Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
|
data
|
dropped
|
 |
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
|
Maple help database
|
modified
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
|
Maple help database
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-211203020701Z-222.bmp
|
PC bitmap, Windows 3.x format, 117 x -152 x 32
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3024000
|
dropped
|
|
|
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\05073d33-80b1-413e-942d-e7ac11d4db4d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\137149bf-b6b3-4e8b-af53-b4c13ff31159.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\3a31e4ff-e7c0-441d-ba48-65634c61b099.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\41f54fa4-23c2-43be-81b2-4bf1709257ee.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\59dd5f38-ee19-4a9f-9294-f0464d0a2ac5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\69541c08-835e-41cc-aa83-736b2569cf68.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\6fbb6981-9658-4169-97c7-127d5445e0a3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\82307f35-64b8-483e-a2fa-92dd8032e5f6.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\836f2136-35ca-42b0-b3fb-fb112b51b7be.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\905d6e1e-46dd-4dc3-a2f8-1e046b164717.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\9e266c0f-15a3-4323-9412-2bf3a7254f6c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000001.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000002.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2bdc3667-11bf-42a3-bfdb-7aaebcafef2f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\37956f1f-56ac-4802-b18b-948f986599e7.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3d350ee8-963b-47ea-bc12-2cdcb5eaa118.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\3f421401-024f-4eac-81e5-10518fceb04f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4a6abc9a-c3cf-41f0-bb35-d2d9008d8e4a.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\62677060-cfb8-433b-a39c-16a57ba8c307.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\66df5c0a-d6c7-470f-b4c9-29f7bb57ea51.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\74d0edd4-0f0a-4801-a847-e8450592c3c3.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9e43c420-4423-44a7-ba11-25ac501e3359.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.oldDB (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldm (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldan (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3032001
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last SessionG. (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsfi (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000002
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateMP (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State} (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.oldme (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesT. (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences\ (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesmp (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old&.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\d73b3c72-05a0-4c43-8911-4f0a9bdd1ae9.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.oldx
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State64 (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old.
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\e2a19903-898a-412b-b2e4-875327dfe764.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old. (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old0
(copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a0ea8fd1-0620-406c-aa4a-885038ed7b1e.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a40286e3-9388-4513-aaec-379fc89001c5.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cf2afa24-35c0-4f97-af2f-7bd30abb5c4b.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
|
MPEG-4 LOAS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e7af7ebf-bdaa-4a80-b5f9-c47caf12a834.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f2ca1842-29fc-4134-a2a8-3016df01e549.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f48f0cb6-f7b1-494d-b2d9-3236506b92d7.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fb00cb8a-b418-493b-9c86-1357bc405b47.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\fc2434d5-e51a-4bd9-9d2d-13ae0afd2e34.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statecx (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Statem (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache41 (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Subresource Filter\Indexed Rules\27\scoped_dir6532_1494801953\Ruleset
Data
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ac9696d6-b239-4d2f-8a5d-bc80f037a1d1.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\b295da16-092a-486b-bd41-f716676a815f.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fb768cc9-28a4-48a5-8476-57b2f6797fda.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0cd410cd-54f2-44c2-8cfd-b54b106ad041.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\50e774cb-abf8-433d-8023-d36be2694ad5.tmp
|
very short file (no magic)
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1160668086\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1160668086\_platform_specific\win_x64\widevinecdm.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1160668086\_platform_specific\win_x64\widevinecdm.dll.sig
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1160668086\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1160668086\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_pnacl_json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o
|
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=7511538a3a6a0b862c772eace49075ed1bbe2377,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
|
current ar archive
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=309d6d3d463e6b1b0690f39eb226b1e4c469b2ce,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
|
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9,
stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_184538676\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1939032618\LICENSE
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1939032618\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1939032618\crl-set
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1939032618\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_1939032618\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_58332686\Filtering Rules
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_58332686\LICENSE.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_58332686\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_58332686\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_58332686\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_833495362\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_833495362\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_833495362\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_833495362\ssl_error_assistant.pb
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_987901785\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_987901785\download_file_types.pb
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_987901785\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\6532_987901785\manifest.json
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\721f2aef-84d0-4ae7-9784-02c463479920.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\fbc0387c-56d3-4902-adbe-d832458a0ca5.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\721f2aef-84d0-4ae7-9784-02c463479920.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\am\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ar\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\bn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\en\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\fa\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\fil\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\gu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\id\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\kn\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ml\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\mr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ms\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\nl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\pt\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\sw\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\ta\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\te\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\zh\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\mirroring_cast_streaming.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\mirroring_common.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\mirroring_hangouts.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1444189789\CRX_INSTALL\mirroring_webrtc.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir6532_1730496613\fbc0387c-56d3-4902-adbe-d832458a0ca5.tmp
|
Google Chrome extension, version 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_storei
|
data
|
modified
|
|
|
|
C:\Users\user\Downloads\Weekly_Prayer_List_-_12-1.pdf.crdownload (copy)
|
PDF document, version 1.6
|
dropped
|
|
|
|
C:\Users\user\Downloads\Weekly_Prayer_List_-_12-1.pdf:Zone.Identifier
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\Downloads\a068e333-09d2-40c3-8e31-561b4ff52ce4.tmp
|
PDF document, version 1.6
|
dropped
|
|
There are 333 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://firstwoodway.ccbchurch.com/get.php?id=2124&tk=2abeebaae61501940e2ab92f2218d0c1&t=mailMergeAttachment
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1516,7159305855247519982,12362767678734336706,131072
--lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1932 /prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1516,7159305855247519982,12362767678734336706,131072
--lang=en-GB --service-sandbox-type=none --enable-audio-service-sandbox --mojo-platform-channel-handle=4560 /prefetch:8
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Downloads\Weekly_Prayer_List_-_12-1.pdf
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer /prefetch:1 "C:\Users\user\Downloads\Weekly_Prayer_List_-_12-1.pdf
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat
Reader DC\Reader\AcroCEF\debug.log" --touch-events=enabled --field-trial-handle=1696,18083818934967789272,3897266435962994395,131072
--disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=3288850479740277887 --lang=en-US --disable-pack-loading
--log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035
Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3288850479740277887
--renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --field-trial-handle=1696,18083818934967789272,3897266435962994395,131072
--disable-features=VizDisplayCompositor --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log"
--log-severity=disable --product-version="ReaderServices/19.12.20035 Chrome/80.0.0.0" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA
--use-gl=swiftshader-webgl --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --service-request-channel-token=2578119246102691176
--mojo-platform-channel-handle=1736 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat
Reader DC\Reader\AcroCEF\debug.log" --touch-events=enabled --field-trial-handle=1696,18083818934967789272,3897266435962994395,131072
--disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=9980397350853042901 --lang=en-US --disable-pack-loading
--log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035
Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9980397350853042901
--renderer-client-id=4 --mojo-platform-channel-handle=1832 --allow-no-sandbox-job /prefetch:1
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat
Reader DC\Reader\AcroCEF\debug.log" --touch-events=enabled --field-trial-handle=1696,18083818934967789272,3897266435962994395,131072
--disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=10739826981085035166 --lang=en-US --disable-pack-loading
--log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035
Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10739826981085035166
--renderer-client-id=5 --mojo-platform-channel-handle=1980 --allow-no-sandbox-job /prefetch:1
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://firstwoodway.ccbchurch.com/get.php?id=2124&tk=2abeebaae61501940e2ab92f2218d0c1&t=mailMergeAttachment
|
|
||
|
https://firstwoodway.ccbchurch.com/file_retrieval.php?type=mailMergeAttachment&id=2124&tk=2abeebaae61501940e2ab92f2218d0c1
|
104.17.11.87
|
|
|
|
https://apis.google.com/js/client.js
|
unknown
|
|
|
|
https://www.google.com/images/cleardot.gif
|
unknown
|
|
|
|
https://play.google.com
|
unknown
|
|
|
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
|
|
|
https://www.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
http://firstwoodway.ccbchurch.com/get.php?id=2124&tk=2abeebaae61501940e2ab92f2218d0c1&t=mailMergeAttachment
|
104.17.11.87
|
|
|
|
https://easylist.to/)
|
unknown
|
|
|
|
https://firstwoodway.ccbchurch.com/file_retrieval.php?type=mailMergeAttachment&id=2124&tk=2abeebaae6
|
unknown
|
|
|
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
|
unknown
|
|
|
|
https://accounts.google.com/MergeSession
|
unknown
|
|
|
|
https://creativecommons.org/compatiblelicenses
|
unknown
|
|
|
|
https://preprod-hangouts-googleapis.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.203.97
|
|
|
|
https://ccbchurch.s3.amazonaws.com/65287/attachments/343/Weekly_Prayer_List_-_12-1.pdf?response-cont
|
unknown
|
|
|
|
https://www.google.com
|
unknown
|
|
|
|
https://github.com/easylist)
|
unknown
|
|
|
|
https://creativecommons.org/.
|
unknown
|
|
|
|
https://hangouts.clients6.google.com
|
unknown
|
|
|
|
https://meet.google.com
|
unknown
|
|
|
|
https://hangouts.google.com/hangouts/_/logpref
|
unknown
|
|
|
|
https://accounts.google.com
|
unknown
|
|
|
|
https://clients2.google.com/cr/report
|
unknown
|
|
|
|
http://angularjs.org
|
unknown
|
|
|
|
https://creativecommons.org/publicdomain/zero/1.0/.
|
unknown
|
|
|
|
https://github.com/angular/material
|
unknown
|
|
|
|
https://apis.google.com
|
unknown
|
|
|
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
|
|
|
https://github.com/madler/zlib/blob/master/zlib.h
|
unknown
|
|
|
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
|
|
|
https://clients2.google.com
|
unknown
|
|
|
|
https://www.google.com/tools/feedback
|
unknown
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
|
|
|
https://dns.google
|
unknown
|
|
|
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
|
|
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
|
|
|
https://ogs.google.com
|
unknown
|
|
|
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
|
|
|
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
|
unknown
|
|
|
|
https://firstwoodway.ccbchurch.com/get.php?id=2124&tk=2abeebaae61501940e2ab92f2218d0c1&t=mailMergeAttachment
|
104.17.11.87
|
|
|
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
172.217.168.45
|
|
|
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
|
|
|
https://www.google.com;
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
|
unknown
|
|
|
|
https://hangouts.google.com/
|
unknown
|
|
|
|
https://www.google.com/images/x2.gif
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.203.110
|
|
|
|
http://llvm.org/):
|
unknown
|
|
|
|
https://www.google.com/images/dot2.gif
|
unknown
|
|
|
|
https://meetings.clients6.google.com
|
unknown
|
|
|
|
https://play.google.com/log?format=json&hasfast=true
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry%s:
|
unknown
|
|
|
|
http://tools.ietf.org/html/rfc1950
|
unknown
|
|
|
|
https://code.google.com/p/nativeclient/issues/entry
|
unknown
|
|
|
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
|
|
|
https://clients2.googleusercontent.com
|
unknown
|
|
|
|
https://docs.google.com
|
unknown
|
|
|
|
https://firstwoodway.ccbchurch.com/get.php?id=2124&tk=2abeebaae61501940e2ab92f2218d0c1&t=mailMergeAt
|
unknown
|
|
|
|
https://www.google.com/
|
unknown
|
|
|
|
https://feedback.googleusercontent.com
|
unknown
|
|
|
|
https://chromium.googlesource.com/a/native_client/pnacl-clang.git
|
unknown
|
|
|
|
https://clients2.google.com/service/update2/crx
|
unknown
|
|
|
|
https://clients6.google.com
|
unknown
|
|
|
|
http://firstwoodway.ccbchurch.com/get.php?id=2124&tk=2abeebaae61501940e2ab92f2218d0c1&t=mailMergeAtt
|
unknown
|
|
There are 55 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s3-w.us-east-1.amazonaws.com
|
52.217.73.212
|
|
|
|
firstwoodway.ccbchurch.com
|
104.17.11.87
|
|
|
|
accounts.google.com
|
172.217.168.45
|
|
|
|
clients.l.google.com
|
142.250.203.110
|
|
|
|
googlehosted.l.googleusercontent.com
|
142.250.203.97
|
|
|
|
clients2.googleusercontent.com
|
unknown
|
|
|
|
clients2.google.com
|
unknown
|
|
|
|
ccbchurch.s3.amazonaws.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
142.250.203.110
|
clients.l.google.com
|
United States
|
|
|
|
104.17.11.87
|
firstwoodway.ccbchurch.com
|
United States
|
|
|
|
172.217.168.45
|
accounts.google.com
|
United States
|
|
|
|
52.217.73.212
|
s3-w.us-east-1.amazonaws.com
|
United States
|
|
|
|
142.250.203.97
|
googlehosted.l.googleusercontent.com
|
United States
|
|
|
|
239.255.255.250
|
unknown
|
Reserved
|
|
|
|
127.0.0.1
|
unknown
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
|
|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.FriendlyAppName
|
|
|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe.ApplicationCompany
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
dr
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
|
|
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
|
Implementing
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sFileAncestors
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
|
sDI
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
|
tDIText
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
|
aFS
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0
|
tfilename
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0
|
iTabCount
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent
|
iWinCount
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
|
aDefaultRHPViewModeL
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
|
bExpandRHPInViewer
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\ExitSection
|
bLastExitNormal
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement
|
bNormalExit
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
|
uLastAppLaunchTimeStamp
|
|
|
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
|
iNumReaderLaunches
|
|
There are 67 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
19364FF0000
|
unkown
|
page read and write
|
|
|
|
7FF559DBF000
|
unkown image
|
page readonly
|
|
|
|
7FF559B96000
|
unkown image
|
page readonly
|
|
|
|
7FF559DB4000
|
unkown image
|
page readonly
|
|
|
|
149B9EE0000
|
unkown image
|
page readonly
|
|
|
|
149BF5C0000
|
unkown
|
page read and write
|
|
|
|
295B1481000
|
unkown
|
page read and write
|
|
|
|
7FF53D52B000
|
unkown image
|
page readonly
|
|
|
|
7FF565CCD000
|
unkown image
|
page readonly
|
|
|
|
7FF559B5F000
|
unkown image
|
page readonly
|
|
|
|
1F5A5FE000
|
stack
|
page read and write
|
|
|
|
7FF5711F1000
|
unkown image
|
page readonly
|
|
|
|
16752597000
|
unkown
|
page read and write
|
|
|
|
1675258A000
|
unkown
|
page read and write
|
|
|
|
7FF5CB613000
|
unkown image
|
page readonly
|
|
|
|
45B66FE000
|
stack
|
page read and write
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
7FF53D57F000
|
unkown image
|
page readonly
|
|
|
|
16752518000
|
unkown
|
page read and write
|
|
|
|
7FF559B4B000
|
unkown image
|
page readonly
|
|
|
|
7FF571310000
|
unkown image
|
page readonly
|
|
|
|
7FF53D3CF000
|
unkown image
|
page readonly
|
|
|
|
7FF53D4A1000
|
unkown image
|
page readonly
|
|
|
|
202634CB000
|
unkown
|
page read and write
|
|
|
|
149BF480000
|
unkown
|
page read and write
|
|
|
|
45B65FB000
|
stack
|
page read and write
|
|
|
|
1675258A000
|
unkown
|
page read and write
|
|
|
|
7DF552692000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C2A000
|
unkown
|
page read and write
|
|
|
|
7FF57133C000
|
unkown image
|
page readonly
|
|
|
|
1F59F7B000
|
stack
|
page read and write
|
|
|
|
1675259E000
|
unkown
|
page read and write
|
|
|
|
16751CA6000
|
unkown
|
page read and write
|
|
|
|
7FF571378000
|
unkown image
|
page readonly
|
|
|
|
7FF53D56A000
|
unkown image
|
page readonly
|
|
|
|
149C0000000
|
unkown
|
page read and write
|
|
|
|
7FF53C9DC000
|
unkown image
|
page readonly
|
|
|
|
149BF69C000
|
unkown
|
page read and write
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
7FF5CB714000
|
unkown image
|
page readonly
|
|
|
|
7FF53D604000
|
unkown image
|
page readonly
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
16752A02000
|
unkown
|
page read and write
|
|
|
|
7FF559B51000
|
unkown image
|
page readonly
|
|
|
|
7FF53D596000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F12000
|
unkown image
|
page readonly
|
|
|
|
16751D13000
|
unkown
|
page read and write
|
|
|
|
7DF57AF02000
|
unkown image
|
page readonly
|
|
|
|
149BF464000
|
unkown
|
page read and write
|
|
|
|
1F59B77000
|
stack
|
page read and write
|
|
|
|
149BA75A000
|
unkown
|
page read and write
|
|
|
|
16752511000
|
unkown
|
page read and write
|
|
|
|
16752585000
|
unkown
|
page read and write
|
|
|
|
7FF53D4FF000
|
unkown image
|
page readonly
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
7FF559DCE000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAFDC000
|
unkown image
|
page readonly
|
|
|
|
149BF920000
|
unkown
|
page read and write
|
|
|
|
7FF565C23000
|
unkown image
|
page readonly
|
|
|
|
149BF46B000
|
unkown
|
page read and write
|
|
|
|
28214EFB000
|
heap default
|
page read and write
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
167525BF000
|
unkown
|
page read and write
|
|
|
|
7FF53D361000
|
unkown image
|
page readonly
|
|
|
|
16752270000
|
unkown
|
page read and write
|
|
|
|
16751CAA000
|
unkown
|
page read and write
|
|
|
|
149BA088000
|
unkown
|
page read and write
|
|
|
|
16751B30000
|
unkown image
|
page readonly
|
|
|
|
202634CE000
|
unkown
|
page read and write
|
|
|
|
1B1E4250000
|
unkown image
|
page readonly
|
|
|
|
45B667C000
|
stack
|
page read and write
|
|
|
|
19365A32000
|
unkown
|
page read and write
|
|
|
|
1FCB5602000
|
unkown
|
page read and write
|
|
|
|
149BA056000
|
unkown
|
page read and write
|
|
|
|
28215390000
|
unkown image
|
page readonly
|
|
|
|
19364FC0000
|
unkown image
|
page readonly
|
|
|
|
1B1E3B70000
|
unkown image
|
page readonly
|
|
|
|
7FF5712FA000
|
unkown image
|
page readonly
|
|
|
|
28214F0F000
|
heap default
|
page read and write
|
|
|
|
7FF510773000
|
unkown image
|
page readonly
|
|
|
|
19365390000
|
unkown image
|
page readonly
|
|
|
|
7DF5526A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6AC000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB90000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C59000
|
unkown
|
page read and write
|
|
|
|
7FF53D371000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE08000
|
unkown image
|
page readonly
|
|
|
|
149BB2F0000
|
unkown
|
page read and write
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
7FF5AB966000
|
unkown image
|
page readonly
|
|
|
|
1675258F000
|
unkown
|
page read and write
|
|
|
|
7FF559CA6000
|
unkown image
|
page readonly
|
|
|
|
167525B8000
|
unkown
|
page read and write
|
|
|
|
193656C0000
|
unkown
|
page read and write
|
|
|
|
7FF565C7E000
|
unkown image
|
page readonly
|
|
|
|
7FF565235000
|
unkown image
|
page readonly
|
|
|
|
1FCB54E0000
|
unkown image
|
page readonly
|
|
|
|
149BA000000
|
unkown
|
page read and write
|
|
|
|
19365131000
|
unkown
|
page read and write
|
|
|
|
E4004FF000
|
stack
|
page read and write
|
|
|
|
16752564000
|
unkown
|
page read and write
|
|
|
|
A5F4D7E000
|
stack
|
page read and write
|
|
|
|
7FF585A00000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6C5000
|
unkown image
|
page readonly
|
|
|
|
149BF484000
|
unkown
|
page read and write
|
|
|
|
7FF565D97000
|
unkown image
|
page readonly
|
|
|
|
1675257F000
|
unkown
|
page read and write
|
|
|
|
7FF5CB624000
|
unkown image
|
page readonly
|
|
|
|
167519E0000
|
unkown image
|
page read and write
|
|
|
|
1B1E3B50000
|
unkown image
|
page read and write
|
|
|
|
149BA719000
|
unkown
|
page read and write
|
|
|
|
1B1E3D13000
|
unkown
|
page read and write
|
|
|
|
19365111000
|
unkown
|
page read and write
|
|
|
|
16751D16000
|
unkown
|
page read and write
|
|
|
|
7FF559C21000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB280000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C60000
|
unkown
|
page read and write
|
|
|
|
7FF57127C000
|
unkown image
|
page readonly
|
|
|
|
7FF559D65000
|
unkown image
|
page readonly
|
|
|
|
7FF5599F1000
|
unkown image
|
page readonly
|
|
|
|
7DF5864A0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB69F000
|
unkown image
|
page readonly
|
|
|
|
7FF559D5A000
|
unkown image
|
page readonly
|
|
|
|
1675255B000
|
unkown
|
page read and write
|
|
|
|
7DF56EEE0000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C58000
|
unkown
|
page read and write
|
|
|
|
149BAF80000
|
unkown image
|
page readonly
|
|
|
|
7DF5E0842000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F22000
|
unkown image
|
page readonly
|
|
|
|
1675259F000
|
unkown
|
page read and write
|
|
|
|
7FF53D4EB000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F30000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB5C8000
|
unkown image
|
page readonly
|
|
|
|
149BA901000
|
unkown
|
page read and write
|
|
|
|
167525D8000
|
unkown
|
page read and write
|
|
|
|
1675258D000
|
unkown
|
page read and write
|
|
|
|
7FF5CAB7B000
|
unkown image
|
page readonly
|
|
|
|
7DF5E0842000
|
unkown image
|
page readonly
|
|
|
|
149BA5F3000
|
unkown
|
page read and write
|
|
|
|
7FF5CAB75000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD0C000
|
unkown image
|
page readonly
|
|
|
|
16751CD6000
|
unkown
|
page read and write
|
|
|
|
149BF490000
|
unkown
|
page read and write
|
|
|
|
19365040000
|
heap default
|
page read and write
|
|
|
|
1FCB5613000
|
unkown
|
page read and write
|
|
|
|
149BF682000
|
unkown
|
page read and write
|
|
|
|
7DF586490000
|
unkown image
|
page readonly
|
|
|
|
7DF56EEE2000
|
unkown image
|
page readonly
|
|
|
|
E40067F000
|
stack
|
page read and write
|
|
|
|
DCC5FFA000
|
unkown
|
page read and write
|
|
|
|
CB047F000
|
stack
|
page read and write
|
|
|
|
7DF586480000
|
unkown image
|
page readonly
|
|
|
|
149BA5D1000
|
unkown
|
page read and write
|
|
|
|
7DF5864A0000
|
unkown image
|
page readonly
|
|
|
|
149BF5B0000
|
unkown
|
page read and write
|
|
|
|
7FF5ABC61000
|
unkown image
|
page readonly
|
|
|
|
1675256A000
|
unkown
|
page read and write
|
|
|
|
1FCB566E000
|
unkown
|
page read and write
|
|
|
|
1F5977C000
|
unkown
|
page read and write
|
|
|
|
16752A6A000
|
unkown
|
page read and write
|
|
|
|
7FF5CB19E000
|
unkown image
|
page readonly
|
|
|
|
149BF619000
|
unkown
|
page read and write
|
|
|
|
7FF565955000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C5B000
|
unkown
|
page read and write
|
|
|
|
1F5A3FA000
|
stack
|
page read and write
|
|
|
|
295B1800000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB736000
|
unkown image
|
page readonly
|
|
|
|
16752562000
|
unkown
|
page read and write
|
|
|
|
19365130000
|
unkown
|
page read and write
|
|
|
|
7FF5CB2D7000
|
unkown image
|
page readonly
|
|
|
|
149BF350000
|
unkown
|
page read and write
|
|
|
|
7FF565D6C000
|
unkown image
|
page readonly
|
|
|
|
149BF5C0000
|
unkown
|
page read and write
|
|
|
|
202633F0000
|
unkown image
|
page readonly
|
|
|
|
7DF56EED0000
|
unkown image
|
page readonly
|
|
|
|
7FF565940000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6CB000
|
unkown image
|
page readonly
|
|
|
|
149BF46A000
|
unkown
|
page read and write
|
|
|
|
149BF682000
|
unkown
|
page read and write
|
|
|
|
149B9DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF571389000
|
unkown image
|
page readonly
|
|
|
|
7FF53D320000
|
unkown image
|
page readonly
|
|
|
|
7FF510E8E000
|
unkown image
|
page readonly
|
|
|
|
16752566000
|
unkown
|
page read and write
|
|
|
|
7DF5E0840000
|
unkown image
|
page readonly
|
|
|
|
7FF57135A000
|
unkown image
|
page readonly
|
|
|
|
7FF53D54F000
|
unkown image
|
page readonly
|
|
|
|
295B11C0000
|
unkown image
|
page readonly
|
|
|
|
167525AE000
|
unkown
|
page read and write
|
|
|
|
7FF5CB704000
|
unkown image
|
page readonly
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
16751B70000
|
unkown image
|
page readonly
|
|
|
|
149BAF90000
|
unkown image
|
page readonly
|
|
|
|
167525AE000
|
unkown
|
page read and write
|
|
|
|
1675258E000
|
unkown
|
page read and write
|
|
|
|
7FF565C7B000
|
unkown image
|
page readonly
|
|
|
|
7FF565DF6000
|
unkown image
|
page readonly
|
|
|
|
7FF559BF2000
|
unkown image
|
page readonly
|
|
|
|
16752597000
|
unkown
|
page read and write
|
|
|
|
7FF571161000
|
unkown image
|
page readonly
|
|
|
|
7FF559D97000
|
unkown image
|
page readonly
|
|
|
|
DCC637A000
|
stack
|
page read and write
|
|
|
|
7FF565E72000
|
unkown image
|
page readonly
|
|
|
|
7FF565DB7000
|
unkown image
|
page readonly
|
|
|
|
202639F0000
|
unkown image
|
page readonly
|
|
|
|
149BA759000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
16751A30000
|
unkown image
|
page readonly
|
|
|
|
19365074000
|
heap default
|
page read and write
|
|
|
|
19365081000
|
unkown
|
page read and write
|
|
|
|
7FF565AF7000
|
unkown image
|
page readonly
|
|
|
|
73E097B000
|
stack
|
page read and write
|
|
|
|
149BF468000
|
unkown
|
page read and write
|
|
|
|
7DF5C0F22000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB62C000
|
unkown image
|
page readonly
|
|
|
|
7FF5707D5000
|
unkown image
|
page readonly
|
|
|
|
7FF510E4C000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD9A000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB80000
|
unkown image
|
page readonly
|
|
|
|
149BF64D000
|
unkown
|
page read and write
|
|
|
|
7FF559977000
|
unkown image
|
page readonly
|
|
|
|
149BF590000
|
unkown
|
page read and write
|
|
|
|
5795CF7000
|
stack
|
page read and write
|
|
|
|
7FF559D6B000
|
unkown image
|
page readonly
|
|
|
|
73E067E000
|
stack
|
page read and write
|
|
|
|
7FF559680000
|
unkown image
|
page readonly
|
|
|
|
7DF57AEF0000
|
unkown image
|
page readonly
|
|
|
|
19365010000
|
unkown
|
page read and write
|
|
|
|
16751C4D000
|
unkown
|
page read and write
|
|
|
|
A5F4AFB000
|
stack
|
page read and write
|
|
|
|
16752563000
|
unkown
|
page read and write
|
|
|
|
7DF525F90000
|
unkown image
|
page readonly
|
|
|
|
1675251F000
|
unkown
|
page read and write
|
|
|
|
57958FE000
|
stack
|
page read and write
|
|
|
|
1675258F000
|
unkown
|
page read and write
|
|
|
|
1B1E3BC0000
|
heap default
|
page read and write
|
|
|
|
7FF5ABD9E000
|
unkown image
|
page readonly
|
|
|
|
1675259D000
|
unkown
|
page read and write
|
|
|
|
7FF510E2B000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB90000
|
unkown image
|
page readonly
|
|
|
|
45B647E000
|
stack
|
page read and write
|
|
|
|
7FF559D13000
|
unkown image
|
page readonly
|
|
|
|
7DF5526A0000
|
unkown image
|
page readonly
|
|
|
|
7FF510E88000
|
unkown image
|
page readonly
|
|
|
|
7FF565DD4000
|
unkown image
|
page readonly
|
|
|
|
20263430000
|
unkown
|
page read and write
|
|
|
|
149BA702000
|
unkown
|
page read and write
|
|
|
|
149BF464000
|
unkown
|
page read and write
|
|
|
|
7DF59AB82000
|
unkown image
|
page readonly
|
|
|
|
7FF57120E000
|
unkown image
|
page readonly
|
|
|
|
149BF695000
|
unkown
|
page read and write
|
|
|
|
7DF525FB0000
|
unkown image
|
page readonly
|
|
|
|
7FF53CE7D000
|
unkown image
|
page readonly
|
|
|
|
E40077E000
|
stack
|
page read and write
|
|
|
|
73E0A77000
|
stack
|
page read and write
|
|
|
|
7FF5ABDB7000
|
unkown image
|
page readonly
|
|
|
|
E4005FD000
|
stack
|
page read and write
|
|
|
|
7FF510E7E000
|
unkown image
|
page readonly
|
|
|
|
7FF585A79000
|
unkown image
|
page readonly
|
|
|
|
202633D0000
|
unkown image
|
page readonly
|
|
|
|
149BF61D000
|
unkown
|
page read and write
|
|
|
|
16752270000
|
unkown
|
page read and write
|
|
|
|
7FF5ABDCF000
|
unkown image
|
page readonly
|
|
|
|
149BF62B000
|
unkown
|
page read and write
|
|
|
|
7FF559D8C000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB72000
|
unkown image
|
page readonly
|
|
|
|
295B1492000
|
unkown
|
page read and write
|
|
|
|
16751CB0000
|
unkown
|
page read and write
|
|
|
|
7FF565E71000
|
unkown image
|
page readonly
|
|
|
|
295B1448000
|
unkown
|
page read and write
|
|
|
|
5795A7B000
|
stack
|
page read and write
|
|
|
|
149BF687000
|
unkown
|
page read and write
|
|
|
|
149BAF50000
|
unkown image
|
page readonly
|
|
|
|
1675258C000
|
unkown
|
page read and write
|
|
|
|
1675258E000
|
unkown
|
page read and write
|
|
|
|
7FF559B09000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE0E000
|
unkown image
|
page readonly
|
|
|
|
7DF586480000
|
unkown image
|
page readonly
|
|
|
|
295B11C0000
|
unkown image
|
page readonly
|
|
|
|
16751A20000
|
unkown image
|
page readonly
|
|
|
|
7FF559DA4000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB72E000
|
unkown image
|
page readonly
|
|
|
|
1675258E000
|
unkown
|
page read and write
|
|
|
|
149BF460000
|
unkown
|
page read and write
|
|
|
|
73E07FB000
|
stack
|
page read and write
|
|
|
|
149BF990000
|
unkown
|
page read and write
|
|
|
|
7FF570ED0000
|
unkown image
|
page readonly
|
|
|
|
7FF57131B000
|
unkown image
|
page readonly
|
|
|
|
28214EB0000
|
unkown
|
page read and write
|
|
|
|
149BA580000
|
unkown image
|
page readonly
|
|
|
|
7FF53CE22000
|
unkown image
|
page readonly
|
|
|
|
7FF565DDF000
|
unkown image
|
page readonly
|
|
|
|
7FF5599B6000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB286000
|
unkown image
|
page readonly
|
|
|
|
7FF565DF9000
|
unkown image
|
page readonly
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
16751C53000
|
unkown
|
page read and write
|
|
|
|
149BF69C000
|
unkown
|
page read and write
|
|
|
|
7DF5E0832000
|
unkown image
|
page readonly
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
7FF559D77000
|
unkown image
|
page readonly
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
7FF52C6F4000
|
unkown image
|
page readonly
|
|
|
|
7DF56EEF0000
|
unkown image
|
page readonly
|
|
|
|
DCC64FD000
|
stack
|
page read and write
|
|
|
|
CAFCF7000
|
stack
|
page read and write
|
|
|
|
7FF5CB017000
|
unkown image
|
page readonly
|
|
|
|
16752A00000
|
unkown
|
page read and write
|
|
|
|
149B9EF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB4F6000
|
unkown image
|
page readonly
|
|
|
|
CAFAFF000
|
stack
|
page read and write
|
|
|
|
7FF5CB4C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABDA5000
|
unkown image
|
page readonly
|
|
|
|
7DF5526B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB1F6000
|
unkown image
|
page readonly
|
|
|
|
16751C9F000
|
unkown
|
page read and write
|
|
|
|
16752A02000
|
unkown
|
page read and write
|
|
|
|
149BF8B0000
|
unkown
|
page read and write
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
7DF498A40000
|
unkown image
|
page readonly
|
|
|
|
7FF510E99000
|
unkown image
|
page readonly
|
|
|
|
7FF565D6A000
|
unkown image
|
page readonly
|
|
|
|
1B1E4402000
|
unkown
|
page read and write
|
|
|
|
149BF6A6000
|
unkown
|
page read and write
|
|
|
|
1B1E3ED0000
|
unkown image
|
page readonly
|
|
|
|
73E0B7E000
|
stack
|
page read and write
|
|
|
|
7FF53D537000
|
unkown image
|
page readonly
|
|
|
|
1675256B000
|
unkown
|
page read and write
|
|
|
|
7DF57AEF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB7A4000
|
unkown image
|
page readonly
|
|
|
|
1FCB5653000
|
unkown
|
page read and write
|
|
|
|
1675255C000
|
unkown
|
page read and write
|
|
|
|
1F5A27E000
|
stack
|
page read and write
|
|
|
|
7FF57130E000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB222000
|
unkown image
|
page readonly
|
|
|
|
149B9FD0000
|
unkown
|
page read and write
|
|
|
|
149BA719000
|
unkown
|
page read and write
|
|
|
|
149BF530000
|
unkown
|
page read and write
|
|
|
|
7FF5ABE8A000
|
unkown image
|
page readonly
|
|
|
|
149BF490000
|
unkown
|
page read and write
|
|
|
|
1675258F000
|
unkown
|
page read and write
|
|
|
|
7FF53D564000
|
unkown image
|
page readonly
|
|
|
|
202634A0000
|
heap default
|
page read and write
|
|
|
|
7FF5ABD8C000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6AA000
|
unkown image
|
page readonly
|
|
|
|
16751C5B000
|
unkown
|
page read and write
|
|
|
|
7FF5CB68F000
|
unkown image
|
page readonly
|
|
|
|
149BA03D000
|
unkown
|
page read and write
|
|
|
|
7FF571354000
|
unkown image
|
page readonly
|
|
|
|
7FF559A44000
|
unkown image
|
page readonly
|
|
|
|
1675258D000
|
unkown
|
page read and write
|
|
|
|
7FF53D588000
|
unkown image
|
page readonly
|
|
|
|
16752500000
|
unkown
|
page read and write
|
|
|
|
167525A7000
|
unkown
|
page read and write
|
|
|
|
19364F90000
|
unkown image
|
page readonly
|
|
|
|
149BF46C000
|
unkown
|
page read and write
|
|
|
|
7FF53D50C000
|
unkown image
|
page readonly
|
|
|
|
16752A02000
|
unkown
|
page read and write
|
|
|
|
7FF585A7D000
|
unkown image
|
page readonly
|
|
|
|
7DF525FA2000
|
unkown image
|
page readonly
|
|
|
|
149BA071000
|
unkown
|
page read and write
|
|
|
|
149BF682000
|
unkown
|
page read and write
|
|
|
|
7FF53D4D3000
|
unkown image
|
page readonly
|
|
|
|
7FF53D51A000
|
unkown image
|
page readonly
|
|
|
|
295B11A0000
|
unkown image
|
page read and write
|
|
|
|
295B11B0000
|
heap private
|
page read and write
|
|
|
|
5795AFE000
|
stack
|
page read and write
|
|
|
|
149BF600000
|
unkown
|
page read and write
|
|
|
|
16751C70000
|
unkown
|
page read and write
|
|
|
|
1675258A000
|
unkown
|
page read and write
|
|
|
|
7DF5E0832000
|
unkown image
|
page readonly
|
|
|
|
1FCB5708000
|
unkown
|
page read and write
|
|
|
|
7FF53D525000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB22E000
|
unkown image
|
page readonly
|
|
|
|
295B13E0000
|
unkown
|
page read and write
|
|
|
|
19365111000
|
unkown
|
page read and write
|
|
|
|
7FF510E64000
|
unkown image
|
page readonly
|
|
|
|
7FF565CD3000
|
unkown image
|
page readonly
|
|
|
|
149BF699000
|
unkown
|
page read and write
|
|
|
|
7FF510E25000
|
unkown image
|
page readonly
|
|
|
|
7FF53D4E3000
|
unkown image
|
page readonly
|
|
|
|
45B677F000
|
stack
|
page read and write
|
|
|
|
149BA074000
|
unkown
|
page read and write
|
|
|
|
149BF695000
|
unkown
|
page read and write
|
|
|
|
1F59E7E000
|
stack
|
page read and write
|
|
|
|
CAFA7E000
|
stack
|
page read and write
|
|
|
|
7FF57137E000
|
unkown image
|
page readonly
|
|
|
|
CAFF7E000
|
stack
|
page read and write
|
|
|
|
7DF5C0F10000
|
unkown image
|
page readonly
|
|
|
|
7FF565C41000
|
unkown image
|
page readonly
|
|
|
|
7DF5E0850000
|
unkown image
|
page readonly
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
73E038C000
|
unkown
|
page read and write
|
|
|
|
295B1980000
|
unkown image
|
page readonly
|
|
|
|
7DF4DE700000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB8D6000
|
unkown image
|
page readonly
|
|
|
|
73E0C7D000
|
stack
|
page read and write
|
|
|
|
7DF552690000
|
unkown image
|
page readonly
|
|
|
|
7FF571327000
|
unkown image
|
page readonly
|
|
|
|
193650CF000
|
unkown
|
page read and write
|
|
|
|
19365130000
|
unkown
|
page read and write
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
16752597000
|
unkown
|
page read and write
|
|
|
|
1675259F000
|
unkown
|
page read and write
|
|
|
|
149BF4A4000
|
unkown
|
page read and write
|
|
|
|
149BF560000
|
unkown
|
page read and write
|
|
|
|
1B1E3C5F000
|
unkown
|
page read and write
|
|
|
|
7FF585A4A000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB68B000
|
unkown image
|
page readonly
|
|
|
|
149BF5C0000
|
unkown
|
page read and write
|
|
|
|
7FF5ABDCC000
|
unkown image
|
page readonly
|
|
|
|
7FF559DD9000
|
unkown image
|
page readonly
|
|
|
|
7FF565C61000
|
unkown image
|
page readonly
|
|
|
|
295B1400000
|
unkown
|
page read and write
|
|
|
|
7FF565DAC000
|
unkown image
|
page readonly
|
|
|
|
7FF565DFD000
|
unkown image
|
page readonly
|
|
|
|
1675258C000
|
unkown
|
page read and write
|
|
|
|
16751A00000
|
unkown image
|
page readonly
|
|
|
|
1675258A000
|
unkown
|
page read and write
|
|
|
|
7FF5CB6C0000
|
unkown image
|
page readonly
|
|
|
|
7DF484350000
|
unkown image
|
page readonly
|
|
|
|
7DF586490000
|
unkown image
|
page readonly
|
|
|
|
7FF53D4EF000
|
unkown image
|
page readonly
|
|
|
|
7DF525FA0000
|
unkown image
|
page readonly
|
|
|
|
193650BA000
|
unkown
|
page read and write
|
|
|
|
7FF510E74000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F10000
|
unkown image
|
page readonly
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
16751C29000
|
unkown
|
page read and write
|
|
|
|
16752548000
|
unkown
|
page read and write
|
|
|
|
202637E5000
|
heap private
|
page read and write
|
|
|
|
7FF570EE5000
|
unkown image
|
page readonly
|
|
|
|
19365A31000
|
unkown
|
page read and write
|
|
|
|
149BF68B000
|
unkown
|
page read and write
|
|
|
|
1FCB563C000
|
unkown
|
page read and write
|
|
|
|
7FF53D611000
|
unkown image
|
page readonly
|
|
|
|
CAF8FE000
|
stack
|
page read and write
|
|
|
|
7FF5AB255000
|
unkown image
|
page readonly
|
|
|
|
193650CF000
|
unkown
|
page read and write
|
|
|
|
149BF303000
|
unkown
|
page read and write
|
|
|
|
1F5A1FE000
|
stack
|
page read and write
|
|
|
|
7FF565D7E000
|
unkown image
|
page readonly
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
167525AE000
|
unkown
|
page read and write
|
|
|
|
16751CF7000
|
unkown
|
page read and write
|
|
|
|
7FF53D60A000
|
unkown image
|
page readonly
|
|
|
|
7FF571274000
|
unkown image
|
page readonly
|
|
|
|
7FF5598C2000
|
unkown image
|
page readonly
|
|
|
|
202637F0000
|
unkown image
|
page readonly
|
|
|
|
7DF478DC0000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F20000
|
unkown image
|
page readonly
|
|
|
|
7FF5AB25B000
|
unkown image
|
page readonly
|
|
|
|
7FF559D4C000
|
unkown image
|
page readonly
|
|
|
|
7FF559B5D000
|
unkown image
|
page readonly
|
|
|
|
7FF571087000
|
unkown image
|
page readonly
|
|
|
|
149B9D90000
|
unkown image
|
page read and write
|
|
|
|
295B1402000
|
unkown
|
page read and write
|
|
|
|
149BF466000
|
unkown
|
page read and write
|
|
|
|
16751C3C000
|
unkown
|
page read and write
|
|
|
|
295B144B000
|
unkown
|
page read and write
|
|
|
|
7DF57AF00000
|
unkown image
|
page readonly
|
|
|
|
202633D0000
|
unkown image
|
page readonly
|
|
|
|
7FF57130A000
|
unkown image
|
page readonly
|
|
|
|
7FF565D7A000
|
unkown image
|
page readonly
|
|
|
|
7FF585A02000
|
unkown image
|
page readonly
|
|
|
|
7DF57AF00000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABC9B000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE19000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB5A1000
|
unkown image
|
page readonly
|
|
|
|
7FF559B3F000
|
unkown image
|
page readonly
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
149BF610000
|
unkown
|
page read and write
|
|
|
|
7FF53D1B1000
|
unkown image
|
page readonly
|
|
|
|
16751C4C000
|
unkown
|
page read and write
|
|
|
|
1B1E3D00000
|
unkown
|
page read and write
|
|
|
|
149BF69C000
|
unkown
|
page read and write
|
|
|
|
7FF5AB960000
|
unkown image
|
page readonly
|
|
|
|
149BF662000
|
unkown
|
page read and write
|
|
|
|
202633B0000
|
unkown image
|
page read and write
|
|
|
|
16751C58000
|
unkown
|
page read and write
|
|
|
|
149BA718000
|
unkown
|
page read and write
|
|
|
|
7FF5CB6EC000
|
unkown image
|
page readonly
|
|
|
|
7FF5599E1000
|
unkown image
|
page readonly
|
|
|
|
149BA759000
|
unkown
|
page read and write
|
|
|
|
20263460000
|
unkown image
|
page readonly
|
|
|
|
1F5A07F000
|
stack
|
page read and write
|
|
|
|
295B11E0000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C5E000
|
unkown
|
page read and write
|
|
|
|
1FCB567F000
|
unkown
|
page read and write
|
|
|
|
7FF53D4A4000
|
unkown image
|
page readonly
|
|
|
|
1FCB54C0000
|
unkown image
|
page read and write
|
|
|
|
7DF586482000
|
unkown image
|
page readonly
|
|
|
|
16751A00000
|
unkown image
|
page readonly
|
|
|
|
1B1E3D08000
|
unkown
|
page read and write
|
|
|
|
7FF559DD6000
|
unkown image
|
page readonly
|
|
|
|
149BA102000
|
unkown
|
page read and write
|
|
|
|
7FF559C0F000
|
unkown image
|
page readonly
|
|
|
|
149BF687000
|
unkown
|
page read and write
|
|
|
|
16751C5A000
|
unkown
|
page read and write
|
|
|
|
7FF559B26000
|
unkown image
|
page readonly
|
|
|
|
28215185000
|
heap private
|
page read and write
|
|
|
|
CAFEFF000
|
stack
|
page read and write
|
|
|
|
7DF552690000
|
unkown image
|
page readonly
|
|
|
|
7FF5711B3000
|
unkown image
|
page readonly
|
|
|
|
DCC647E000
|
stack
|
page read and write
|
|
|
|
DCC63F9000
|
stack
|
page read and write
|
|
|
|
149BF5A0000
|
unkown
|
page read and write
|
|
|
|
7FF5CB232000
|
unkown image
|
page readonly
|
|
|
|
DCC62FF000
|
stack
|
page read and write
|
|
|
|
7FF53D3B0000
|
unkown image
|
page readonly
|
|
|
|
149BF699000
|
unkown
|
page read and write
|
|
|
|
7DF59AB70000
|
unkown image
|
page readonly
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
149BF67C000
|
unkown
|
page read and write
|
|
|
|
193656C0000
|
unkown
|
page read and write
|
|
|
|
202634CE000
|
unkown
|
page read and write
|
|
|
|
16751C50000
|
unkown
|
page read and write
|
|
|
|
7FF53D599000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB80000
|
unkown image
|
page readonly
|
|
|
|
202634DF000
|
unkown
|
page read and write
|
|
|
|
295B1502000
|
unkown
|
page read and write
|
|
|
|
28214E70000
|
unkown image
|
page readonly
|
|
|
|
295B1500000
|
unkown
|
page read and write
|
|
|
|
1675255D000
|
unkown
|
page read and write
|
|
|
|
149BA400000
|
unkown image
|
page readonly
|
|
|
|
149BF940000
|
unkown
|
page read and write
|
|
|
|
149BA719000
|
unkown
|
page read and write
|
|
|
|
7FF5ABDAB000
|
unkown image
|
page readonly
|
|
|
|
7DF525FA2000
|
unkown image
|
page readonly
|
|
|
|
19365048000
|
heap default
|
page read and write
|
|
|
|
7FF559D60000
|
unkown image
|
page readonly
|
|
|
|
7FF57133F000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABC9E000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB437000
|
unkown image
|
page readonly
|
|
|
|
19364FD0000
|
unkown image
|
page readonly
|
|
|
|
E40057F000
|
stack
|
page read and write
|
|
|
|
7FF5CB511000
|
unkown image
|
page readonly
|
|
|
|
149BAD70000
|
unkown
|
page read and write
|
|
|
|
1B1E3C3C000
|
unkown
|
page read and write
|
|
|
|
1B1E3D02000
|
unkown
|
page read and write
|
|
|
|
295B12F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6BA000
|
unkown image
|
page readonly
|
|
|
|
149BAD60000
|
unkown
|
page read and write
|
|
|
|
7FF559CCC000
|
unkown image
|
page readonly
|
|
|
|
7FF53D557000
|
unkown image
|
page readonly
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
E4006FF000
|
stack
|
page read and write
|
|
|
|
7DF57AF10000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABDF4000
|
unkown image
|
page readonly
|
|
|
|
7FF510E4F000
|
unkown image
|
page readonly
|
|
|
|
149BF6E7000
|
unkown
|
page read and write
|
|
|
|
7FF585AE4000
|
unkown image
|
page readonly
|
|
|
|
16752402000
|
unkown
|
page read and write
|
|
|
|
7FF51073C000
|
unkown image
|
page readonly
|
|
|
|
7FF52C6F4000
|
unkown image
|
page readonly
|
|
|
|
A5F487E000
|
stack
|
page read and write
|
|
|
|
1675257C000
|
unkown
|
page read and write
|
|
|
|
7FF559975000
|
unkown image
|
page readonly
|
|
|
|
295B144E000
|
unkown
|
page read and write
|
|
|
|
73E06FD000
|
stack
|
page read and write
|
|
|
|
149BF4A0000
|
unkown
|
page read and write
|
|
|
|
A5F48FE000
|
stack
|
page read and write
|
|
|
|
149BF460000
|
unkown
|
page read and write
|
|
|
|
7FF5CB47B000
|
unkown image
|
page readonly
|
|
|
|
7FF53D612000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB70000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB501000
|
unkown image
|
page readonly
|
|
|
|
1936512D000
|
unkown
|
page read and write
|
|
|
|
7FF5ABD04000
|
unkown image
|
page readonly
|
|
|
|
7DF56EED2000
|
unkown image
|
page readonly
|
|
|
|
149BA076000
|
unkown
|
page read and write
|
|
|
|
7FF5CB70A000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABDEA000
|
unkown image
|
page readonly
|
|
|
|
167519F0000
|
heap private
|
page read and write
|
|
|
|
1FCB54E0000
|
unkown image
|
page readonly
|
|
|
|
149BF694000
|
unkown
|
page read and write
|
|
|
|
7FF559B1B000
|
unkown image
|
page readonly
|
|
|
|
149BA759000
|
unkown
|
page read and write
|
|
|
|
1B1E3BD0000
|
unkown image
|
page readonly
|
|
|
|
7FF559D23000
|
unkown image
|
page readonly
|
|
|
|
1B1E3BF0000
|
unkown
|
page read and write
|
|
|
|
A5F4C77000
|
stack
|
page read and write
|
|
|
|
19365A31000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
167525BF000
|
unkown
|
page read and write
|
|
|
|
7FF5CB581000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F20000
|
unkown image
|
page readonly
|
|
|
|
202634DE000
|
unkown
|
page read and write
|
|
|
|
1B1E3C88000
|
unkown
|
page read and write
|
|
|
|
149BA718000
|
unkown
|
page read and write
|
|
|
|
45B67FF000
|
stack
|
page read and write
|
|
|
|
16752569000
|
unkown
|
page read and write
|
|
|
|
19365A10000
|
unkown image
|
page read and write
|
|
|
|
149BF481000
|
unkown
|
page read and write
|
|
|
|
7FF5ABE16000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6D7000
|
unkown image
|
page readonly
|
|
|
|
149BF466000
|
unkown
|
page read and write
|
|
|
|
7FF5713FA000
|
unkown image
|
page readonly
|
|
|
|
295B1470000
|
unkown
|
page read and write
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
149BF682000
|
unkown
|
page read and write
|
|
|
|
7DF586482000
|
unkown image
|
page readonly
|
|
|
|
7FF565CEC000
|
unkown image
|
page readonly
|
|
|
|
A5F4B7E000
|
stack
|
page read and write
|
|
|
|
149BA615000
|
unkown
|
page read and write
|
|
|
|
1675259B000
|
unkown
|
page read and write
|
|
|
|
7FF571263000
|
unkown image
|
page readonly
|
|
|
|
193650BA000
|
unkown
|
page read and write
|
|
|
|
202637E0000
|
heap private
|
page read and write
|
|
|
|
16752589000
|
unkown
|
page read and write
|
|
|
|
149BF900000
|
unkown
|
page read and write
|
|
|
|
1675258C000
|
unkown
|
page read and write
|
|
|
|
1FCB5702000
|
unkown
|
page read and write
|
|
|
|
7FF559D1F000
|
unkown image
|
page readonly
|
|
|
|
16752597000
|
unkown
|
page read and write
|
|
|
|
149BF682000
|
unkown
|
page read and write
|
|
|
|
7FF5ABDE4000
|
unkown image
|
page readonly
|
|
|
|
1FCB5AD0000
|
unkown image
|
page readonly
|
|
|
|
7FF57125D000
|
unkown image
|
page readonly
|
|
|
|
149BF6E7000
|
unkown
|
page read and write
|
|
|
|
7FF53D1DA000
|
unkown image
|
page readonly
|
|
|
|
149BA113000
|
unkown
|
page read and write
|
|
|
|
7FF5CB295000
|
unkown image
|
page readonly
|
|
|
|
149BF5B0000
|
unkown
|
page read and write
|
|
|
|
7FF510E58000
|
unkown image
|
page readonly
|
|
|
|
7DF450560000
|
unkown image
|
page readonly
|
|
|
|
295B1600000
|
unkown image
|
page readonly
|
|
|
|
149BF689000
|
unkown
|
page read and write
|
|
|
|
CB027A000
|
stack
|
page read and write
|
|
|
|
16751C56000
|
unkown
|
page read and write
|
|
|
|
149BA759000
|
unkown
|
page read and write
|
|
|
|
7FF510E20000
|
unkown image
|
page readonly
|
|
|
|
7FF571386000
|
unkown image
|
page readonly
|
|
|
|
16751C4B000
|
unkown
|
page read and write
|
|
|
|
193656C0000
|
unkown
|
page read and write
|
|
|
|
1FCB5E02000
|
unkown
|
page read and write
|
|
|
|
7FF5CAFC2000
|
unkown image
|
page readonly
|
|
|
|
1B1E40D0000
|
unkown image
|
page readonly
|
|
|
|
1675258A000
|
unkown
|
page read and write
|
|
|
|
7DF56EED2000
|
unkown image
|
page readonly
|
|
|
|
7DF59AB72000
|
unkown image
|
page readonly
|
|
|
|
28215180000
|
heap private
|
page read and write
|
|
|
|
CAFBF7000
|
stack
|
page read and write
|
|
|
|
149BA75A000
|
unkown
|
page read and write
|
|
|
|
7FF565DC4000
|
unkown image
|
page readonly
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
16751E00000
|
unkown image
|
page readonly
|
|
|
|
1B1E3B60000
|
heap private
|
page read and write
|
|
|
|
149BA08D000
|
unkown
|
page read and write
|
|
|
|
202634B6000
|
heap default
|
page read and write
|
|
|
|
16752280000
|
unkown image
|
page read and write
|
|
|
|
7FF57120B000
|
unkown image
|
page readonly
|
|
|
|
7DF586492000
|
unkown image
|
page readonly
|
|
|
|
19364F80000
|
unkown image
|
page read and write
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
16751C54000
|
unkown
|
page read and write
|
|
|
|
7FF571315000
|
unkown image
|
page readonly
|
|
|
|
1FCB5700000
|
unkown
|
page read and write
|
|
|
|
16752A02000
|
unkown
|
page read and write
|
|
|
|
7FF5CB5BE000
|
unkown image
|
page readonly
|
|
|
|
193653B0000
|
unkown image
|
page readonly
|
|
|
|
5795BFB000
|
stack
|
page read and write
|
|
|
|
7FF559E51000
|
unkown image
|
page readonly
|
|
|
|
149BA013000
|
unkown
|
page read and write
|
|
|
|
149BA086000
|
unkown
|
page read and write
|
|
|
|
1FCB5600000
|
unkown
|
page read and write
|
|
|
|
7FF5ABDA0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB660000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE92000
|
unkown image
|
page readonly
|
|
|
|
16752566000
|
unkown
|
page read and write
|
|
|
|
7DF525F92000
|
unkown image
|
page readonly
|
|
|
|
149BA098000
|
unkown
|
page read and write
|
|
|
|
7FF56523B000
|
unkown image
|
page readonly
|
|
|
|
7FF585A6E000
|
unkown image
|
page readonly
|
|
|
|
7DF5526B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB56A000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB728000
|
unkown image
|
page readonly
|
|
|
|
7FF559D34000
|
unkown image
|
page readonly
|
|
|
|
149BA713000
|
unkown
|
page read and write
|
|
|
|
7FF5ABBF1000
|
unkown image
|
page readonly
|
|
|
|
167525AA000
|
unkown
|
page read and write
|
|
|
|
7FF5CB7B1000
|
unkown image
|
page readonly
|
|
|
|
7FF510777000
|
unkown image
|
page readonly
|
|
|
|
1F59C7A000
|
stack
|
page read and write
|
|
|
|
5795EFF000
|
stack
|
page read and write
|
|
|
|
7FF571401000
|
unkown image
|
page readonly
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
149BF67C000
|
unkown
|
page read and write
|
|
|
|
149B9DD0000
|
unkown image
|
page readonly
|
|
|
|
7FF53D574000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABD8A000
|
unkown image
|
page readonly
|
|
|
|
295B1453000
|
unkown
|
page read and write
|
|
|
|
16752270000
|
unkown
|
page read and write
|
|
|
|
7DF46CDA0000
|
unkown image
|
page readonly
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
7FF5CB694000
|
unkown image
|
page readonly
|
|
|
|
149BA719000
|
unkown
|
page read and write
|
|
|
|
149BF695000
|
unkown
|
page read and write
|
|
|
|
1FCB5540000
|
unkown image
|
page readonly
|
|
|
|
7FF559C0A000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C13000
|
unkown
|
page read and write
|
|
|
|
16752180000
|
unkown image
|
page readonly
|
|
|
|
149BF900000
|
unkown
|
page read and write
|
|
|
|
7FF559D00000
|
unkown image
|
page readonly
|
|
|
|
7FF559E44000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C62000
|
unkown
|
page read and write
|
|
|
|
7FF510E6A000
|
unkown image
|
page readonly
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
1FCB5560000
|
unkown
|
page read and write
|
|
|
|
202634C5000
|
unkown
|
page read and write
|
|
|
|
7FF57136F000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABC43000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6EF000
|
unkown image
|
page readonly
|
|
|
|
149BAF60000
|
unkown image
|
page readonly
|
|
|
|
1B1E3B90000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB7B2000
|
unkown image
|
page readonly
|
|
|
|
7DF5C0F30000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE84000
|
unkown image
|
page readonly
|
|
|
|
28215190000
|
unkown image
|
page readonly
|
|
|
|
7FF585A5E000
|
unkown image
|
page readonly
|
|
|
|
149BF570000
|
unkown
|
page read and write
|
|
|
|
167525A7000
|
unkown
|
page read and write
|
|
|
|
1F5A4FA000
|
stack
|
page read and write
|
|
|
|
7FF565D85000
|
unkown image
|
page readonly
|
|
|
|
7FF53D520000
|
unkown image
|
page readonly
|
|
|
|
E40047E000
|
stack
|
page read and write
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
7FF5CB662000
|
unkown image
|
page readonly
|
|
|
|
7FF571347000
|
unkown image
|
page readonly
|
|
|
|
7DF57AF02000
|
unkown image
|
page readonly
|
|
|
|
149BF5D0000
|
unkown
|
page read and write
|
|
|
|
149BF5C0000
|
unkown
|
page read and write
|
|
|
|
149B9FE0000
|
unkown image
|
page read and write
|
|
|
|
1FCB5500000
|
unkown image
|
page readonly
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
167525AC000
|
unkown
|
page read and write
|
|
|
|
7FF5CB486000
|
unkown image
|
page readonly
|
|
|
|
28214EF0000
|
heap default
|
page read and write
|
|
|
|
7FF5CB739000
|
unkown image
|
page readonly
|
|
|
|
7FF53D51E000
|
unkown image
|
page readonly
|
|
|
|
1675258F000
|
unkown
|
page read and write
|
|
|
|
7DF5526A2000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C00000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
16752514000
|
unkown
|
page read and write
|
|
|
|
149BA718000
|
unkown
|
page read and write
|
|
|
|
7FF585A44000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB2D5000
|
unkown image
|
page readonly
|
|
|
|
1F597FF000
|
stack
|
page read and write
|
|
|
|
149BA75A000
|
unkown
|
page read and write
|
|
|
|
7DF56EEF0000
|
unkown image
|
page readonly
|
|
|
|
149BF687000
|
unkown
|
page read and write
|
|
|
|
7DF57AEF2000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB563000
|
unkown image
|
page readonly
|
|
|
|
16751CE8000
|
unkown
|
page read and write
|
|
|
|
7FF559D4A000
|
unkown image
|
page readonly
|
|
|
|
28214E60000
|
unkown image
|
page readonly
|
|
|
|
149B9DB0000
|
unkown image
|
page readonly
|
|
|
|
7FF565E6A000
|
unkown image
|
page readonly
|
|
|
|
7FF571364000
|
unkown image
|
page readonly
|
|
|
|
1675257F000
|
unkown
|
page read and write
|
|
|
|
28214E40000
|
unkown image
|
page readonly
|
|
|
|
149BAF70000
|
unkown image
|
page readonly
|
|
|
|
16751CBD000
|
unkown
|
page read and write
|
|
|
|
295B11F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5712FC000
|
unkown image
|
page readonly
|
|
|
|
295B1210000
|
heap default
|
page read and write
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
149BAE70000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
7FF53D354000
|
unkown image
|
page readonly
|
|
|
|
7DF4BEDE0000
|
unkown image
|
page readonly
|
|
|
|
7FF5599DD000
|
unkown image
|
page readonly
|
|
|
|
7FF585A2C000
|
unkown image
|
page readonly
|
|
|
|
7FF559BA1000
|
unkown image
|
page readonly
|
|
|
|
149BF580000
|
unkown
|
page read and write
|
|
|
|
16752000000
|
unkown image
|
page readonly
|
|
|
|
1FCB5629000
|
unkown
|
page read and write
|
|
|
|
16751D08000
|
unkown
|
page read and write
|
|
|
|
1F5A17E000
|
stack
|
page read and write
|
|
|
|
7FF5AB975000
|
unkown image
|
page readonly
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
149BF46E000
|
unkown
|
page read and write
|
|
|
|
A5F49FC000
|
stack
|
page read and write
|
|
|
|
7DF56EEE2000
|
unkown image
|
page readonly
|
|
|
|
149BA600000
|
unkown
|
page read and write
|
|
|
|
7FF559A47000
|
unkown image
|
page readonly
|
|
|
|
295B1513000
|
unkown
|
page read and write
|
|
|
|
167525C0000
|
unkown
|
page read and write
|
|
|
|
1675258C000
|
unkown
|
page read and write
|
|
|
|
A5F45AC000
|
unkown
|
page read and write
|
|
|
|
149BA5F0000
|
unkown
|
page read and write
|
|
|
|
16751D02000
|
unkown
|
page read and write
|
|
|
|
16752558000
|
unkown
|
page read and write
|
|
|
|
5795DFF000
|
stack
|
page read and write
|
|
|
|
7FF5ABCF3000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB5C3000
|
unkown image
|
page readonly
|
|
|
|
19365210000
|
unkown image
|
page readonly
|
|
|
|
1675258D000
|
unkown
|
page read and write
|
|
|
|
7FF565DEE000
|
unkown image
|
page readonly
|
|
|
|
16751C88000
|
unkown
|
page read and write
|
|
|
|
193650AD000
|
unkown
|
page read and write
|
|
|
|
7DF5E0850000
|
unkown image
|
page readonly
|
|
|
|
7FF510F0A000
|
unkown image
|
page readonly
|
|
|
|
16751C13000
|
unkown
|
page read and write
|
|
|
|
7FF5CB6F7000
|
unkown image
|
page readonly
|
|
|
|
7FF5596AE000
|
unkown image
|
page readonly
|
|
|
|
149BF688000
|
unkown
|
page read and write
|
|
|
|
CAF87B000
|
unkown
|
page read and write
|
|
|
|
16751C5C000
|
unkown
|
page read and write
|
|
|
|
295B1413000
|
unkown
|
page read and write
|
|
|
|
7FF510F12000
|
unkown image
|
page readonly
|
|
|
|
149BF460000
|
unkown
|
page read and write
|
|
|
|
1F59D7A000
|
stack
|
page read and write
|
|
|
|
149BF360000
|
unkown
|
page read and write
|
|
|
|
7FF559E4A000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABDD7000
|
unkown image
|
page readonly
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
7FF5CB4F4000
|
unkown image
|
page readonly
|
|
|
|
149BF682000
|
unkown
|
page read and write
|
|
|
|
7FF57138D000
|
unkown image
|
page readonly
|
|
|
|
149BF68D000
|
unkown
|
page read and write
|
|
|
|
149BF461000
|
unkown
|
page read and write
|
|
|
|
7FF559DC8000
|
unkown image
|
page readonly
|
|
|
|
73E087E000
|
stack
|
page read and write
|
|
|
|
7DF525F92000
|
unkown image
|
page readonly
|
|
|
|
295B142A000
|
unkown
|
page read and write
|
|
|
|
7DF586492000
|
unkown image
|
page readonly
|
|
|
|
149BAFA0000
|
unkown image
|
page readonly
|
|
|
|
149BA718000
|
unkown
|
page read and write
|
|
|
|
193650A7000
|
unkown
|
page read and write
|
|
|
|
7FF565DAF000
|
unkown image
|
page readonly
|
|
|
|
202634CB000
|
unkown
|
page read and write
|
|
|
|
295B1A02000
|
unkown
|
page read and write
|
|
|
|
16751CC4000
|
unkown
|
page read and write
|
|
|
|
CB007B000
|
stack
|
page read and write
|
|
|
|
7FF5ABDFF000
|
unkown image
|
page readonly
|
|
|
|
7FF565946000
|
unkown image
|
page readonly
|
|
|
|
7FF559A4A000
|
unkown image
|
page readonly
|
|
|
|
7FF565E64000
|
unkown image
|
page readonly
|
|
|
|
7FF5658B6000
|
unkown image
|
page readonly
|
|
|
|
7DF5E0830000
|
unkown image
|
page readonly
|
|
|
|
7FF510F04000
|
unkown image
|
page readonly
|
|
|
|
7FF55955E000
|
unkown image
|
page readonly
|
|
|
|
149BF460000
|
unkown
|
page read and write
|
|
|
|
7FF565DCA000
|
unkown image
|
page readonly
|
|
|
|
28214E30000
|
unkown image
|
page readonly
|
|
|
|
7FF53D54C000
|
unkown image
|
page readonly
|
|
|
|
16752568000
|
unkown
|
page read and write
|
|
|
|
28215510000
|
unkown image
|
page readonly
|
|
|
|
579587B000
|
unkown
|
page read and write
|
|
|
|
20263470000
|
unkown image
|
page readonly
|
|
|
|
7FF585A38000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB5BB000
|
unkown image
|
page readonly
|
|
|
|
7FF585AF1000
|
unkown image
|
page readonly
|
|
|
|
149BF660000
|
unkown
|
page read and write
|
|
|
|
149BAD80000
|
unkown
|
page read and write
|
|
|
|
149BF69C000
|
unkown
|
page read and write
|
|
|
|
149BAC00000
|
unkown
|
page read and write
|
|
|
|
1FCB54D0000
|
heap private
|
page read and write
|
|
|
|
149BAD90000
|
unkown image
|
page read and write
|
|
|
|
7FF5CB013000
|
unkown image
|
page readonly
|
|
|
|
7FF585A0B000
|
unkown image
|
page readonly
|
|
|
|
45B61FA000
|
unkown
|
page read and write
|
|
|
|
45B64FE000
|
stack
|
page read and write
|
|
|
|
7FF5ABE1D000
|
unkown image
|
page readonly
|
|
|
|
193653A5000
|
heap private
|
page read and write
|
|
|
|
16752A02000
|
unkown
|
page read and write
|
|
|
|
16751C4F000
|
unkown
|
page read and write
|
|
|
|
7DF5C0F12000
|
unkown image
|
page readonly
|
|
|
|
19365A30000
|
unkown
|
page read and write
|
|
|
|
149B9DB0000
|
unkown image
|
page readonly
|
|
|
|
149BA0B7000
|
unkown
|
page read and write
|
|
|
|
7FF585A54000
|
unkown image
|
page readonly
|
|
|
|
7FF510E9D000
|
unkown image
|
page readonly
|
|
|
|
19364FA0000
|
unkown image
|
page readonly
|
|
|
|
7DF525F90000
|
unkown image
|
page readonly
|
|
|
|
1FCB5510000
|
unkown image
|
page readonly
|
|
|
|
149BF699000
|
unkown
|
page read and write
|
|
|
|
149BF69C000
|
unkown
|
page read and write
|
|
|
|
7FF565D80000
|
unkown image
|
page readonly
|
|
|
|
7FF53D50A000
|
unkown image
|
page readonly
|
|
|
|
7FF565CE4000
|
unkown image
|
page readonly
|
|
|
|
7FF559DA8000
|
unkown image
|
page readonly
|
|
|
|
149BF340000
|
unkown
|
page read and write
|
|
|
|
295B1508000
|
unkown
|
page read and write
|
|
|
|
202634CB000
|
unkown
|
page read and write
|
|
|
|
7FF585AF2000
|
unkown image
|
page readonly
|
|
|
|
1B1E3BA0000
|
unkown image
|
page readonly
|
|
|
|
149BA700000
|
unkown
|
page read and write
|
|
|
|
7DF56EEE0000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C7B000
|
unkown
|
page read and write
|
|
|
|
7DF5526A2000
|
unkown image
|
page readonly
|
|
|
|
7FF53CE26000
|
unkown image
|
page readonly
|
|
|
|
149BA718000
|
unkown
|
page read and write
|
|
|
|
7FF559D3F000
|
unkown image
|
page readonly
|
|
|
|
7FF585A05000
|
unkown image
|
page readonly
|
|
|
|
7FF565DE8000
|
unkown image
|
page readonly
|
|
|
|
7FF559BB1000
|
unkown image
|
page readonly
|
|
|
|
295B143C000
|
unkown
|
page read and write
|
|
|
|
7DF552692000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABE91000
|
unkown image
|
page readonly
|
|
|
|
193650AA000
|
unkown
|
page read and write
|
|
|
|
1675259D000
|
unkown
|
page read and write
|
|
|
|
16751CEA000
|
unkown
|
page read and write
|
|
|
|
7FF53D5A2000
|
unkown image
|
page readonly
|
|
|
|
A5F4E7F000
|
stack
|
page read and write
|
|
|
|
1675258D000
|
unkown
|
page read and write
|
|
|
|
28214E90000
|
unkown
|
page read and write
|
|
|
|
7FF53D5B3000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB673000
|
unkown image
|
page readonly
|
|
|
|
7FF510F11000
|
unkown image
|
page readonly
|
|
|
|
16752557000
|
unkown
|
page read and write
|
|
|
|
16751C00000
|
unkown
|
page read and write
|
|
|
|
28214E20000
|
unkown image
|
page read and write
|
|
|
|
149BF687000
|
unkown
|
page read and write
|
|
|
|
7FF571402000
|
unkown image
|
page readonly
|
|
|
|
20263B70000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB71F000
|
unkown image
|
page readonly
|
|
|
|
149BF68F000
|
unkown
|
page read and write
|
|
|
|
CB017D000
|
stack
|
page read and write
|
|
|
|
7DF5E0840000
|
unkown image
|
page readonly
|
|
|
|
149BF630000
|
unkown
|
page read and write
|
|
|
|
149BA0F9000
|
unkown
|
page read and write
|
|
|
|
16751BA0000
|
unkown image
|
page write copy
|
|
|
|
202634CE000
|
unkown
|
page read and write
|
|
|
|
16751CE2000
|
unkown
|
page read and write
|
|
|
|
19365130000
|
unkown
|
page read and write
|
|
|
|
149BA719000
|
unkown
|
page read and write
|
|
|
|
193653A0000
|
heap private
|
page read and write
|
|
|
|
7FF565D8B000
|
unkown image
|
page readonly
|
|
|
|
7FF565BD1000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABC81000
|
unkown image
|
page readonly
|
|
|
|
16752578000
|
unkown
|
page read and write
|
|
|
|
7FF559C05000
|
unkown image
|
page readonly
|
|
|
|
7FF559E52000
|
unkown image
|
page readonly
|
|
|
|
149BF300000
|
unkown
|
page read and write
|
|
|
|
7DF423E60000
|
unkown image
|
page readonly
|
|
|
|
7FF5ABB17000
|
unkown image
|
page readonly
|
|
|
|
193650A7000
|
unkown
|
page read and write
|
|
|
|
16751A50000
|
heap default
|
page read and write
|
|
|
|
7DF57AEF0000
|
unkown image
|
page readonly
|
|
|
|
7FF5595F5000
|
unkown image
|
page readonly
|
|
|
|
7FF559CAD000
|
unkown image
|
page readonly
|
|
|
|
7FF53CE6E000
|
unkown image
|
page readonly
|
|
|
|
7FF53D4F4000
|
unkown image
|
page readonly
|
|
|
|
149BF687000
|
unkown
|
page read and write
|
|
|
|
7FF5CB60D000
|
unkown image
|
page readonly
|
|
|
|
7FF53D082000
|
unkown image
|
page readonly
|
|
|
|
7DF525FB0000
|
unkown image
|
page readonly
|
|
|
|
1675258D000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
16752597000
|
unkown
|
page read and write
|
|
|
|
1B1E3B70000
|
unkown image
|
page readonly
|
|
|
|
7FF53D58E000
|
unkown image
|
page readonly
|
|
|
|
19365087000
|
unkown
|
page read and write
|
|
|
|
149C0010000
|
unkown
|
page read and write
|
|
|
|
7DF57AF10000
|
unkown image
|
page readonly
|
|
|
|
1FCB5713000
|
unkown
|
page read and write
|
|
|
|
CAFDF8000
|
stack
|
page read and write
|
|
|
|
7FF559568000
|
unkown image
|
page readonly
|
|
|
|
7FF559B38000
|
unkown image
|
page readonly
|
|
|
|
1B1E3C5C000
|
unkown
|
page read and write
|
|
|
|
16751B50000
|
unkown
|
page read and write
|
|
|
|
149BA719000
|
unkown
|
page read and write
|
|
|
|
1675257E000
|
unkown
|
page read and write
|
|
|
|
16752A63000
|
unkown
|
page read and write
|
|
|
|
7FF5713F4000
|
unkown image
|
page readonly
|
|
|
|
1FCB5530000
|
heap default
|
page read and write
|
|
|
|
7FF5711D1000
|
unkown image
|
page readonly
|
|
|
|
7FF570E46000
|
unkown image
|
page readonly
|
|
|
|
149BA75A000
|
unkown
|
page read and write
|
|
|
|
7DF5E0830000
|
unkown image
|
page readonly
|
|
|
|
1FCB58D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CB6BE000
|
unkown image
|
page readonly
|
|
|
|
149BA09C000
|
unkown
|
page read and write
|
|
|
|
7FF559A50000
|
unkown image
|
page readonly
|
|
|
|
1F5A0FF000
|
stack
|
page read and write
|
|
|
|
7FF559A39000
|
unkown image
|
page readonly
|
|
|
|
7DF525FA0000
|
unkown image
|
page readonly
|
|
|
|
7FF53D356000
|
unkown image
|
page readonly
|
|
|
|
1FCB5689000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
7FF585A68000
|
unkown image
|
page readonly
|
|
|
|
149BA602000
|
unkown
|
page read and write
|
|
|
|
149BF65C000
|
unkown
|
page read and write
|
|
|
|
45B657E000
|
stack
|
page read and write
|
|
|
|
20263410000
|
unkown
|
page read and write
|
|
|
|
149BA200000
|
unkown image
|
page readonly
|
|
|
|
167525DE000
|
unkown
|
page read and write
|
|
|
|
1B1E3C5A000
|
unkown
|
page read and write
|
|
|
|
149BF685000
|
unkown
|
page read and write
|
|
|
|
7FF559D8F000
|
unkown image
|
page readonly
|
|
|
|
CB037B000
|
stack
|
page read and write
|
|
|
|
149BF68F000
|
unkown
|
page read and write
|
|
|
|
7FF559B94000
|
unkown image
|
page readonly
|
|
|
|
1F5A2FF000
|
stack
|
page read and write
|
|
|
|
7FF5CB7AA000
|
unkown image
|
page readonly
|
|
|
|
149B9E00000
|
heap default
|
page read and write
|
|
|
|
149BA718000
|
unkown
|
page read and write
|
|
|
|
7FF585AEA000
|
unkown image
|
page readonly
|
|
|
|
149BF68A000
|
unkown
|
page read and write
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
1FCB564D000
|
unkown
|
page read and write
|
|
|
|
E40019C000
|
unkown
|
page read and write
|
|
|
|
149BA06C000
|
unkown
|
page read and write
|
|
|
|
16752586000
|
unkown
|
page read and write
|
|
|
|
149BF683000
|
unkown
|
page read and write
|
|
|
|
7DF56EED0000
|
unkown image
|
page readonly
|
|
|
|
28214E40000
|
unkown image
|
page readonly
|
|
|
|
16751CEB000
|
unkown
|
page read and write
|
|
|
|
7FF559D5E000
|
unkown image
|
page readonly
|
|
|
|
149B9DA0000
|
heap private
|
page read and write
|
|
|
|
7FF5ABCED000
|
unkown image
|
page readonly
|
|
|
|
579597E000
|
stack
|
page read and write
|
|
|
|
149C0010000
|
unkown
|
page read and write
|
|
|
|
202634B1000
|
unkown
|
page read and write
|
|
|
|
7FF570ED6000
|
unkown image
|
page readonly
|
|
|
|
19365087000
|
unkown
|
page read and write
|
|
|
|
149BA029000
|
unkown
|
page read and write
|
|
|
|
149BA759000
|
unkown
|
page read and write
|
|
|
|
1FCB5C50000
|
unkown image
|
page readonly
|
|
|
|
202634C6000
|
unkown
|
page read and write
|
|
|
|
20263480000
|
unkown image
|
page read and write
|
|
|
|
DCC627F000
|
stack
|
page read and write
|
|
|
|
149BA980000
|
unkown
|
page read and write
|
|
|
|
149BA75A000
|
unkown
|
page read and write
|
|
|
|
149BF640000
|
unkown
|
page read and write
|
|
|
|
7DF59AB82000
|
unkown image
|
page readonly
|
|
|
|
19364FA0000
|
unkown image
|
page readonly
|
|
There are 1021 hidden memdumps, click here to show them.