000
|
stack
|
page read and write
|
|
|
|
7FF5A298E000
|
unkown image
|
page readonly
|
|
|
|
7DF5F04D2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAC48000
|
unkown image
|
page readonly
|
|
|
|
7FF581863000
|
unkown image
|
page readonly
|
|
|
|
1D912381000
|
unkown
|
page read and write
|
|
|
|
7DF5B1942000
|
unkown image
|
page readonly
|
|
|
|
1D912367000
|
unkown
|
page read and write
|
|
|
|
7FF5A2653000
|
unkown image
|
page readonly
|
|
|
|
1D912383000
|
unkown
|
page read and write
|
|
|
|
7FF59BFF8000
|
unkown image
|
page readonly
|
|
|
|
7FF5A297D000
|
unkown image
|
page readonly
|
|
|
|
1536E540000
|
unkown image
|
page readonly
|
|
|
|
1536E1A0000
|
unkown
|
page read and write
|
|
|
|
7FF507B35000
|
unkown image
|
page readonly
|
|
|
|
7FF53CB7D000
|
unkown image
|
page readonly
|
|
|
|
15275E02000
|
unkown
|
page read and write
|
|
|
|
12B38FC000
|
stack
|
page read and write
|
|
|
|
19F4545C000
|
unkown
|
page read and write
|
|
|
|
24B33750000
|
unkown
|
page read and write
|
|
|
|
2BED168F000
|
unkown
|
page read and write
|
|
|
|
7FF534FBF000
|
unkown image
|
page readonly
|
|
|
|
7FF5DAB33000
|
unkown image
|
page readonly
|
|
|
|
7FF53CC63000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD28000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5023000
|
unkown image
|
page readonly
|
|
|
|
2BED1DF0000
|
unkown
|
page read and write
|
|
|
|
1D912180000
|
unkown
|
page read and write
|
|
|
|
1D9123D9000
|
unkown
|
page read and write
|
|
|
|
19F45483000
|
unkown
|
page read and write
|
|
|
|
1FC42848000
|
unkown
|
page read and write
|
|
|
|
1FC42813000
|
unkown
|
page read and write
|
|
|
|
1DCA5A66000
|
unkown
|
page read and write
|
|
|
|
1D911990000
|
unkown
|
page read and write
|
|
|
|
7FF581A4F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A298B000
|
unkown image
|
page readonly
|
|
|
|
7FF53CC27000
|
unkown image
|
page readonly
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
E380F7000
|
stack
|
page read and write
|
|
|
|
7FF4FC614000
|
unkown image
|
page readonly
|
|
|
|
5062BFE000
|
stack
|
page read and write
|
|
|
|
1E9EE940000
|
unkown image
|
page readonly
|
|
|
|
2074A700000
|
unkown
|
page read and write
|
|
|
|
7FF5A28D5000
|
unkown image
|
page readonly
|
|
|
|
1D912381000
|
unkown
|
page read and write
|
|
|
|
1DCA5A29000
|
unkown
|
page read and write
|
|
|
|
1DCA57E0000
|
heap private
|
page read and write
|
|
|
|
7FF59BCF3000
|
unkown image
|
page readonly
|
|
|
|
19F45370000
|
unkown image
|
page readonly
|
|
|
|
2BED6B2E000
|
unkown
|
page read and write
|
|
|
|
1D911AEA000
|
unkown
|
page read and write
|
|
|
|
32920FE000
|
stack
|
page read and write
|
|
|
|
2BED6FB0000
|
unkown
|
page read and write
|
|
|
|
1DCA5FD0000
|
unkown
|
page read and write
|
|
|
|
1E9EEB02000
|
unkown
|
page read and write
|
|
|
|
169D5265000
|
unkown
|
page read and write
|
|
|
|
7FF5DAB35000
|
unkown image
|
page readonly
|
|
|
|
A687FC000
|
stack
|
page read and write
|
|
|
|
1FC42861000
|
unkown
|
page read and write
|
|
|
|
7FF5A28B8000
|
unkown image
|
page readonly
|
|
|
|
7DF495210000
|
unkown image
|
page readonly
|
|
|
|
19F45A50000
|
unkown image
|
page readonly
|
|
|
|
2BED6A20000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FBF000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC64C000
|
unkown image
|
page readonly
|
|
|
|
1D9123E2000
|
unkown
|
page read and write
|
|
|
|
7DF5DABF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52C6000
|
unkown image
|
page readonly
|
|
|
|
1D9123E8000
|
unkown
|
page read and write
|
|
|
|
7FF5DAB9B000
|
unkown image
|
page readonly
|
|
|
|
1D91286A000
|
unkown
|
page read and write
|
|
|
|
7FF53CC48000
|
unkown image
|
page readonly
|
|
|
|
169D5600000
|
unkown image
|
page readonly
|
|
|
|
1D9123ED000
|
unkown
|
page read and write
|
|
|
|
7FF581519000
|
unkown image
|
page readonly
|
|
|
|
7FF534ED8000
|
unkown image
|
page readonly
|
|
|
|
7FF581A4F000
|
unkown image
|
page readonly
|
|
|
|
7DF597350000
|
unkown image
|
page readonly
|
|
|
|
2BED6B25000
|
unkown
|
page read and write
|
|
|
|
7DF512030000
|
unkown image
|
page readonly
|
|
|
|
2BED1E02000
|
unkown
|
page read and write
|
|
|
|
2BED6D06000
|
unkown
|
page read and write
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
2BED6D04000
|
unkown
|
page read and write
|
|
|
|
7FF5319BD000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF83000
|
unkown image
|
page readonly
|
|
|
|
1D9123E1000
|
unkown
|
page read and write
|
|
|
|
1D9123EC000
|
unkown
|
page read and write
|
|
|
|
50631FF000
|
stack
|
page read and write
|
|
|
|
19F45466000
|
unkown
|
page read and write
|
|
|
|
24B33760000
|
unkown
|
page read and write
|
|
|
|
7FF581947000
|
unkown image
|
page readonly
|
|
|
|
7FF53C9F4000
|
unkown image
|
page readonly
|
|
|
|
7FF53CBBF000
|
unkown image
|
page readonly
|
|
|
|
15275853000
|
unkown
|
page read and write
|
|
|
|
7FF5C524A000
|
unkown image
|
page readonly
|
|
|
|
19F4545F000
|
unkown
|
page read and write
|
|
|
|
7FF5DAB96000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC70B000
|
unkown image
|
page readonly
|
|
|
|
7FF531B38000
|
unkown image
|
page readonly
|
|
|
|
2BED1679000
|
unkown
|
page read and write
|
|
|
|
7FF4FC622000
|
unkown image
|
page readonly
|
|
|
|
7FF581A08000
|
unkown image
|
page readonly
|
|
|
|
1D9123EA000
|
unkown
|
page read and write
|
|
|
|
7FF53CB83000
|
unkown image
|
page readonly
|
|
|
|
7FF5819B5000
|
unkown image
|
page readonly
|
|
|
|
7FF53C9F8000
|
unkown image
|
page readonly
|
|
|
|
24B328DC000
|
unkown
|
page read and write
|
|
|
|
2BED6A00000
|
unkown
|
page read and write
|
|
|
|
7FF5C4E74000
|
unkown image
|
page readonly
|
|
|
|
7FF4FA843000
|
unkown image
|
page readonly
|
|
|
|
7DF4EE390000
|
unkown image
|
page readonly
|
|
|
|
DA444FE000
|
stack
|
page read and write
|
|
|
|
1D9123DD000
|
unkown
|
page read and write
|
|
|
|
7FF4FC648000
|
unkown image
|
page readonly
|
|
|
|
1D9123D9000
|
unkown
|
page read and write
|
|
|
|
12B397F000
|
stack
|
page read and write
|
|
|
|
7FF581528000
|
unkown image
|
page readonly
|
|
|
|
2BED6E80000
|
unkown
|
page read and write
|
|
|
|
2BED1450000
|
unkown image
|
page read and write
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
7FF507B13000
|
unkown image
|
page readonly
|
|
|
|
7DF54A8B2000
|
unkown image
|
page readonly
|
|
|
|
1536E180000
|
unkown
|
page read and write
|
|
|
|
7FF5C50B8000
|
unkown image
|
page readonly
|
|
|
|
7FF531B17000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52CB000
|
unkown image
|
page readonly
|
|
|
|
2BED1E15000
|
unkown
|
page read and write
|
|
|
|
7FF5C52FF000
|
unkown image
|
page readonly
|
|
|
|
7FF531B63000
|
unkown image
|
page readonly
|
|
|
|
1D9123D9000
|
unkown
|
page read and write
|
|
|
|
1536E1F5000
|
unkown
|
page read and write
|
|
|
|
7DF5DABF2000
|
unkown image
|
page readonly
|
|
|
|
2BED6B2B000
|
unkown
|
page read and write
|
|
|
|
1FC4286C000
|
unkown
|
page read and write
|
|
|
|
2BED6C00000
|
unkown
|
page read and write
|
|
|
|
7FF58183E000
|
unkown image
|
page readonly
|
|
|
|
2BED6B50000
|
unkown
|
page read and write
|
|
|
|
1D912963000
|
unkown
|
page read and write
|
|
|
|
169D5313000
|
unkown
|
page read and write
|
|
|
|
7FF59BB18000
|
unkown image
|
page readonly
|
|
|
|
7FF59C01D000
|
unkown image
|
page readonly
|
|
|
|
7FF5318E6000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC71D000
|
unkown image
|
page readonly
|
|
|
|
7FF59BE8F000
|
unkown image
|
page readonly
|
|
|
|
7DF597342000
|
unkown image
|
page readonly
|
|
|
|
2BED1F19000
|
unkown
|
page read and write
|
|
|
|
2BED69A0000
|
unkown
|
page read and write
|
|
|
|
1E9EF202000
|
unkown
|
page read and write
|
|
|
|
1E9EF050000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC683000
|
unkown image
|
page readonly
|
|
|
|
7DF5F04C2000
|
unkown image
|
page readonly
|
|
|
|
1E9EE970000
|
heap default
|
page read and write
|
|
|
|
7DF552662000
|
unkown image
|
page readonly
|
|
|
|
12B353E000
|
stack
|
page read and write
|
|
|
|
7FF53CB33000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4B45000
|
unkown image
|
page readonly
|
|
|
|
1D9123E9000
|
unkown
|
page read and write
|
|
|
|
1FC4283B000
|
unkown
|
page read and write
|
|
|
|
19F45427000
|
unkown
|
page read and write
|
|
|
|
7FF531B4D000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC50F000
|
unkown image
|
page readonly
|
|
|
|
1D91237E000
|
unkown
|
page read and write
|
|
|
|
7DF552670000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2897000
|
unkown image
|
page readonly
|
|
|
|
19F45390000
|
unkown
|
page read and write
|
|
|
|
7FF531AF4000
|
unkown image
|
page readonly
|
|
|
|
1536E550000
|
heap private
|
page read and write
|
|
|
|
1E9EF313000
|
unkown
|
page read and write
|
|
|
|
2BED70A0000
|
unkown
|
page read and write
|
|
|
|
7FF580EA2000
|
unkown image
|
page readonly
|
|
|
|
7FF53C921000
|
unkown image
|
page readonly
|
|
|
|
7FF581703000
|
unkown image
|
page readonly
|
|
|
|
7FF4FBBA3000
|
unkown image
|
page readonly
|
|
|
|
5062FFF000
|
stack
|
page read and write
|
|
|
|
7FF59BF79000
|
unkown image
|
page readonly
|
|
|
|
2BED1F02000
|
unkown
|
page read and write
|
|
|
|
7FF53CBC5000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC4D2000
|
unkown image
|
page readonly
|
|
|
|
24B32C40000
|
unkown
|
page read and write
|
|
|
|
7FF4EE93E000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF58000
|
unkown image
|
page readonly
|
|
|
|
2BED1F5A000
|
unkown
|
page read and write
|
|
|
|
7DF552680000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1940000
|
unkown image
|
page readonly
|
|
|
|
1E9EE9A0000
|
unkown
|
page read and write
|
|
|
|
1D911B02000
|
unkown
|
page read and write
|
|
|
|
7FF4FC658000
|
unkown image
|
page readonly
|
|
|
|
7FF5818A5000
|
unkown image
|
page readonly
|
|
|
|
2BED1F18000
|
unkown
|
page read and write
|
|
|
|
1FC4284D000
|
unkown
|
page read and write
|
|
|
|
7FF50796D000
|
unkown image
|
page readonly
|
|
|
|
2BED1F19000
|
unkown
|
page read and write
|
|
|
|
7FF4FC710000
|
unkown image
|
page readonly
|
|
|
|
7FF534ECC000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC447000
|
unkown image
|
page readonly
|
|
|
|
7FF507AD7000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1942000
|
unkown image
|
page readonly
|
|
|
|
19F45360000
|
heap default
|
page read and write
|
|
|
|
DEE207B000
|
stack
|
page read and write
|
|
|
|
1D9119C0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD3B000
|
unkown image
|
page readonly
|
|
|
|
7FF534F8B000
|
unkown image
|
page readonly
|
|
|
|
7FF59BE2E000
|
unkown image
|
page readonly
|
|
|
|
1FC42846000
|
unkown
|
page read and write
|
|
|
|
15275640000
|
heap default
|
page read and write
|
|
|
|
7FF53CC7C000
|
unkown image
|
page readonly
|
|
|
|
2BED6D02000
|
unkown
|
page read and write
|
|
|
|
24B32890000
|
heap default
|
page read and write
|
|
|
|
7DF51D4D2000
|
unkown image
|
page readonly
|
|
|
|
1536E1E6000
|
heap default
|
page read and write
|
|
|
|
7FF59C03B000
|
unkown image
|
page readonly
|
|
|
|
7FF58181E000
|
unkown image
|
page readonly
|
|
|
|
2074A708000
|
unkown
|
page read and write
|
|
|
|
DEE237A000
|
stack
|
page read and write
|
|
|
|
7FF5C522D000
|
unkown image
|
page readonly
|
|
|
|
1C0D979000
|
stack
|
page read and write
|
|
|
|
19F458D0000
|
unkown image
|
page readonly
|
|
|
|
19F45460000
|
unkown
|
page read and write
|
|
|
|
169D50C0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CB3E000
|
unkown image
|
page readonly
|
|
|
|
7DF5DABF2000
|
unkown image
|
page readonly
|
|
|
|
2074A629000
|
unkown
|
page read and write
|
|
|
|
1D9118F0000
|
unkown image
|
page read and write
|
|
|
|
7FF534EF9000
|
unkown image
|
page readonly
|
|
|
|
1D912312000
|
unkown
|
page read and write
|
|
|
|
2BED6B40000
|
unkown
|
page read and write
|
|
|
|
2074A8D0000
|
unkown image
|
page readonly
|
|
|
|
2BED6E90000
|
unkown
|
page read and write
|
|
|
|
7FF4FBBA9000
|
unkown image
|
page readonly
|
|
|
|
7FF59BB09000
|
unkown image
|
page readonly
|
|
|
|
7FF53CCA9000
|
unkown image
|
page readonly
|
|
|
|
1FC4284A000
|
unkown
|
page read and write
|
|
|
|
1E9EECD0000
|
unkown image
|
page readonly
|
|
|
|
7FF534FAB000
|
unkown image
|
page readonly
|
|
|
|
1D9123E5000
|
unkown
|
page read and write
|
|
|
|
7FF581A4B000
|
unkown image
|
page readonly
|
|
|
|
1FC42864000
|
unkown
|
page read and write
|
|
|
|
7DF51D4D0000
|
unkown image
|
page readonly
|
|
|
|
313A5FF000
|
stack
|
page read and write
|
|
|
|
7DF5B82A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5265000
|
unkown image
|
page readonly
|
|
|
|
2BED6CD5000
|
unkown
|
page read and write
|
|
|
|
7FF53CC20000
|
unkown image
|
page readonly
|
|
|
|
7FF5A27EF000
|
unkown image
|
page readonly
|
|
|
|
19F45300000
|
heap private
|
page read and write
|
|
|
|
2BED24E0000
|
unkown
|
page read and write
|
|
|
|
7DF5B1940000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4E80000
|
unkown image
|
page readonly
|
|
|
|
7FF58125E000
|
unkown image
|
page readonly
|
|
|
|
1DCA5A35000
|
unkown
|
page read and write
|
|
|
|
7FF4FAC8F000
|
unkown image
|
page readonly
|
|
|
|
1FC42853000
|
unkown
|
page read and write
|
|
|
|
7FF53CD6B000
|
unkown image
|
page readonly
|
|
|
|
15275C00000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAC60000
|
unkown image
|
page readonly
|
|
|
|
1E9EEA88000
|
unkown
|
page read and write
|
|
|
|
2BED6B64000
|
unkown
|
page read and write
|
|
|
|
7FF507B88000
|
unkown image
|
page readonly
|
|
|
|
19F45400000
|
unkown
|
page read and write
|
|
|
|
7FF5C51B7000
|
unkown image
|
page readonly
|
|
|
|
7FF534FA4000
|
unkown image
|
page readonly
|
|
|
|
15275850000
|
unkown
|
page read and write
|
|
|
|
AA4A37F000
|
stack
|
page read and write
|
|
|
|
7FF5319B2000
|
unkown image
|
page readonly
|
|
|
|
1FC42800000
|
unkown
|
page read and write
|
|
|
|
AA4A47D000
|
stack
|
page read and write
|
|
|
|
7FF5818C4000
|
unkown image
|
page readonly
|
|
|
|
A6847D000
|
stack
|
page read and write
|
|
|
|
1D9123C0000
|
unkown
|
page read and write
|
|
|
|
7DF510582000
|
unkown image
|
page readonly
|
|
|
|
2BED6E80000
|
unkown
|
page read and write
|
|
|
|
2BED6D07000
|
unkown
|
page read and write
|
|
|
|
7FF5DAAFD000
|
unkown image
|
page readonly
|
|
|
|
313A3FE000
|
stack
|
page read and write
|
|
|
|
7FF5A2463000
|
unkown image
|
page readonly
|
|
|
|
AA4A0FE000
|
stack
|
page read and write
|
|
|
|
AA4A5FC000
|
stack
|
page read and write
|
|
|
|
1536E3B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5DABCF000
|
unkown image
|
page readonly
|
|
|
|
7FF59C006000
|
unkown image
|
page readonly
|
|
|
|
1536E1F6000
|
unkown
|
page read and write
|
|
|
|
1E9EE980000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
19F45310000
|
unkown image
|
page readonly
|
|
|
|
2BED6D13000
|
unkown
|
page read and write
|
|
|
|
32922FE000
|
stack
|
page read and write
|
|
|
|
1E9EF130000
|
unkown image
|
page write copy
|
|
|
|
7DF5F04E0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CCB3000
|
unkown image
|
page readonly
|
|
|
|
2BED1F5B000
|
unkown
|
page read and write
|
|
|
|
2BED2300000
|
unkown
|
page read and write
|
|
|
|
7DF5105A0000
|
unkown image
|
page readonly
|
|
|
|
1D9123DF000
|
unkown
|
page read and write
|
|
|
|
313A27B000
|
stack
|
page read and write
|
|
|
|
A684FB000
|
stack
|
page read and write
|
|
|
|
1D911A5C000
|
unkown
|
page read and write
|
|
|
|
DA4447D000
|
stack
|
page read and write
|
|
|
|
7FF53CC30000
|
unkown image
|
page readonly
|
|
|
|
7FF5C51F3000
|
unkown image
|
page readonly
|
|
|
|
2BED1624000
|
unkown
|
page read and write
|
|
|
|
7FF4FABC5000
|
unkown image
|
page readonly
|
|
|
|
1D911A7F000
|
unkown
|
page read and write
|
|
|
|
7FF507BBE000
|
unkown image
|
page readonly
|
|
|
|
2074A64A000
|
unkown
|
page read and write
|
|
|
|
7FF531C0B000
|
unkown image
|
page readonly
|
|
|
|
7FF53CCD5000
|
unkown image
|
page readonly
|
|
|
|
2BED6E60000
|
unkown
|
page read and write
|
|
|
|
1536E140000
|
unkown image
|
page readonly
|
|
|
|
1D911A6A000
|
unkown
|
page read and write
|
|
|
|
1DCA5C00000
|
unkown image
|
page readonly
|
|
|
|
1DCA5930000
|
unkown image
|
page readonly
|
|
|
|
1D91235A000
|
unkown
|
page read and write
|
|
|
|
7DF547530000
|
unkown image
|
page readonly
|
|
|
|
7FF507BA0000
|
unkown image
|
page readonly
|
|
|
|
2074A64F000
|
unkown
|
page read and write
|
|
|
|
1D91286A000
|
unkown
|
page read and write
|
|
|
|
7DF5B8292000
|
unkown image
|
page readonly
|
|
|
|
2BED1490000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52EB000
|
unkown image
|
page readonly
|
|
|
|
7DF5DAC00000
|
unkown image
|
page readonly
|
|
|
|
DEE1C77000
|
stack
|
page read and write
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
7FF58195C000
|
unkown image
|
page readonly
|
|
|
|
DEE25FA000
|
stack
|
page read and write
|
|
|
|
F9DCBCB000
|
unkown
|
page read and write
|
|
|
|
7DF597342000
|
unkown image
|
page readonly
|
|
|
|
1DCA5FD0000
|
unkown
|
page read and write
|
|
|
|
7FF581A16000
|
unkown image
|
page readonly
|
|
|
|
7DF5B82B0000
|
unkown image
|
page readonly
|
|
|
|
1C0D52A000
|
unkown
|
page read and write
|
|
|
|
1D912383000
|
unkown
|
page read and write
|
|
|
|
2BED6E50000
|
unkown
|
page read and write
|
|
|
|
1D9123E8000
|
unkown
|
page read and write
|
|
|
|
2BED6D5B000
|
unkown
|
page read and write
|
|
|
|
7FF53C8A1000
|
unkown image
|
page readonly
|
|
|
|
1DCA5E00000
|
unkown image
|
page readonly
|
|
|
|
24B328D4000
|
unkown
|
page read and write
|
|
|
|
15275854000
|
unkown
|
page read and write
|
|
|
|
7FF53CB0D000
|
unkown image
|
page readonly
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
1536E120000
|
unkown image
|
page read and write
|
|
|
|
7FF59BEB4000
|
unkown image
|
page readonly
|
|
|
|
7DF5105A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5073DF000
|
unkown image
|
page readonly
|
|
|
|
7FF531C1F000
|
unkown image
|
page readonly
|
|
|
|
7FF59C02E000
|
unkown image
|
page readonly
|
|
|
|
1D912390000
|
unkown
|
page read and write
|
|
|
|
7FF59B7BB000
|
unkown image
|
page readonly
|
|
|
|
1DCA5A57000
|
unkown
|
page read and write
|
|
|
|
7FF53CA83000
|
unkown image
|
page readonly
|
|
|
|
12B34BB000
|
unkown
|
page read and write
|
|
|
|
3292B7D000
|
stack
|
page read and write
|
|
|
|
7FF59BEA7000
|
unkown image
|
page readonly
|
|
|
|
1DCA57F0000
|
unkown image
|
page readonly
|
|
|
|
7DF512032000
|
unkown image
|
page readonly
|
|
|
|
7FF58199A000
|
unkown image
|
page readonly
|
|
|
|
7DF5F04D0000
|
unkown image
|
page readonly
|
|
|
|
2BED6CE8000
|
unkown
|
page read and write
|
|
|
|
7DF54A8C0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FA529000
|
unkown image
|
page readonly
|
|
|
|
1D9123A2000
|
unkown
|
page read and write
|
|
|
|
1D911A84000
|
unkown
|
page read and write
|
|
|
|
1D91234A000
|
unkown
|
page read and write
|
|
|
|
169D5272000
|
unkown
|
page read and write
|
|
|
|
2BED6C5D000
|
unkown
|
page read and write
|
|
|
|
7FF531A36000
|
unkown image
|
page readonly
|
|
|
|
7FF53196A000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4E4F000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF4C000
|
unkown image
|
page readonly
|
|
|
|
2074AC50000
|
unkown image
|
page readonly
|
|
|
|
1536E200000
|
unkown
|
page read and write
|
|
|
|
19F45500000
|
unkown
|
page read and write
|
|
|
|
7DF547512000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
7FF534F86000
|
unkown image
|
page readonly
|
|
|
|
1536E20D000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FEC000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAB9C000
|
unkown image
|
page readonly
|
|
|
|
7DF552672000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4EA4000
|
unkown image
|
page readonly
|
|
|
|
24B33470000
|
unkown
|
page read and write
|
|
|
|
1FC4286E000
|
unkown
|
page read and write
|
|
|
|
2BED6B44000
|
unkown
|
page read and write
|
|
|
|
1DCA5A02000
|
unkown
|
page read and write
|
|
|
|
7FF581989000
|
unkown image
|
page readonly
|
|
|
|
DEE1E7A000
|
stack
|
page read and write
|
|
|
|
7FF5C52FB000
|
unkown image
|
page readonly
|
|
|
|
7FF53CA6D000
|
unkown image
|
page readonly
|
|
|
|
7FF5A28E3000
|
unkown image
|
page readonly
|
|
|
|
1E9EE910000
|
heap private
|
page read and write
|
|
|
|
DEE27FD000
|
stack
|
page read and write
|
|
|
|
7FF5A2905000
|
unkown image
|
page readonly
|
|
|
|
1D912382000
|
unkown
|
page read and write
|
|
|
|
2074A66D000
|
unkown
|
page read and write
|
|
|
|
2074A570000
|
unkown image
|
page readonly
|
|
|
|
2BED6E80000
|
unkown
|
page read and write
|
|
|
|
7FF5DABBB000
|
unkown image
|
page readonly
|
|
|
|
7FF5DABCF000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC3CA000
|
unkown image
|
page readonly
|
|
|
|
15275720000
|
unkown image
|
page readonly
|
|
|
|
2BED6D0B000
|
unkown
|
page read and write
|
|
|
|
7DF51D4C2000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD4D000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD6F000
|
unkown image
|
page readonly
|
|
|
|
7FF581A20000
|
unkown image
|
page readonly
|
|
|
|
7DF54A8D0000
|
unkown image
|
page readonly
|
|
|
|
2BED6A10000
|
unkown
|
page read and write
|
|
|
|
1D912391000
|
unkown
|
page read and write
|
|
|
|
7FF4FC66D000
|
unkown image
|
page readonly
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
2BED1F18000
|
unkown
|
page read and write
|
|
|
|
7FF53C533000
|
unkown image
|
page readonly
|
|
|
|
DA442FF000
|
stack
|
page read and write
|
|
|
|
7DF512032000
|
unkown image
|
page readonly
|
|
|
|
2BED1F59000
|
unkown
|
page read and write
|
|
|
|
1FC42868000
|
unkown
|
page read and write
|
|
|
|
A688FF000
|
stack
|
page read and write
|
|
|
|
1D911A13000
|
unkown
|
page read and write
|
|
|
|
24B327E0000
|
unkown image
|
page read and write
|
|
|
|
7FF5C51E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52B8000
|
unkown image
|
page readonly
|
|
|
|
7DF51D4C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5DABA0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CA91000
|
unkown image
|
page readonly
|
|
|
|
1D912180000
|
unkown
|
page read and write
|
|
|
|
2BED1F59000
|
unkown
|
page read and write
|
|
|
|
7DF510580000
|
unkown image
|
page readonly
|
|
|
|
7FF59C02B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC724000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4770000
|
unkown image
|
page readonly
|
|
|
|
7FF534FBF000
|
unkown image
|
page readonly
|
|
|
|
2BED6C70000
|
unkown
|
page read and write
|
|
|
|
7FF507BCD000
|
unkown image
|
page readonly
|
|
|
|
7DF510592000
|
unkown image
|
page readonly
|
|
|
|
DA4437F000
|
stack
|
page read and write
|
|
|
|
15275888000
|
unkown
|
page read and write
|
|
|
|
7DF51D4D2000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAAB9000
|
unkown image
|
page readonly
|
|
|
|
7FF53177E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A28CD000
|
unkown image
|
page readonly
|
|
|
|
2BED1E00000
|
unkown
|
page read and write
|
|
|
|
1D9123E4000
|
unkown
|
page read and write
|
|
|
|
7FF507AB3000
|
unkown image
|
page readonly
|
|
|
|
7DF5B82A0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD5B000
|
unkown image
|
page readonly
|
|
|
|
1E9EEA44000
|
unkown
|
page read and write
|
|
|
|
7DF450530000
|
unkown image
|
page readonly
|
|
|
|
7FF5DABAD000
|
unkown image
|
page readonly
|
|
|
|
7FF531B85000
|
unkown image
|
page readonly
|
|
|
|
1E9EEACB000
|
unkown
|
page read and write
|
|
|
|
1C0D5AE000
|
stack
|
page read and write
|
|
|
|
7FF581A3B000
|
unkown image
|
page readonly
|
|
|
|
7DF552670000
|
unkown image
|
page readonly
|
|
|
|
1D912389000
|
unkown
|
page read and write
|
|
|
|
E37FFE000
|
stack
|
page read and write
|
|
|
|
F9DD27E000
|
stack
|
page read and write
|
|
|
|
1D91237C000
|
unkown
|
page read and write
|
|
|
|
7DF552662000
|
unkown image
|
page readonly
|
|
|
|
24B327F0000
|
unkown
|
page read and write
|
|
|
|
7DF5DABF0000
|
unkown image
|
page readonly
|
|
|
|
7DF40E450000
|
unkown image
|
page readonly
|
|
|
|
2074A64B000
|
unkown
|
page read and write
|
|
|
|
7FF5C5007000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2478000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
24B32E50000
|
unkown image
|
page readonly
|
|
|
|
7DF54A8D0000
|
unkown image
|
page readonly
|
|
|
|
24B32BF0000
|
unkown image
|
page readonly
|
|
|
|
7DF54A8B2000
|
unkown image
|
page readonly
|
|
|
|
2BED1600000
|
unkown
|
page read and write
|
|
|
|
1DCA5A3D000
|
unkown
|
page read and write
|
|
|
|
7FF53CD54000
|
unkown image
|
page readonly
|
|
|
|
2BED1F5A000
|
unkown
|
page read and write
|
|
|
|
12B3D7F000
|
stack
|
page read and write
|
|
|
|
7FF4FC6F8000
|
unkown image
|
page readonly
|
|
|
|
2BED168D000
|
unkown
|
page read and write
|
|
|
|
7FF4FC62C000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5021000
|
unkown image
|
page readonly
|
|
|
|
7FF5C520C000
|
unkown image
|
page readonly
|
|
|
|
2BED2610000
|
unkown image
|
page readonly
|
|
|
|
1D9123D9000
|
unkown
|
page read and write
|
|
|
|
DEE1AFE000
|
stack
|
page read and write
|
|
|
|
7FF507B96000
|
unkown image
|
page readonly
|
|
|
|
7DF5DAC10000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5243000
|
unkown image
|
page readonly
|
|
|
|
7FF581813000
|
unkown image
|
page readonly
|
|
|
|
32927F9000
|
stack
|
page read and write
|
|
|
|
7FF4FAC4F000
|
unkown image
|
page readonly
|
|
|
|
7FF5DAB1A000
|
unkown image
|
page readonly
|
|
|
|
7DF51D4C0000
|
unkown image
|
page readonly
|
|
|
|
1D912381000
|
unkown
|
page read and write
|
|
|
|
1D911AA3000
|
unkown
|
page read and write
|
|
|
|
24B32A60000
|
unkown image
|
page readonly
|
|
|
|
1E9EEA6E000
|
unkown
|
page read and write
|
|
|
|
2BED1460000
|
heap private
|
page read and write
|
|
|
|
7FF5A2469000
|
unkown image
|
page readonly
|
|
|
|
19F45C02000
|
unkown
|
page read and write
|
|
|
|
1FC42CD0000
|
unkown image
|
page readonly
|
|
|
|
1D911B08000
|
unkown
|
page read and write
|
|
|
|
2BED1F58000
|
unkown
|
page read and write
|
|
|
|
E37CFE000
|
stack
|
page read and write
|
|
|
|
7FF5C5218000
|
unkown image
|
page readonly
|
|
|
|
1E9EF300000
|
unkown
|
page read and write
|
|
|
|
7FF507BAD000
|
unkown image
|
page readonly
|
|
|
|
2BED6C2C000
|
unkown
|
page read and write
|
|
|
|
7FF5DAB8F000
|
unkown image
|
page readonly
|
|
|
|
1E9EE920000
|
unkown image
|
page readonly
|
|
|
|
1FC42863000
|
unkown
|
page read and write
|
|
|
|
169D5A02000
|
unkown
|
page read and write
|
|
|
|
1D9123E0000
|
unkown
|
page read and write
|
|
|
|
313A6FF000
|
stack
|
page read and write
|
|
|
|
2BED6E70000
|
unkown
|
page read and write
|
|
|
|
7FF5A28EA000
|
unkown image
|
page readonly
|
|
|
|
1D9123DD000
|
unkown
|
page read and write
|
|
|
|
7FF5C4E8F000
|
unkown image
|
page readonly
|
|
|
|
7FF5DAB05000
|
unkown image
|
page readonly
|
|
|
|
1D912368000
|
unkown
|
page read and write
|
|
|
|
7FF581A0F000
|
unkown image
|
page readonly
|
|
|
|
1E9EF33A000
|
unkown
|
page read and write
|
|
|
|
2074A540000
|
unkown image
|
page readonly
|
|
|
|
DEE217F000
|
stack
|
page read and write
|
|
|
|
1FC42866000
|
unkown
|
page read and write
|
|
|
|
1D912300000
|
unkown
|
page read and write
|
|
|
|
7DF597340000
|
unkown image
|
page readonly
|
|
|
|
2BED69C0000
|
unkown
|
page read and write
|
|
|
|
7FF581513000
|
unkown image
|
page readonly
|
|
|
|
2BED25C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5207000
|
unkown image
|
page readonly
|
|
|
|
1D912381000
|
unkown
|
page read and write
|
|
|
|
24B32830000
|
unkown image
|
page readonly
|
|
|
|
2BED25E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52FF000
|
unkown image
|
page readonly
|
|
|
|
A6837C000
|
stack
|
page read and write
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
7FF534F25000
|
unkown image
|
page readonly
|
|
|
|
7FF5DAB13000
|
unkown image
|
page readonly
|
|
|
|
7FF53CA63000
|
unkown image
|
page readonly
|
|
|
|
7DF510580000
|
unkown image
|
page readonly
|
|
|
|
1FC42885000
|
unkown
|
page read and write
|
|
|
|
19F452F0000
|
unkown image
|
page read and write
|
|
|
|
1FC42843000
|
unkown
|
page read and write
|
|
|
|
32923F7000
|
stack
|
page read and write
|
|
|
|
7FF531C1B000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4B26000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC68A000
|
unkown image
|
page readonly
|
|
|
|
2074A600000
|
unkown
|
page read and write
|
|
|
|
7FF534EED000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2984000
|
unkown image
|
page readonly
|
|
|
|
2BED2400000
|
unkown image
|
page read and write
|
|
|
|
2BED167B000
|
unkown
|
page read and write
|
|
|
|
169D5202000
|
unkown
|
page read and write
|
|
|
|
7DF597360000
|
unkown image
|
page readonly
|
|
|
|
24B32898000
|
heap default
|
page read and write
|
|
|
|
7FF531C1D000
|
unkown image
|
page readonly
|
|
|
|
7FF53CC88000
|
unkown image
|
page readonly
|
|
|
|
24B32870000
|
unkown
|
page read and write
|
|
|
|
7FF53C508000
|
unkown image
|
page readonly
|
|
|
|
1536E1DB000
|
heap default
|
page read and write
|
|
|
|
7DF5B1950000
|
unkown image
|
page readonly
|
|
|
|
2BED1694000
|
unkown
|
page read and write
|
|
|
|
1D912180000
|
unkown
|
page read and write
|
|
|
|
1D911B13000
|
unkown
|
page read and write
|
|
|
|
2074A64D000
|
unkown
|
page read and write
|
|
|
|
1D91237F000
|
unkown
|
page read and write
|
|
|
|
2074A5A0000
|
unkown image
|
page readonly
|
|
|
|
7DF512050000
|
unkown image
|
page readonly
|
|
|
|
1D9123ED000
|
unkown
|
page read and write
|
|
|
|
1D911A5F000
|
unkown
|
page read and write
|
|
|
|
24B33480000
|
unkown
|
page read and write
|
|
|
|
2BED2001000
|
unkown
|
page read and write
|
|
|
|
7FF531BEE000
|
unkown image
|
page readonly
|
|
|
|
1E9EE900000
|
unkown image
|
page read and write
|
|
|
|
169D5241000
|
unkown
|
page read and write
|
|
|
|
2074A652000
|
unkown
|
page read and write
|
|
|
|
7FF531BDF000
|
unkown image
|
page readonly
|
|
|
|
1D91237F000
|
unkown
|
page read and write
|
|
|
|
1DCA5FA0000
|
unkown
|
page read and write
|
|
|
|
7FF53CC67000
|
unkown image
|
page readonly
|
|
|
|
1FC42841000
|
unkown
|
page read and write
|
|
|
|
DEE1D7A000
|
stack
|
page read and write
|
|
|
|
7DF512040000
|
unkown image
|
page readonly
|
|
|
|
7FF59BE53000
|
unkown image
|
page readonly
|
|
|
|
7DF51D4E0000
|
unkown image
|
page readonly
|
|
|
|
2BED6D04000
|
unkown
|
page read and write
|
|
|
|
15275610000
|
unkown image
|
page readonly
|
|
|
|
1536E3A0000
|
unkown image
|
page readonly
|
|
|
|
7FF58197D000
|
unkown image
|
page readonly
|
|
|
|
24B328A0000
|
heap default
|
page read and write
|
|
|
|
1536E3C0000
|
unkown image
|
page readonly
|
|
|
|
7FF581943000
|
unkown image
|
page readonly
|
|
|
|
2BED1A00000
|
unkown image
|
page readonly
|
|
|
|
7DF510590000
|
unkown image
|
page readonly
|
|
|
|
7FF5C5174000
|
unkown image
|
page readonly
|
|
|
|
7FF5C51AD000
|
unkown image
|
page readonly
|
|
|
|
1D911910000
|
unkown image
|
page readonly
|
|
|
|
1D911910000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC4DD000
|
unkown image
|
page readonly
|
|
|
|
7FF531A94000
|
unkown image
|
page readonly
|
|
|
|
2BED6BF0000
|
unkown
|
page read and write
|
|
|
|
7FF4FC73F000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52BF000
|
unkown image
|
page readonly
|
|
|
|
2BED6D04000
|
unkown
|
page read and write
|
|
|
|
7FF53CA61000
|
unkown image
|
page readonly
|
|
|
|
7FF534F03000
|
unkown image
|
page readonly
|
|
|
|
A681FF000
|
stack
|
page read and write
|
|
|
|
15275856000
|
unkown
|
page read and write
|
|
|
|
1D912202000
|
unkown
|
page read and write
|
|
|
|
7FF5C51B0000
|
unkown image
|
page readonly
|
|
|
|
2BED2961000
|
unkown
|
page read and write
|
|
|
|
7DF547520000
|
unkown image
|
page readonly
|
|
|
|
1FC42710000
|
unkown image
|
page read and write
|
|
|
|
2BED1F19000
|
unkown
|
page read and write
|
|
|
|
7DF597340000
|
unkown image
|
page readonly
|
|
|
|
7FF507B09000
|
unkown image
|
page readonly
|
|
|
|
7FF59BE0E000
|
unkown image
|
page readonly
|
|
|
|
7DF4B6160000
|
unkown image
|
page readonly
|
|
|
|
F9DCEFE000
|
stack
|
page read and write
|
|
|
|
1FC427B0000
|
unkown
|
page read and write
|
|
|
|
7FF53CB5E000
|
unkown image
|
page readonly
|
|
|
|
2074A67D000
|
unkown
|
page read and write
|
|
|
|
7FF53CC9D000
|
unkown image
|
page readonly
|
|
|
|
7FF5C52FD000
|
unkown image
|
page readonly
|
|
|
|
15275913000
|
unkown
|
page read and write
|
|
|
|
7FF5C4E06000
|
unkown image
|
page readonly
|
|
|
|
24B33740000
|
unkown
|
page readonly
|
|
|
|
7FF53CD5E000
|
unkown image
|
page readonly
|
|
|
|
24B33730000
|
unkown
|
page read and write
|
|
|
|
7DF552660000
|
unkown image
|
page readonly
|
|
|
|
1C0D87F000
|
stack
|
page read and write
|
|
|
|
7DF547530000
|
unkown image
|
page readonly
|
|
|
|
2BED1F59000
|
unkown
|
page read and write
|
|
|
|
7DF547522000
|
unkown image
|
page readonly
|
|
|
|
1FC4283E000
|
unkown
|
page read and write
|
|
|
|
2BED168B000
|
unkown
|
page read and write
|
|
|
|
7DF448780000
|
unkown image
|
page readonly
|
|
|
|
2BED1DF3000
|
unkown
|
page read and write
|
|
|
|
2BED6B41000
|
unkown
|
page read and write
|
|
|
|
2BED14A0000
|
unkown image
|
page readonly
|
|
|
|
7FF534EF5000
|
unkown image
|
page readonly
|
|
|
|
1D911ADD000
|
unkown
|
page read and write
|
|
|
|
169D5070000
|
unkown image
|
page read and write
|
|
|
|
5062EFD000
|
stack
|
page read and write
|
|
|
|
7FF531C0E000
|
unkown image
|
page readonly
|
|
|
|
50633FE000
|
stack
|
page read and write
|
|
|
|
7DF5B82A0000
|
unkown image
|
page readonly
|
|
|
|
152755F0000
|
unkown image
|
page readonly
|
|
|
|
1DCA6002000
|
unkown
|
page read and write
|
|
|
|
2BED6E40000
|
unkown
|
page read and write
|
|
|
|
1DCA5FD0000
|
unkown
|
page read and write
|
|
|
|
7FF5318F8000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAA9D000
|
unkown image
|
page readonly
|
|
|
|
7DF5DAC10000
|
unkown image
|
page readonly
|
|
|
|
1DCA5920000
|
unkown image
|
page readonly
|
|
|
|
169D5790000
|
unkown image
|
page readonly
|
|
|
|
15275620000
|
unkown image
|
page readonly
|
|
|
|
1FC42832000
|
unkown
|
page read and write
|
|
|
|
1D9123E7000
|
unkown
|
page read and write
|
|
|
|
2074A540000
|
unkown image
|
page readonly
|
|
|
|
7DF51D4D0000
|
unkown image
|
page readonly
|
|
|
|
7FF4FABD3000
|
unkown image
|
page readonly
|
|
|
|
7FF53C914000
|
unkown image
|
page readonly
|
|
|
|
7FF531B13000
|
unkown image
|
page readonly
|
|
|
|
2BED2600000
|
unkown image
|
page readonly
|
|
|
|
7FF507ADD000
|
unkown image
|
page readonly
|
|
|
|
2BED6B60000
|
unkown
|
page read and write
|
|
|
|
7FF4FC633000
|
unkown image
|
page readonly
|
|
|
|
A682FF000
|
stack
|
page read and write
|
|
|
|
1D9123DB000
|
unkown
|
page read and write
|
|
|
|
169D50B0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CA23000
|
unkown image
|
page readonly
|
|
|
|
7DF597352000
|
unkown image
|
page readonly
|
|
|
|
7FF507A90000
|
unkown image
|
page readonly
|
|
|
|
1536E1FD000
|
unkown
|
page read and write
|
|
|
|
1D91235C000
|
unkown
|
page read and write
|
|
|
|
7FF4FAC56000
|
unkown image
|
page readonly
|
|
|
|
169D5213000
|
unkown
|
page read and write
|
|
|
|
1D912802000
|
unkown
|
page read and write
|
|
|
|
2BED1676000
|
unkown
|
page read and write
|
|
|
|
2BED6CFD000
|
unkown
|
page read and write
|
|
|
|
7DF5B8290000
|
unkown image
|
page readonly
|
|
|
|
7FF59BDDD000
|
unkown image
|
page readonly
|
|
|
|
24B32A70000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC6FF000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF6D000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2893000
|
unkown image
|
page readonly
|
|
|
|
2074A649000
|
unkown
|
page read and write
|
|
|
|
19F45502000
|
unkown
|
page read and write
|
|
|
|
7FF5DABBE000
|
unkown image
|
page readonly
|
|
|
|
7FF534FBB000
|
unkown image
|
page readonly
|
|
|
|
7FF531464000
|
unkown image
|
page readonly
|
|
|
|
7FF531BFD000
|
unkown image
|
page readonly
|
|
|
|
7FF4FAC6D000
|
unkown image
|
page readonly
|
|
|
|
2BED6CA6000
|
unkown
|
page read and write
|
|
|
|
1536E200000
|
unkown
|
page read and write
|
|
|
|
F9DD07E000
|
stack
|
page read and write
|
|
|
|
7FF5C51D8000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC4FC000
|
unkown image
|
page readonly
|
|
|
|
1E9EEAE1000
|
unkown
|
page read and write
|
|
|
|
7FF53CBE4000
|
unkown image
|
page readonly
|
|
|
|
DEE1F7E000
|
stack
|
page read and write
|
|
|
|
2BED6D04000
|
unkown
|
page read and write
|
|
|
|
7FF59BE95000
|
unkown image
|
page readonly
|
|
|
|
1D911970000
|
unkown image
|
page readonly
|
|
|
|
7FF53177A000
|
unkown image
|
page readonly
|
|
|
|
7FF507878000
|
unkown image
|
page readonly
|
|
|
|
7FF5A276E000
|
unkown image
|
page readonly
|
|
|
|
152755D0000
|
unkown image
|
page read and write
|
|
|
|
24B32C35000
|
heap private
|
page read and write
|
|
|
|
1DCA5820000
|
unkown image
|
page readonly
|
|
|
|
E37D7D000
|
stack
|
page read and write
|
|
|
|
7FF53CCBA000
|
unkown image
|
page readonly
|
|
|
|
1D911CD0000
|
unkown image
|
page readonly
|
|
|
|
169D525A000
|
unkown
|
page read and write
|
|
|
|
7FF5A299B000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC506000
|
unkown image
|
page readonly
|
|
|
|
2074A5C0000
|
unkown
|
page read and write
|
|
|
|
1DCA5B02000
|
unkown
|
page read and write
|
|
|
|
7FF53C848000
|
unkown image
|
page readonly
|
|
|
|
1E9EEA00000
|
unkown
|
page read and write
|
|
|
|
7FF507BCF000
|
unkown image
|
page readonly
|
|
|
|
1E9EE920000
|
unkown image
|
page readonly
|
|
|
|
7FF4FC43D000
|
unkown image
|
page readonly
|
|
|
|
7FF5C4A95000
|
unkown image
|
page readonly
|
|
|
|
DA445FB000
|
stack
|
page read and write
|
|
|
|
7FF5A28D9000
|
unkown image
|
page readonly
|
|
|
|
7FF531B02000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2970000
|
unkown image
|
page readonly
|
|
|
|
2BED6CD9000
|
unkown
|
page read and write
|
|
|
|
7FF531C04000
|
unkown image
|
page readonly
|
|
|
|
7DF5B1930000
|
unkown image
|
page readonly
|
|
|
|
7FF534F7F000
|
unkown image
|
page readonly
|
|
|
|
1D912390000
|
unkown
|
page read and write
|
|
|
|
7FF507AA0000
|
unkown image
|
page readonly
|
|
|
|
7FF531BEB000
|
unkown image
|
page readonly
|
|
|
|
2074A590000
|
heap default
|
page read and write
|
|
|
|
2BED6B21000
|
unkown
|
page read and write
|
|
|
|
7FF5C4FF3000
|
unkown image
|
page readonly
|
|
|
|
2BED6B27000
|
unkown
|
page read and write
|
|
|
|
7DF5B1932000
|
unkown image
|
page readonly
|
|
|
|
19F45463000
|
unkown
|
page read and write
|
|
|
|
7FF580E9C000
|
unkown image
|
page readonly
|
|
|
|
7FF5A2814000
|
unkown image
|
page readonly
|
|
|
|
1E9EEABC000
|
unkown
|
page read and write
|
|
|
|
24B33050000
|
unkown image
|
page readonly
|
|
|
|
2BED1470000
|
unkown image
|
page readonly
|
|
|
|
2074A713000
|
unkown
|
page read and write
|
|
|
|
7FF4FC679000
|
unkown image
|
page readonly
|
|
|
|
2BED6B2C000
|
unkown
|
page read and write
|
|
|
|
313A0FE000
|
stack
|
page read and write
|
|
|
|
2BED6CF1000
|
unkown
|
page read and write
|
|
|
|
15275900000
|
unkown
|
page read and write
|
|
|
|
DEE24FE000
|
stack
|
page read and write
|
|
|
|
2BED1470000
|
unkown image
|
page readonly
|
|
|
|
7FF53CD36000
|
unkown image
|
page readonly
|
|
|
|
1527587C000
|
unkown
|
page read and write
|
|
|
|
7FF5A28AC000
|
unkown image
|
page readonly
|
|
|
|
1D9123DE000
|
unkown
|
page read and write
|
|
|
|
2BED7010000
|
unkown
|
page read and write
|
|
|
|
169D522A000
|
unkown
|
page read and write
|
|
|
|
7FF4FC675000
|
unkown image
|
page readonly
|
|
|
|
7DF51D4C2000
|
unkown image
|
page readonly
|
|
|
|
7FF534423000
|
unkown image
|
page readonly
|
|
|
|
7FF59C010000
|
unkown image
|
page readonly
|
|
|
|
7FF507BCF000
|
unkown image
|
page readonly
|
|
|
|
7FF59BF37000
|
unkown image
|
page readonly
|
|
|
|
7DF512030000
|
unkown image
|
page readonly
|
|
|
|
2BED6B21000
|
unkown
|
page read and write
|
|
|
|
DA4457A000
|
stack
|
page read and write
|
|
|
|
1FC4284C000
|
unkown
|
page read and write
|
|
There are 1249 hidden memdumps, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
file:///C:/Users/user/Desktop/TxIDbatch%237809.htm#garth.brooks@tetratech.com
|
|