IOC Report

loading gif

Files

File Path
Type
Category
Malicious
New PO 78564.pdf
PDF document, version 1.7
initial sample
 malicious
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
Maple help database
modified
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
Maple help database
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
data
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-220114132921Z-193.bmp
PC bitmap, Windows 3.x format, 152 x -152 x 32
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
SQLite 3.x database, last written using SQLite version 3024000
dropped
 clean
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
SQLite Rollback Journal
modified
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt19.lst (copy)
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.5860
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt19.lst (copy)
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt19.lst (copy)
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt16.lst.5860
PostScript document text
dropped
 clean
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\43378467-9ab4-482f-a213-60dfa41f7910.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\4fed042f-d7f2-4da4-b774-66b5c23256e5.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\6a817ab3-80d2-4ef6-9107-b88d74f3141e.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7749c35a-a2b1-4dfb-9549-f6d4e376aec3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\8f0330fa-201f-44c0-a57f-87d2c2a3078d.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\8f46e80a-9e0c-4117-ad57-d53191fdb3de.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\93b53b7e-15c9-48a9-986d-4b38d48db416.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\120f20e8-107e-4bd8-a5a7-2c006d3d8548.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4c826a51-53b2-41ed-9020-b6b3891ac6e2.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4f505aec-3de1-4480-b2f4-90deb1dab647.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\52049367-4d96-4f51-991f-600266388349.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6bef7766-78c9-47e1-88ae-bd5f7c1fa23a.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\844fff87-9d67-4728-978b-91f1e121a8f5.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\8a887c47-7ff1-4c66-8d44-ea5697258593.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\9bf5b333-1da0-46fb-b01e-66dc6953d045.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.oldh (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8520.615.0.5_1\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.oldJp (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session.. (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabs (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State3} (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\PreferencesMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferencese (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.h (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesMP (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesh (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.oldMP (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\8e953aa0-d90c-473b-ad17-0f636d0729ab.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old.. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.olde/ (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\0c8dca69-2ac9-473d-9d4b-1b60d291aa95.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old.. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.olde/ (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.oldg (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.oldn. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c596389c-bbec-4329-a09a-f0ad144063e4.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cb855a5c-1902-4cda-9ce7-17be74657dfd.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cf0bdccf-23c9-4b74-9687-bf348c17b613.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f6dcef24-ea5d-4234-b988-49fcf1e82d7b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.oldol (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local Staten (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local States} (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cachep (copy)
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\f52d2d8d-74d2-411b-87bb-6a10a081784b.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\14a5babe-e5cb-4966-b3bc-406d363192b9.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\23c31763-6182-4231-9faf-55576bbba878.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\b448837d-4a72-41aa-b408-98d7de8e589a.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\e64c3e8e-57ca-4bae-b7a9-62ea8f58e356.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\14a5babe-e5cb-4966-b3bc-406d363192b9.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\sw\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\ta\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\te\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\zh\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_1183728351\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir6528_852348550\b448837d-4a72-41aa-b408-98d7de8e589a.tmp
Google Chrome extension, version 3
dropped
 clean
There are 280 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\New PO 78564.pdf
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer /prefetch:1 "C:\Users\user\Desktop\New PO 78564.pdf
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
 clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --touch-events=enabled --field-trial-handle=1700,5061237570470507330,1302540807075552552,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=10647192645561366624 --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10647192645561366624 --renderer-client-id=2 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job /prefetch:1
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --field-trial-handle=1700,5061237570470507330,1302540807075552552,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035 Chrome/80.0.0.0" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --service-request-channel-token=3375098944914061431 --mojo-platform-channel-handle=1736 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --touch-events=enabled --field-trial-handle=1700,5061237570470507330,1302540807075552552,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=7153951524109278611 --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7153951524109278611 --renderer-client-id=4 --mojo-platform-channel-handle=1840 --allow-no-sandbox-job /prefetch:1
clean
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --touch-events=enabled --field-trial-handle=1700,5061237570470507330,1302540807075552552,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=13048974976482622221 --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.12.20035 Chrome/80.0.0.0" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13048974976482622221 --renderer-client-id=5 --mojo-platform-channel-handle=2104 --allow-no-sandbox-job /prefetch:1
clean
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation -- "https://earthy-unruly-shroud.glitch.me/ikowthlodisgoods.html
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1520,6196045898229528868,2002575593491885482,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
clean

URLs

Name
IP
Malicious
http://www.microsoft.ct
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=eaBVLAkni1zPwuiUvTdOCmFgQ9QfTfBNlf9pPr%2FQuS4WQ4oHbsbaikMR2
unknown
 clean
https://apis.google.com/js/client.js
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
http://ns.useplus.org/ldf/xmp/1.0/V
unknown
 clean
https://crash.corp.google.com/samples?reportid=&q=
unknown
 clean
https://i.ibb.co/1Rvzzk8/gmail1.png
51.210.32.106
 clean
https://a.nel.cloudflare.com/report/v3?s=6zUX3j1MbdTprOP9saoPUxJO7HAkS00cUOoZeSByQ2Z9vwZlYw5mPm%2F7X
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://api.echosign.comK
unknown
 clean
https://www.google.com
unknown
 clean
http://www.aiim.org/pdfa/ns/type#
unknown
 clean
https://api.echosign.com
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://api.echosign.comW
unknown
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207
 clean
https://kit.fontawesome.com/585b051251.js
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
http://www.aiim.org/pdfa/ns/id/4n
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://earthy-unruly-shroud.glitch.me/ikowthlodisgoods.html
clean
https://www.google.com/tools/feedback
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/4y
unknown
 clean
http://ns.useplus.org/ldf/xmp/1.0/
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
https://glitch.com
unknown
 clean
http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
unknown
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushers
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://earthy-unruly-shroud.glitch.me/css/hover.css
52.44.125.193
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.181.238
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
http://www.aiim.org/pdfa/ns/extension/3
unknown
 clean
https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1
unknown
 clean
https://ims-na1.adobelogin.com
unknown
 clean
https://docs.google.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://clients6.google.com
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jskf
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Opener-Policy:
unknown
 clean
https://earthy-unruly-shroud.glitch.me/css/hover.css/
unknown
 clean
https://ka-f.fontawesome.com
unknown
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
http://glitch.com/help
unknown
 clean
https://earthy-unruly-shroud.glitch.me/favicon.ico
52.44.125.193
 clean
https://play.google.com
unknown
 clean
http://www.aiim.org/pdfa/ns/schema#
unknown
 clean
https://earthy-unruly-shroud.glitch.me/ikowthlodisgoods.htmlShare
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
unknown
 clean
http://cipa.jp/exif/1.0/
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
http://www.aiim.org/pdfa/ns/field#:
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.181.225
 clean
https://api.echosign.comFamilyN
unknown
 clean
https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://meet.google.com
unknown
 clean
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/
unknown
 clean
https://earthy-unruly-shroud.glitch.me/ikowthlodisgoods.html
52.44.125.193
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
http://www.npes.org/pdfx/ns/id/
unknown
 clean
http://angularjs.org
unknown
 clean
http://www.aiim.org/pdfa/ns/extension/
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
http://www.aiim.org/pdfa/ns/id/n
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
https://clients2.google.com
unknown
 clean
http://www.aiim.org/pdfa/ns/property#
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
http://www.aiim.org/pdfa/ns/id/
unknown
 clean
http://iptc.org/std/Iptc4xmpExt/2008-02-29/
unknown
 clean
https://code.jquery.com/jquery-3.1.1.min.js
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
142.250.184.205
 clean
http://www.aiim.org/pdfe/ns/id/
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://earthy-unruly-shroud.glitch.me/ikowthlodisgoods.html2
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207
 clean
http://fontfabrik.comYou
unknown
 clean
https://kit.fontawesome.com
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.16.19.94
 clean
https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/Jq
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
142.250.186.163
 clean
accounts.google.com
142.250.184.205
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
earthy-unruly-shroud.glitch.me
52.44.125.193
 clean
maxcdn.bootstrapcdn.com
104.18.10.207
 clean
glitch.me
13.224.96.102
 clean
clients.l.google.com
142.250.181.238
 clean
googlehosted.l.googleusercontent.com
142.250.181.225
 clean
i.ibb.co
51.210.32.106
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
code.jquery.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
52.44.125.193
earthy-unruly-shroud.glitch.me
United States
clean
192.168.2.1
unknown
unknown
clean
104.18.10.207
maxcdn.bootstrapcdn.com
United States
clean
142.250.186.163
gstaticadssl.l.google.com
United States
clean
51.210.32.106
i.ibb.co
France
clean
142.250.181.238
clients.l.google.com
United States
clean
142.250.181.225
googlehosted.l.googleusercontent.com
United States
clean
239.255.255.250
unknown
Reserved
clean
142.250.184.205
accounts.google.com
United States
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
127.0.0.1
unknown
unknown
clean
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
aFS
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tDIText
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileName
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
tFileSource
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sFileAncestors
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDI
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
sDate
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uFileSize
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
uPageCount
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
aFS
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tDIText
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
tFileName
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sFileAncestors
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDI
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
sDate
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
sDI
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
tDIText
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0\cPathInfo
aFS
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0\cTab0
tfilename
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent\cWin0
iTabCount
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement\cWindowsCurrent
iWinCount
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
aDefaultRHPViewModeL
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
bExpandRHPInViewer
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\NoTimeOut
smailto
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\TrustManager\cDefaultLaunchURLPerms
tHostPerms
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\ExitSection
bLastExitNormal
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\SessionManagement
bNormalExit
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
uLastAppLaunchTimeStamp
 clean
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
iNumReaderLaunches
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 64 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
8F0F000
stack
page read and write
 clean
7FF52D397000
unkown image
page readonly
 clean
B520000
unkown
page read and write
 clean
B0AD000
unkown
page read and write
 clean
4E53000
heap private
page read and write
 clean
16C2C9D0000
unkown
page read and write
 clean
C970000
unkown
page read and write
 clean
28B2000
unkown image
page readonly
 clean
2A10000
unkown image
page readonly
 clean
4AAC078000
stack
page read and write
 clean
EAD4000
unkown image
page readonly
 clean
14088A5C000
unkown
page read and write
 clean
27B1000
unkown image
page readonly
 clean
7FF50917A000
unkown image
page readonly
 clean
1DBEB802000
unkown
page read and write
 clean
2A2D000
unkown image
page readonly
 clean
B3D0000
unkown
page read and write
 clean
2722000
unkown image
page readonly
 clean
4EC0000
unkown
page read and write
 clean
5190000
unkown
page read and write
 clean
B10C000
unkown
page read and write
 clean
A96D000
unkown
page read and write
 clean
28BE000
unkown image
page readonly
 clean
A6A6000
unkown
page read and write
 clean
212CF100000
unkown
page read and write
 clean
4AAC8FF000
stack
page read and write
 clean
109C000
unkown image
page readonly
 clean
4E00000
unkown
page execute read
 clean
1DBEB054000
unkown
page read and write
 clean
A959000
unkown
page read and write
 clean
29C9000
unkown image
page readonly
 clean
ACB3000
unkown
page read and write
 clean
1DBEB102000
unkown
page read and write
 clean
C230000
unkown
page read and write
 clean
7FF52D7F6000
unkown image
page readonly
 clean
7FF508DAE000
unkown image
page readonly
 clean
BAAD000
unkown image
page read and write
 clean
4EDB000
heap default
page read and write
 clean
1408934D000
unkown
page read and write
 clean
7DF5573E2000
unkown image
page readonly
 clean
7DF51E442000
unkown image
page readonly
 clean
A965000
unkown
page read and write
 clean
2722000
unkown image
page readonly
 clean
5670000
unkown image
page readonly
 clean
7FF5CD6CB000
unkown image
page readonly
 clean
8C70000
unkown
page read and write
 clean
C600000
stack
page read and write
 clean
2737000
unkown image
page readonly
 clean
7FF509349000
unkown image
page readonly
 clean
8A80000
unkown
page read and write
 clean
B1F0000
unkown
page read and write
 clean
8AF0000
unkown
page read and write
 clean
E30F000
stack
page read and write
 clean
B360000
unkown
page read and write
 clean
C900000
unkown
page read and write
 clean
AD3E000
unkown
page read and write
 clean
C600000
stack
page read and write
 clean
2076FC4E000
unkown
page read and write
 clean
A832000
unkown
page read and write
 clean
7FF52D7EE000
unkown image
page readonly
 clean
7DF51E450000
unkown image
page readonly
 clean
2A52000
unkown image
page readonly
 clean
7FF50929F000
unkown image
page readonly
 clean
8BD0000
unkown
page read and write
 clean
A596000
unkown
page read and write
 clean
ACF2000
unkown
page read and write
 clean
B10C000
unkown
page read and write
 clean
C1E0000
unkown
page read and write
 clean
A874000
unkown
page read and write
 clean
3371977000
stack
page read and write
 clean
898D000
stack
page read and write
 clean
4AAC67F000
stack
page read and write
 clean
C890000
unkown
page read and write
 clean
4EFD000
heap default
page read and write
 clean
7DF5573E0000
unkown image
page readonly
 clean
89D0000
unkown
page read and write
 clean
16C27456000
unkown
page read and write
 clean
51A0000
unkown image
page readonly
 clean
CA73000
unkown
page read and write
 clean
2A0B000
unkown image
page readonly
 clean
2076FD08000
unkown
page read and write
 clean
EAAF000
unkown image
page readonly
 clean
7FF508E96000
unkown image
page readonly
 clean
2733000
unkown image
page readonly
 clean
CC92000
unkown
page read and write
 clean
2A27000
unkown image
page readonly
 clean
7DF51E450000
unkown image
page readonly
 clean
A893000
unkown
page read and write
 clean
5560000
unkown
page read and write
 clean
C880000
unkown
page read and write
 clean
E20E000
stack
page read and write
 clean
7FF52D86A000
unkown image
page readonly
 clean
B163000
unkown
page read and write
 clean
BA57000
unkown image
page read and write
 clean
A76C000
unkown
page read and write
 clean
55E0000
unkown image
page readonly
 clean
7FF508E3E000
unkown image
page readonly
 clean
E20E000
stack
page read and write
 clean
1DBEB108000
unkown
page read and write
 clean
B5E0000
unkown
page read and write
 clean
2A25000
unkown image
page readonly
 clean
28C8000
unkown image
page readonly
 clean
16C2C970000
unkown
page read and write
 clean
2076FE00000
unkown image
page readonly
 clean
CB60000
unkown
page read and write
 clean
2A5B000
unkown image
page readonly
 clean
EB0F000
unkown
page read and write
 clean
2AD3000
unkown image
page readonly
 clean
AE9C000
unkown
page read and write
 clean
BA6F000
unkown image
page read and write
 clean
CAB3000
unkown
page read and write
 clean
7FF525BE4000
unkown image
page readonly
 clean
8B00000
unkown
page read and write
 clean
DF2F000
stack
page read and write
 clean
EB16000
unkown
page read and write
 clean
28DD000
unkown image
page readonly
 clean
27F9000
unkown image
page readonly
 clean
8AB0000
unkown
page read and write
 clean
7FF5CD280000
unkown image
page readonly
 clean
AAA0000
unkown
page read and write
 clean
C87A000
stack
page read and write
 clean
A6E8000
unkown
page read and write
 clean
C690000
stack
page read and write
 clean
EB0F000
unkown
page read and write
 clean
CC92000
unkown
page read and write
 clean
4ED0000
heap default
page read and write
 clean
2A2D000
unkown image
page readonly
 clean
2730000
unkown image
page readonly
 clean
2783000
unkown image
page readonly
 clean
7DF51E460000
unkown image
page readonly
 clean
16C2C9C0000
unkown
page read and write
 clean
28F4000
unkown image
page readonly
 clean
8A10000
unkown
page read and write
 clean
EAC9000
unkown image
page readonly
 clean
440000
unkown image
page readonly
 clean
4DD0000
unkown
page execute read
 clean
140893B5000
unkown
page read and write
 clean
C730000
stack
page read and write
 clean
C0CE000
stack
page read and write
 clean
EAD8000
unkown image
page readonly
 clean
7DF53AE00000
unkown image
page readonly
 clean
7FF541BB7000
unkown image
page readonly
 clean
9050000
unkown
page read and write
 clean
14089902000
unkown
page read and write
 clean
8930000
unkown
page read and write
 clean
8940000
unkown
page read and write
 clean
AAA0000
unkown
page read and write
 clean
BA20000
unkown
page read and write
 clean
B330000
unkown
page read and write
 clean
2783000
unkown image
page readonly
 clean
2AA1000
unkown image
page readonly
 clean
EB52000
unkown
page read and write
 clean
CDC2000
unkown
page read and write
 clean
B4C0000
unkown
page read and write
 clean
E97F47F000
stack
page read and write
 clean
7FF5CD474000
unkown image
page readonly
 clean
29FC000
unkown image
page readonly
 clean
16C2CA2B000
unkown
page read and write
 clean
B2C0000
unkown
page read and write
 clean
14088A50000
unkown
page read and write
 clean
A576000
unkown
page read and write
 clean
7FF5CD71F000
unkown image
page readonly
 clean
16C2C9B0000
unkown
page read and write
 clean
18943370000
unkown
page read and write
 clean
7FF5092FF000
unkown image
page readonly
 clean
7FF4F9888000
unkown image
page readonly
 clean
DBDD000
stack
page read and write
 clean
A963000
unkown
page read and write
 clean
16C27502000
unkown
page read and write
 clean
27C4000
unkown image
page readonly
 clean
EB34000
unkown
page read and write
 clean
51C0000
heap private
page read and write
 clean
2076FA60000
heap private
page read and write
 clean
CAB3000
unkown
page read and write
 clean
B500000
unkown
page read and write
 clean
563D000
stack
page read and write
 clean
2AC2000
unkown image
page readonly
 clean
B480000
unkown
page read and write
 clean
AD68000
unkown
page read and write
 clean
7DF542902000
unkown image
page readonly
 clean
B1E0000
unkown
page read and write
 clean
29B9000
unkown image
page readonly
 clean
14089380000
unkown
page read and write
 clean
AB30000
unkown
page read and write
 clean
16C28240000
unkown
page read and write
 clean
7FF5CD7B1000
unkown image
page readonly
 clean
AD96000
unkown
page read and write
 clean
B310000
unkown
page read and write
 clean
C990000
unkown
page read and write
 clean
14088E10000
unkown image
page readonly
 clean
2A33000
unkown image
page readonly
 clean
C630000
stack
page read and write
 clean
5560000
unkown
page read and write
 clean
B500000
unkown
page read and write
 clean
2AD3000
unkown image
page readonly
 clean
16C274B7000
unkown
page read and write
 clean
A72A000
unkown
page read and write
 clean
7DF53ADF2000
unkown image
page readonly
 clean
8CC0000
unkown
page read and write
 clean
6A80000
unkown image
page read and write
 clean
16C2C6C0000
unkown
page read and write
 clean
14089349000
unkown
page read and write
 clean
8A10000
unkown
page read and write
 clean
212CF04C000
unkown
page read and write
 clean
7FF54228C000
unkown image
page readonly
 clean
2A33000
unkown image
page readonly
 clean
4E70000
unkown image
page readonly
 clean
7FF509111000
unkown image
page readonly
 clean
14089902000
unkown
page read and write
 clean
A96D000
unkown
page read and write
 clean
7FF5CD6C5000
unkown image
page readonly
 clean
EB2B000
unkown
page read and write
 clean
7FF5CD6AA000
unkown image
page readonly
 clean
C87C000
stack
page read and write
 clean
C6C0000
stack
page execute read
 clean
B1C9000
unkown
page read and write
 clean
16C2C930000
unkown
page read and write
 clean
B5C0000
unkown
page read and write
 clean
C980000
unkown
page read and write
 clean
7FF52D797000
unkown image
page readonly
 clean
A925000
unkown
page read and write
 clean
8C90000
unkown
page read and write
 clean
140893B5000
unkown
page read and write
 clean
B3B0000
unkown
page read and write
 clean
2AC2000
unkown image
page readonly
 clean
16C28320000
unkown image
page readonly
 clean
51C0000
heap private
page read and write
 clean
B0CB000
unkown
page read and write
 clean
7FF525B23000
unkown image
page readonly
 clean
212CF049000
unkown
page read and write
 clean
7FF4F971B000
unkown image
page readonly
 clean
2AB4000
unkown image
page readonly
 clean
AE6B000
unkown
page read and write
 clean
7FF508E32000
unkown image
page readonly
 clean
DB9F000
stack
page read and write
 clean
8A50000
unkown
page read and write
 clean
16C2CA4C000
unkown
page read and write
 clean
C1CF000
stack
page read and write
 clean
2888000
unkown image
page readonly
 clean
DD1D000
stack
page read and write
 clean
AD7E000
unkown
page read and write
 clean
FF5B0000
unkown image
page readonly
 clean
A9E0000
unkown
page read and write
 clean
DE1F000
stack
page read and write
 clean
89F0000
unkown
page read and write
 clean
BA10000
unkown image
page readonly
 clean
B5D0000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
87D0000
unkown
page read and write
 clean
2A3A000
unkown image
page readonly
 clean
7FF508C27000
unkown image
page readonly
 clean
7FF52D2FA000
unkown image
page readonly
 clean
EAD4000
unkown image
page readonly
 clean
B2E0000
unkown
page read and write
 clean
C6A0000
stack
page read and write
 clean
B510000
unkown
page read and write
 clean
E97F377000
stack
page read and write
 clean
2579000
unkown image
page readonly
 clean
29B9000
unkown image
page readonly
 clean
29BF000
unkown image
page readonly
 clean
9095000
unkown
page read and write
 clean
AD64000
unkown
page read and write
 clean
253C000
unkown image
page readonly
 clean
DA9D000
stack
page read and write
 clean
7FF4F9899000
unkown image
page readonly
 clean
A586000
unkown
page read and write
 clean
A838000
unkown
page read and write
 clean
7FF5253BA000
unkown image
page readonly
 clean
8CC0000
unkown
page read and write
 clean
14088A00000
unkown
page read and write
 clean
4E53000
heap private
page read and write
 clean
C610000
stack
page read and write
 clean
4DB0000
unkown
page execute read
 clean
337167B000
unkown
page read and write
 clean
212CF04F000
unkown
page read and write
 clean
EACB000
unkown image
page readonly
 clean
C930000
unkown
page read and write
 clean
EB47000
unkown
page read and write
 clean
8A20000
unkown
page read and write
 clean
7FF50933E000
unkown image
page readonly
 clean
16C2C8A0000
unkown
page read and write
 clean
B5A0000
unkown
page read and write
 clean
FF5B2000
unkown image
page readonly
 clean
EAF2000
unkown image
page readonly
 clean
2A3A000
unkown image
page readonly
 clean
4AACBFC000
stack
page read and write
 clean
16C27B58000
unkown
page read and write
 clean
1894334B000
heap default
page read and write
 clean
29FC000
unkown image
page readonly
 clean
2A3A000
unkown image
page readonly
 clean
B5A0000
unkown
page read and write
 clean
1DBEAF70000
unkown image
page readonly
 clean
7FF52D7B7000
unkown image
page readonly
 clean
4AAC7FA000
stack
page read and write
 clean
A5C0000
unkown
page execute read
 clean
2896000
unkown image
page readonly
 clean
587000
unkown
page read and write
 clean
16C27B13000
unkown
page read and write
 clean
16C2743D000
unkown
page read and write
 clean
C960000
unkown
page read and write
 clean
212CF802000
unkown
page read and write
 clean
108D000
unkown image
page readonly
 clean
7DF50E990000
unkown image
page readonly
 clean
A576000
unkown
page read and write
 clean
7FF52D09C000
unkown image
page readonly
 clean
14089802000
unkown
page read and write
 clean
253E000
unkown image
page readonly
 clean
7FF52D785000
unkown image
page readonly
 clean
2A10000
unkown image
page readonly
 clean
A95B000
unkown
page read and write
 clean
1DBEB113000
unkown
page read and write
 clean
C620000
stack
page read and write
 clean
5B0000
unkown image
page readonly
 clean
140888D0000
unkown image
page readonly
 clean
14089902000
unkown
page read and write
 clean
14089370000
unkown
page read and write
 clean
1408937F000
unkown
page read and write
 clean
B580000
unkown
page read and write
 clean
7DF51E440000
unkown image
page readonly
 clean
C930000
unkown
page read and write
 clean
E310000
unkown
page read and write
 clean
2076FC13000
unkown
page read and write
 clean
27B1000
unkown image
page readonly
 clean
28DD000
unkown image
page readonly
 clean
BF6D000
stack
page read and write
 clean
4DB0000
unkown
page execute read
 clean
A3B0000
unkown
page read and write
 clean
140893BA000
unkown
page read and write
 clean
8A90000
unkown
page read and write
 clean
AEB7000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
B77E000
stack
page read and write
 clean
8A00000
unkown
page read and write
 clean
7DF4E0700000
unkown image
page readonly
 clean
C200000
unkown
page read and write
 clean
16C2CAA8000
unkown
page read and write
 clean
B550000
unkown
page read and write
 clean
2A3F000
unkown image
page readonly
 clean
14088A13000
unkown
page read and write
 clean
1408936C000
unkown
page read and write
 clean
14089391000
unkown
page read and write
 clean
DF6D000
stack
page read and write
 clean
14088ADB000
unkown
page read and write
 clean
4EA0000
unkown image
page readonly
 clean
8CB0000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
898D000
stack
page read and write
 clean
288B000
unkown image
page readonly
 clean
C8A0000
unkown image
page readonly
 clean
AD9A000
unkown
page read and write
 clean
7FF4F9864000
unkown image
page readonly
 clean
AD88000
unkown
page read and write
 clean
BA9D000
unkown image
page read and write
 clean
89A0000
unkown
page read and write
 clean
EB2F000
unkown
page read and write
 clean
2A0B000
unkown image
page readonly
 clean
B470000
unkown
page read and write
 clean
51CA000
heap private
page read and write
 clean
29C9000
unkown image
page readonly
 clean
C8A0000
unkown image
page readonly
 clean
7FF4F9857000
unkown image
page readonly
 clean
A925000
unkown
page read and write
 clean
1DBEAF90000
unkown image
page readonly
 clean
29B9000
unkown image
page readonly
 clean
8C2D000
stack
page read and write
 clean
B370000
unkown
page read and write
 clean
4EFD000
heap default
page read and write
 clean
89A0000
unkown
page read and write
 clean
7FF5092CA000
unkown image
page readonly
 clean
7FF5CD7B2000
unkown image
page readonly
 clean
C1E0000
unkown
page read and write
 clean
18943340000
heap default
page read and write
 clean
7FF4F9671000
unkown image
page readonly
 clean
BA00000
unkown image
page readonly
 clean
18943356000
heap default
page read and write
 clean
2896000
unkown image
page readonly
 clean
14089367000
unkown
page read and write
 clean
AD60000
unkown
page read and write
 clean
14089393000
unkown
page read and write
 clean
288B000
unkown image
page readonly
 clean
EAC0000
unkown image
page readonly
 clean
50A0000
unkown image
page readonly
 clean
E30F000
stack
page read and write
 clean
5550000
unkown image
page readonly
 clean
7FF4F982B000
unkown image
page readonly
 clean
8CB0000
unkown
page read and write
 clean
A72A000
unkown
page read and write
 clean
C210000
unkown
page read and write
 clean
7FF5CD286000
unkown image
page readonly
 clean
A586000
unkown
page read and write
 clean
2076FBA0000
unkown image
page readonly
 clean
B8BD000
stack
page read and write
 clean
8C50000
unkown
page read and write
 clean
14088AE3000
unkown
page read and write
 clean
16C2CA9D000
unkown
page read and write
 clean
212CF200000
unkown image
page readonly
 clean
140893B0000
unkown
page read and write
 clean
4DC0000
heap default
page read and write
 clean
7FF5422DD000
unkown image
page readonly
 clean
587000
unkown
page read and write
 clean
CAF3000
unkown
page read and write
 clean
7FF5CD563000
unkown image
page readonly
 clean
108D000
unkown image
page readonly
 clean
16C27513000
unkown
page read and write
 clean
55F0000
unkown image
page readonly
 clean
14088A4B000
unkown
page read and write
 clean
D3A000
unkown image
page readonly
 clean
2076FA50000
unkown image
page read and write
 clean
AA97000
unkown
page read and write
 clean
4EA0000
unkown image
page readonly
 clean
B042000
unkown
page read and write
 clean
DE1F000
stack
page read and write
 clean
A959000
unkown
page read and write
 clean
B480000
unkown
page read and write
 clean
A596000
unkown
page read and write
 clean
AFD7000
unkown
page read and write
 clean
B580000
unkown
page read and write
 clean
7FF54226B000
unkown image
page readonly
 clean
4E10000
unkown
page execute read
 clean
4E30000
unkown image
page readonly
 clean
FF5A0000
unkown image
page readonly
 clean
2807000
unkown image
page readonly
 clean
2722000
unkown image
page readonly
 clean
27C4000
unkown image
page readonly
 clean
8A00000
unkown
page read and write
 clean
7DF542902000
unkown image
page readonly
 clean
7FF5091D3000
unkown image
page readonly
 clean
7FF5092AF000
unkown image
page readonly
 clean
14089140000
unkown
page read and write
 clean
AAA6000
unkown
page read and write
 clean
2552000
unkown image
page readonly
 clean
AA46000
unkown
page read and write
 clean
8B32000
unkown image
page read and write
 clean
8B32000
unkown image
page read and write
 clean
50A0000
unkown image
page readonly
 clean
8C90000
unkown
page read and write
 clean
904F000
stack
page read and write
 clean
2A19000
unkown image
page readonly
 clean
ADB7000
unkown
page read and write
 clean
A4A7000
unkown
page read and write
 clean
16C28340000
unkown image
page readonly
 clean
2A56000
unkown image
page readonly
 clean
AAA4000
unkown
page read and write
 clean
AD6E000
unkown
page read and write
 clean
55E0000
unkown image
page readonly
 clean
7FF52D467000
unkown image
page readonly
 clean
B3C0000
unkown
page read and write
 clean
8A60000
unkown
page read and write
 clean
140888B0000
unkown image
page read and write
 clean
189437B0000
unkown image
page readonly
 clean
BAA9000
unkown image
page read and write
 clean
281D000
unkown image
page readonly
 clean
8CB0000
unkown
page read and write
 clean
2579000
unkown image
page readonly
 clean
7FF52D612000
unkown image
page readonly
 clean
8AB0000
unkown
page read and write
 clean
BA6F000
unkown image
page read and write
 clean
B2D0000
unkown
page read and write
 clean
2904000
unkown image
page readonly
 clean
4D10000
unkown
page read and write
 clean
2A27000
unkown image
page readonly
 clean
16C279F3000
unkown
page read and write
 clean
CC38000
unkown
page read and write
 clean
2816000
unkown image
page readonly
 clean
DBDD000
stack
page read and write
 clean
28EA000
unkown image
page readonly
 clean
CAF3000
unkown
page read and write
 clean
7DF51E460000
unkown image
page readonly
 clean
2807000
unkown image
page readonly
 clean
4AABF7E000
stack
page read and write
 clean
108D000
unkown image
page readonly
 clean
14088A58000
unkown
page read and write
 clean
C690000
stack
page read and write
 clean
B480000
unkown
page read and write
 clean
EB29000
unkown
page read and write
 clean
B540000
unkown
page read and write
 clean
EB34000
unkown
page read and write
 clean
B172000
unkown
page read and write
 clean
C970000
unkown
page read and write
 clean
29D3000
unkown image
page readonly
 clean
7FF509096000
unkown image
page readonly
 clean
212CEE80000
unkown image
page readonly
 clean
563D000
stack
page read and write
 clean
A874000
unkown
page read and write
 clean
569727B000
unkown
page read and write
 clean
212CF04D000
unkown
page read and write
 clean
16C2CAA4000
unkown
page read and write
 clean
7FF4F984C000
unkown image
page readonly
 clean
5550000
unkown image
page readonly
 clean
8A30000
unkown
page read and write
 clean
7FF5093B4000
unkown image
page readonly
 clean
14088900000
unkown image
page readonly
 clean
14089394000
unkown
page read and write
 clean
B470000
unkown
page read and write
 clean
89D0000
unkown
page read and write
 clean
CAB3000
unkown
page read and write
 clean
8BC0000
unkown
page read and write
 clean
C910000
unkown
page read and write
 clean
C77E000
stack
page read and write
 clean
B360000
unkown
page read and write
 clean
6AA0000
unkown image
page read and write
 clean
A97B000
unkown
page read and write
 clean
DF2F000
stack
page read and write
 clean
16C27429000
unkown
page read and write
 clean
4ED0000
heap default
page read and write
 clean
4AAC57F000
stack
page read and write
 clean
7FF525C6A000
unkown image
page readonly
 clean
B20E000
unkown
page read and write
 clean
140893C2000
unkown
page read and write
 clean
7FF52D872000
unkown image
page readonly
 clean
AA46000
unkown
page read and write
 clean
B9FF000
stack
page read and write
 clean
DA5F000
stack
page read and write
 clean
1408936A000
unkown
page read and write
 clean
FF5A2000
unkown image
page readonly
 clean
7FF542352000
unkown image
page readonly
 clean
7FF509307000
unkown image
page readonly
 clean
DE20000
unkown
page read and write
 clean
EAF2000
unkown image
page readonly
 clean
B300000
unkown
page read and write
 clean
EB20000
unkown
page read and write
 clean
7FF525CE8000
unkown image
page readonly
 clean
14089802000
unkown
page read and write
 clean
7DF5428F0000
unkown image
page readonly
 clean
5664000
heap private
page read and write
 clean
7FF5422C8000
unkown image
page readonly
 clean
2A19000
unkown image
page readonly
 clean
5A0000
unkown image
page readonly
 clean
5170000
unkown
page read and write
 clean
18943310000
unkown image
page readonly
 clean
EAB6000
unkown image
page readonly
 clean
16C2C861000
unkown
page read and write
 clean
4D10000
unkown
page read and write
 clean
B5E0000
unkown
page read and write
 clean
109C000
unkown image
page readonly
 clean
140893A0000
unkown
page read and write
 clean
8C80000
unkown
page read and write
 clean
A838000
unkown
page read and write
 clean
1DBEB08F000
unkown
page read and write
 clean
7FF52D641000
unkown image
page readonly
 clean
1408936A000
unkown
page read and write
 clean
2544000
unkown image
page readonly
 clean
E97F0FC000
stack
page read and write
 clean
AE84000
unkown
page read and write
 clean
569767F000
stack
page read and write
 clean
14089369000
unkown
page read and write
 clean
7DF50E992000
unkown image
page readonly
 clean
48E000
unkown
page read and write
 clean
109C000
unkown image
page readonly
 clean
7FF525C7A000
unkown image
page readonly
 clean
51CA000
heap private
page read and write
 clean
2544000
unkown image
page readonly
 clean
2730000
unkown image
page readonly
 clean
B20E000
unkown
page read and write
 clean
3487F7F000
stack
page read and write
 clean
8A60000
unkown
page read and write
 clean
B5C0000
unkown
page read and write
 clean
27EB000
unkown image
page readonly
 clean
4AACC7D000
stack
page read and write
 clean
A83C000
unkown
page read and write
 clean
AEB7000
unkown
page read and write
 clean
569747C000
stack
page read and write
 clean
BA5D000
unkown image
page read and write
 clean
B410000
unkown
page read and write
 clean
EB2F000
unkown
page read and write
 clean
7FF4F987F000
unkown image
page readonly
 clean
8B40000
unkown image
page readonly
 clean
16C27486000
unkown
page read and write
 clean
B3F0000
unkown
page read and write
 clean
2A2D000
unkown image
page readonly
 clean
7FF509047000
unkown image
page readonly
 clean
4D29000
unkown
page execute read
 clean
2A10000
unkown image
page readonly
 clean
AF0C000
unkown
page read and write
 clean
440000
unkown image
page readonly
 clean
8A40000
unkown
page read and write
 clean
28AB000
unkown image
page readonly
 clean
16C27498000
unkown
page read and write
 clean
7DF5573E0000
unkown image
page readonly
 clean
14088A53000
unkown
page read and write
 clean
C940000
unkown
page read and write
 clean
7FF5CD6AC000
unkown image
page readonly
 clean
14089391000
unkown
page read and write
 clean
C200000
unkown
page read and write
 clean
904F000
stack
page read and write
 clean
CAF3000
unkown
page read and write
 clean
212CF102000
unkown
page read and write
 clean
7FF509324000
unkown image
page readonly
 clean
33716FE000
stack
page read and write
 clean
285B000
unkown image
page readonly
 clean
A5E0000
unkown
page read and write
 clean
C87A000
stack
page read and write
 clean
8C90000
unkown
page read and write
 clean
89D0000
unkown
page read and write
 clean
8C30000
unkown
page read and write
 clean
4D29000
unkown
page execute read
 clean
C200000
unkown
page read and write
 clean
5660000
heap private
page read and write
 clean
BAA9000
unkown image
page read and write
 clean
7FF5CD6C0000
unkown image
page readonly
 clean
C1CF000
stack
page read and write
 clean
EAAB000
unkown image
page readonly
 clean
A832000
unkown
page read and write
 clean
2ABC000
unkown image
page readonly
 clean
4EFD000
heap default
page read and write
 clean
A961000
unkown
page read and write
 clean
1DBEAFC0000
heap default
page read and write
 clean
27D9000
unkown image
page readonly
 clean
16C2C980000
unkown
page read and write
 clean
273C000
unkown image
page readonly
 clean
B7BD000
stack
page read and write
 clean
16C2CAA4000
unkown
page read and write
 clean
E06F000
stack
page read and write
 clean
8C30000
unkown
page read and write
 clean
B340000
unkown
page read and write
 clean
7FF5092FC000
unkown image
page readonly
 clean
C70D000
stack
page read and write
 clean
7DF50E9A0000
unkown image
page readonly
 clean
B14A000
unkown
page read and write
 clean
B0CB000
unkown
page read and write
 clean
A959000
unkown
page read and write
 clean
914C000
unkown
page read and write
 clean
7FF525855000
unkown image
page readonly
 clean
8E0D000
stack
page read and write
 clean
CAF5000
unkown
page read and write
 clean
904F000
stack
page read and write
 clean
AD7C000
unkown
page read and write
 clean
2076FA70000
unkown image
page readonly
 clean
A97B000
unkown
page read and write
 clean
EB2B000
unkown
page read and write
 clean
BA20000
unkown
page read and write
 clean
14089314000
unkown
page read and write
 clean
7FF542014000
unkown image
page readonly
 clean
B430000
unkown
page read and write
 clean
140893AF000
unkown
page read and write
 clean
7DF53AE00000
unkown image
page readonly
 clean
212CF052000
unkown
page read and write
 clean
27B1000
unkown image
page readonly
 clean
7FF52D546000
unkown image
page readonly
 clean
EB0F000
unkown
page read and write
 clean
AA9A000
unkown
page read and write
 clean
212CF027000
unkown
page read and write
 clean
7FF4F980C000
unkown image
page readonly
 clean
14089802000
unkown
page read and write
 clean
4DE0000
unkown
page execute read
 clean
BA00000
unkown image
page readonly
 clean
B4E0000
unkown
page read and write
 clean
E1CF000
stack
page read and write
 clean
B490000
unkown
page read and write
 clean
14089377000
unkown
page read and write
 clean
A7F0000
unkown
page read and write
 clean
2730000
unkown image
page readonly
 clean
5560000
unkown
page read and write
 clean
A4E9000
unkown
page read and write
 clean
C640000
stack
page read and write
 clean
27D4000
unkown image
page readonly
 clean
14088A4C000
unkown
page read and write
 clean
28C8000
unkown image
page readonly
 clean
EAD4000
unkown image
page readonly
 clean
A965000
unkown
page read and write
 clean
18943930000
unkown image
page readonly
 clean
EB34000
unkown
page read and write
 clean
4E60000
unkown image
page readonly
 clean
7DF542910000
unkown image
page readonly
 clean
898D000
stack
page read and write
 clean
8A70000
unkown
page read and write
 clean
4D90000
unkown image
page read and write
 clean
7FF509223000
unkown image
page readonly
 clean
7DF5428F2000
unkown image
page readonly
 clean
C5FE000
stack
page read and write
 clean
7DF50E990000
unkown image
page readonly
 clean
27B1000
unkown image
page readonly
 clean
14089391000
unkown
page read and write
 clean
212CF04B000
unkown
page read and write
 clean
7FF52CF57000
unkown image
page readonly
 clean
E310000
unkown
page read and write
 clean
EAA5000
unkown image
page readonly
 clean
4E10000
unkown
page execute read
 clean
A893000
unkown
page read and write
 clean
7FF525BEC000
unkown image
page readonly
 clean
C940000
unkown
page read and write
 clean
4D10000
unkown
page read and write
 clean
CC78000
unkown
page read and write
 clean
AD64000
unkown
page read and write
 clean
16C274F9000
unkown
page read and write
 clean
2ABC000
unkown image
page readonly
 clean
8A70000
unkown
page read and write
 clean
14089140000
unkown
page read and write
 clean
B4F0000
unkown
page read and write
 clean
212CEFB0000
unkown image
page readonly
 clean
7FF508EE5000
unkown image
page readonly
 clean
7DF53ADF2000
unkown image
page readonly
 clean
8910000
unkown
page read and write
 clean
6AA0000
unkown image
page read and write
 clean
7FF5CD6F7000
unkown image
page readonly
 clean
8F4D000
stack
page read and write
 clean
7FF508A10000
unkown image
page readonly
 clean
BA9D000
unkown image
page read and write
 clean
B610000
unkown
page read and write
 clean
EB2B000
unkown
page read and write
 clean
8AE0000
unkown
page read and write
 clean
C8D0000
unkown
page read and write
 clean
7FF525846000
unkown image
page readonly
 clean
2ABC000
unkown image
page readonly
 clean
8AC0000
unkown
page read and write
 clean
C960000
unkown
page read and write
 clean
FF5A0000
unkown image
page readonly
 clean
8A90000
unkown
page read and write
 clean
A534000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
1DBEB027000
unkown
page read and write
 clean
D3A000
unkown image
page readonly
 clean
14088A29000
unkown
page read and write
 clean
4D90000
unkown image
page read and write
 clean
B4D0000
unkown
page read and write
 clean
B350000
unkown
page read and write
 clean
CC78000
unkown
page read and write
 clean
EB1A000
unkown
page read and write
 clean
CAF5000
unkown
page read and write
 clean
90D1000
unkown
page read and write
 clean
29F5000
unkown image
page readonly
 clean
6FC0000
unkown image
page readonly
 clean
108D000
unkown image
page readonly
 clean
7FF52D0CE000
unkown image
page readonly
 clean
AE6B000
unkown
page read and write
 clean
7B58879000
stack
page read and write
 clean
16C28330000
unkown image
page readonly
 clean
4DD0000
unkown
page execute read
 clean
8A40000
unkown
page read and write
 clean
4E10000
unkown
page execute read
 clean
7D4000
unkown
page read and write
 clean
AAA4000
unkown
page read and write
 clean
16C2749A000
unkown
page read and write
 clean
A4A7000
unkown
page read and write
 clean
C970000
unkown
page read and write
 clean
B430000
unkown
page read and write
 clean
7FF5259F7000
unkown image
page readonly
 clean
8BC0000
unkown
page read and write
 clean
4AAC6FF000
stack
page read and write
 clean
1DBEB650000
unkown image
page readonly
 clean
29C9000
unkown image
page readonly
 clean
7FF4F981A000
unkown image
page readonly
 clean
B370000
unkown
page read and write
 clean
4F1A000
heap default
page read and write
 clean
29BF000
unkown image
page readonly
 clean
8930000
unkown
page read and write
 clean
7FF5091CE000
unkown image
page readonly
 clean
7FF525C85000
unkown image
page readonly
 clean
C8D0000
unkown
page read and write
 clean
EB0B000
unkown
page read and write
 clean
7FF52D5D1000
unkown image
page readonly
 clean
8AF0000
unkown
page read and write
 clean
29C9000
unkown image
page readonly
 clean
7FF52D754000
unkown image
page readonly
 clean
AAA4000
unkown
page read and write
 clean
B560000
unkown
page read and write
 clean
AD72000
unkown
page read and write
 clean
AD9A000
unkown
page read and write
 clean
4EC0000
unkown
page read and write
 clean
A97B000
unkown
page read and write
 clean
3371D7B000
stack
page read and write
 clean
EAB6000
unkown image
page readonly
 clean
7DF5428F2000
unkown image
page readonly
 clean
B460000
unkown
page read and write
 clean
AAB2000
unkown
page read and write
 clean
B5F0000
unkown
page read and write
 clean
7FF52D7AF000
unkown image
page readonly
 clean
AB5E000
unkown
page read and write
 clean
7FF509121000
unkown image
page readonly
 clean
EB1A000
unkown
page read and write
 clean
FF4A0000
unkown image
page readonly
 clean
89A0000
unkown
page read and write
 clean
7DF5E2842000
unkown image
page readonly
 clean
7FF4F9825000
unkown image
page readonly
 clean
7DF5E2842000
unkown image
page readonly
 clean
7DF51E440000
unkown image
page readonly
 clean
C1F0000
unkown
page read and write
 clean
B370000
unkown
page read and write
 clean
2A03000
unkown image
page readonly
 clean
2AB4000
unkown image
page readonly
 clean
28BE000
unkown image
page readonly
 clean
A596000
unkown
page read and write
 clean
7DF5573D0000
unkown image
page readonly
 clean
16C2C884000
unkown
page read and write
 clean
2A25000
unkown image
page readonly
 clean
6FC0000
unkown image
page readonly
 clean
8C90000
unkown
page read and write
 clean
4EDB000
heap default
page read and write
 clean
27E3000
unkown image
page readonly
 clean
A622000
unkown
page read and write
 clean
2076FC2A000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
FF5C0000
unkown image
page readonly
 clean
27EB000
unkown image
page readonly
 clean
189432E0000
unkown
page read and write
 clean
7FF525D71000
unkown image
page readonly
 clean
7DF5E2840000
unkown image
page readonly
 clean
C730000
stack
page read and write
 clean
7FF5092CE000
unkown image
page readonly
 clean
914C000
unkown
page read and write
 clean
14088B08000
unkown
page read and write
 clean
BF6D000
stack
page read and write
 clean
A961000
unkown
page read and write
 clean
5660000
heap private
page read and write
 clean
8910000
unkown
page read and write
 clean
7FF525840000
unkown image
page readonly
 clean
7FF52D53B000
unkown image
page readonly
 clean
8900000
unkown
page read and write
 clean
14089391000
unkown
page read and write
 clean
CC38000
unkown
page read and write
 clean
DE20000
unkown
page read and write
 clean
C880000
unkown
page read and write
 clean
2A03000
unkown image
page readonly
 clean
89B0000
unkown
page read and write
 clean
14089364000
unkown
page read and write
 clean
4E80000
unkown
page read and write
 clean
28EA000
unkown image
page readonly
 clean
EB0B000
unkown
page read and write
 clean
8940000
unkown
page read and write
 clean
E310000
unkown
page read and write
 clean
C8F0000
unkown
page read and write
 clean
C670000
stack
page read and write
 clean
8DCF000
stack
page read and write
 clean
CAF5000
unkown
page read and write
 clean
7FF52D864000
unkown image
page readonly
 clean
8DCF000
stack
page read and write
 clean
8A20000
unkown
page read and write
 clean
4E60000
unkown image
page readonly
 clean
1408937A000
unkown
page read and write
 clean
EAA0000
unkown image
page readonly
 clean
14088A60000
unkown
page read and write
 clean
8B32000
unkown image
page read and write
 clean
B4C0000
unkown
page read and write
 clean
EAAB000
unkown image
page readonly
 clean
C680000
stack
page read and write
 clean
B5F0000
unkown
page read and write
 clean
4E50000
heap private
page read and write
 clean
2816000
unkown image
page readonly
 clean
7FF52D75F000
unkown image
page readonly
 clean
A6E8000
unkown
page read and write
 clean
7DF5E2830000
unkown image
page readonly
 clean
14089312000
unkown
page read and write
 clean
914C000
unkown
page read and write
 clean
569787E000
stack
page read and write
 clean
CC38000
unkown
page read and write
 clean
8B40000
unkown image
page readonly
 clean
7FF50923C000
unkown image
page readonly
 clean
EB16000
unkown
page read and write
 clean
29F5000
unkown image
page readonly
 clean
7DF41C310000
unkown image
page readonly
 clean
B04F000
unkown
page read and write
 clean
3487E77000
stack
page read and write
 clean
16C2CA00000
unkown
page read and write
 clean
C8F0000
unkown
page read and write
 clean
563D000
stack
page read and write
 clean
4DD0000
unkown
page execute read
 clean
7FF509272000
unkown image
page readonly
 clean
C630000
stack
page read and write
 clean
28FB000
unkown image
page readonly
 clean
285F000
unkown image
page readonly
 clean
28AB000
unkown image
page readonly
 clean
C06F000
stack
page read and write
 clean
28AB000
unkown image
page readonly
 clean
4E20000
unkown
page execute read
 clean
29F5000
unkown image
page readonly
 clean
14089363000
unkown
page read and write
 clean
212CF580000
unkown image
page readonly
 clean
C8D0000
unkown
page read and write
 clean
E47F000
stack
page read and write
 clean
7DF5E2840000
unkown image
page readonly
 clean
7FF52D57D000
unkown image
page readonly
 clean
8B10000
unkown
page read and write
 clean
7FF52D46A000
unkown image
page readonly
 clean
2076FC53000
unkown
page read and write
 clean
7FF4F9837000
unkown image
page readonly
 clean
8AD0000
unkown
page read and write
 clean
18943365000
unkown
page read and write
 clean
7FF4F989D000
unkown image
page readonly
 clean
53D0000
unkown image
page readonly
 clean
7FF525D64000
unkown image
page readonly
 clean
16C2746C000
unkown
page read and write
 clean
C620000
stack
page read and write
 clean
AD68000
unkown
page read and write
 clean
89F0000
unkown
page read and write
 clean
AD88000
unkown
page read and write
 clean
6A80000
unkown image
page read and write
 clean
7FF4F9896000
unkown image
page readonly
 clean
CC92000
unkown
page read and write
 clean
16C2C740000
unkown
page read and write
 clean
8910000
unkown
page read and write
 clean
8C40000
unkown
page read and write
 clean
C640000
stack
page read and write
 clean
8A10000
unkown
page read and write
 clean
7FF5092A4000
unkown image
page readonly
 clean
88D0000
unkown
page read and write
 clean
16C2C860000
unkown
page read and write
 clean
1DBEAF50000
unkown image
page read and write
 clean
28EA000
unkown image
page readonly
 clean
B460000
unkown
page read and write
 clean
1DBEB04B000
unkown
page read and write
 clean
AB5E000
unkown
page read and write
 clean
7DF5428F0000
unkown image
page readonly
 clean
16C2C86E000
unkown
page read and write
 clean
16C27600000
unkown image
page readonly
 clean
7FF4F971E000
unkown image
page readonly
 clean
7FF52D464000
unkown image
page readonly
 clean
7FF4F9784000
unkown image
page readonly
 clean
B430000
unkown
page read and write
 clean
7FF5CD728000
unkown image
page readonly
 clean
4DC0000
heap default
page read and write
 clean
5190000
unkown
page read and write
 clean
14089800000
unkown
page read and write
 clean
20770180000
unkown image
page readonly
 clean
140893A4000
unkown
page read and write
 clean
8B20000
unkown image
page read and write
 clean
A9DD000
unkown
page read and write
 clean
B310000
unkown
page read and write
 clean
8A80000
unkown
page read and write
 clean
B5C0000
unkown
page read and write
 clean
B3A0000
unkown
page read and write
 clean
4E80000
unkown
page read and write
 clean
1408939A000
unkown
page read and write
 clean
28C8000
unkown image
page readonly
 clean
348778B000
unkown
page read and write
 clean
AB0E000
unkown
page read and write
 clean
7FF52D6C6000
unkown image
page readonly
 clean
B410000
unkown
page read and write
 clean
1DBEB029000
unkown
page read and write
 clean
7FF542298000
unkown image
page readonly
 clean
7080000
unkown
page read and write
 clean
28F4000
unkown image
page readonly
 clean
8AA0000
unkown
page read and write
 clean
C8E0000
unkown
page read and write
 clean
E97F27B000
stack
page read and write
 clean
2AC8000
unkown image
page readonly
 clean
18943370000
unkown
page read and write
 clean
B4B0000
unkown
page read and write
 clean
14089393000
unkown
page read and write
 clean
EAC5000
unkown image
page readonly
 clean
8F4D000
stack
page read and write
 clean
AED0000
unkown
page read and write
 clean
7DF5E2850000
unkown image
page readonly
 clean
28BE000
unkown image
page readonly
 clean
4ED0000
heap default
page read and write
 clean
2AA5000
unkown image
page readonly
 clean
140893B5000
unkown
page read and write
 clean
B1E0000
unkown
page read and write
 clean
EB52000
unkown
page read and write
 clean
B0AD000
unkown
page read and write
 clean
16C2C890000
unkown
page read and write
 clean
AD6E000
unkown
page read and write
 clean
3487A7E000
stack
page read and write
 clean
B2D0000
unkown
page read and write
 clean
51D0000
unkown image
page readonly
 clean
B500000
unkown
page read and write
 clean
7FF4F9820000
unkown image
page readonly
 clean
2579000
unkown image
page readonly
 clean
16C2CA55000
unkown
page read and write
 clean
E37D000
stack
page read and write
 clean
8C80000
unkown
page read and write
 clean
1408937F000
unkown
page read and write
 clean
EAC0000
unkown image
page readonly
 clean
FF4A0000
unkown image
page readonly
 clean
B3B0000
unkown
page read and write
 clean
28D7000
unkown image
page readonly
 clean
7FF52D62A000
unkown image
page readonly
 clean
18943379000
unkown
page read and write
 clean
7FF525B7B000
unkown image
page readonly
 clean
C880000
unkown
page read and write
 clean
A622000
unkown
page read and write
 clean
B9FF000
stack
page read and write
 clean
8B00000
unkown
page read and write
 clean
E06F000
stack
page read and write
 clean
28FB000
unkown image
page readonly
 clean
1408938F000
unkown
page read and write
 clean
2A19000
unkown image
page readonly
 clean
B560000
unkown
page read and write
 clean
16C27190000
unkown image
page read and write
 clean
B042000
unkown
page read and write
 clean
AF0C000
unkown
page read and write
 clean
B450000
unkown
page read and write
 clean
212CF03C000
unkown
page read and write
 clean
4D90000
unkown image
page read and write
 clean
140893B1000
unkown
page read and write
 clean
AD7E000
unkown
page read and write
 clean
4E70000
unkown image
page readonly
 clean
7DF5E2830000
unkown image
page readonly
 clean
7FF525BCD000
unkown image
page readonly
 clean
2A3F000
unkown image
page readonly
 clean
2A25000
unkown image
page readonly
 clean
189432C0000
unkown
page read and write
 clean
7FF5CD70A000
unkown image
page readonly
 clean
4E90000
unkown
page read and write
 clean
16C2C890000
unkown
page read and write
 clean
8CA0000
unkown
page read and write
 clean
2544000
unkown image
page readonly
 clean
B8FD000
stack
page read and write
 clean
B300000
unkown
page read and write
 clean
7FF5091D8000
unkown image
page readonly
 clean
CA73000
unkown
page read and write
 clean
8AA0000
unkown
page read and write
 clean
B04F000
unkown
page read and write
 clean
8A30000
unkown
page read and write
 clean
7FF50921D000
unkown image
page readonly
 clean
4EC0000
unkown
page read and write
 clean
7FF52D558000
unkown image
page readonly
 clean
8CC0000
unkown
page read and write
 clean
29ED000
unkown image
page readonly
 clean
EAA5000
unkown image
page readonly
 clean
7FF52D55F000
unkown image
page readonly
 clean
C670000
stack
page read and write
 clean
90CB000
unkown
page read and write
 clean
7FF5CD295000
unkown image
page readonly
 clean
8AD0000
unkown
page read and write
 clean
EB1A000
unkown
page read and write
 clean
8A30000
unkown
page read and write
 clean
B77E000
stack
page read and write
 clean
AC8B000
unkown
page read and write
 clean
B600000
unkown image
page readonly
 clean
2076FA70000
unkown image
page readonly
 clean
B172000
unkown
page read and write
 clean
BAA9000
unkown image
page read and write
 clean
16C28000000
unkown
page read and write
 clean
8AA0000
unkown
page read and write
 clean
285B000
unkown image
page readonly
 clean
2A2F000
unkown image
page readonly
 clean
14089366000
unkown
page read and write
 clean
4E70000
unkown image
page readonly
 clean
2A19000
unkown image
page readonly
 clean
90D1000
unkown
page read and write
 clean
16C27A00000
unkown
page read and write
 clean
2552000
unkown image
page readonly
 clean
1408939E000
unkown
page read and write
 clean
A893000
unkown
page read and write
 clean
BAD9000
unkown image
page read and write
 clean
FF5C0000
unkown image
page readonly
 clean
2A52000
unkown image
page readonly
 clean
28C8000
unkown image
page readonly
 clean
212CF002000
unkown
page read and write
 clean
3371DFF000
stack
page read and write
 clean
A5D0000
unkown image
page readonly
 clean
EB20000
unkown
page read and write
 clean
28BE000
unkown image
page readonly
 clean
29ED000
unkown image
page readonly
 clean
2076FD00000
unkown
page read and write
 clean
B2D0000
unkown
page read and write
 clean
7FF508EA5000
unkown image
page readonly
 clean
16C271B0000
unkown image
page readonly
 clean
B4E0000
unkown
page read and write
 clean
4E90000
unkown
page read and write
 clean
1408983C000
unkown
page read and write
 clean
56972FF000
stack
page read and write
 clean
2A25000
unkown image
page readonly
 clean
7FF52D77A000
unkown image
page readonly
 clean
B5E0000
unkown
page read and write
 clean
C6C0000
stack
page execute read
 clean
253C000
unkown image
page readonly
 clean
4AAC4FB000
stack
page read and write
 clean
7FF5422D9000
unkown image
page readonly
 clean
B5D0000
unkown
page read and write
 clean
8B10000
unkown
page read and write
 clean
29ED000
unkown image
page readonly
 clean
14088A88000
unkown
page read and write
 clean
A534000
unkown
page read and write
 clean
8C50000
unkown
page read and write
 clean
7DF53AE02000
unkown image
page readonly
 clean
EB1C000
unkown
page read and write
 clean
C660000
stack
page read and write
 clean
2AD3000
unkown image
page readonly
 clean
7FF509104000
unkown image
page readonly
 clean
B5F0000
unkown
page read and write
 clean
7FF52D7DF000
unkown image
page readonly
 clean
440000
unkown image
page readonly
 clean
277C000
unkown image
page readonly
 clean
B550000
unkown
page read and write
 clean
273C000
unkown image
page readonly
 clean
6AA0000
unkown image
page read and write
 clean
B172000
unkown
page read and write
 clean
7FF5092DB000
unkown image
page readonly
 clean
27C4000
unkown image
page readonly
 clean
14089390000
unkown
page read and write
 clean
140893B3000
unkown
page read and write
 clean
7FF525D6A000
unkown image
page readonly
 clean
7FF509191000
unkown image
page readonly
 clean
89E0000
unkown
page read and write
 clean
50A0000
unkown image
page readonly
 clean
16C27200000
heap default
page read and write
 clean
7FF5CD5BB000
unkown image
page readonly
 clean
B3E0000
unkown
page read and write
 clean
B400000
unkown
page read and write
 clean
4E60000
unkown image
page readonly
 clean
2888000
unkown image
page readonly
 clean
8C50000
unkown
page read and write
 clean
7FF509338000
unkown image
page readonly
 clean
ACB3000
unkown
page read and write
 clean
27B4000
unkown image
page readonly
 clean
7FF5CD739000
unkown image
page readonly
 clean
27B4000
unkown image
page readonly
 clean
7FF525C97000
unkown image
page readonly
 clean
288B000
unkown image
page readonly
 clean
EAE7000
unkown image
page readonly
 clean
E97ECEC000
unkown
page read and write
 clean
ACF2000
unkown
page read and write
 clean
B400000
unkown
page read and write
 clean
16C28350000
unkown image
page readonly
 clean
89B0000
unkown
page read and write
 clean
AED0000
unkown
page read and write
 clean
AD60000
unkown
page read and write
 clean
2A33000
unkown image
page readonly
 clean
EB00000
unkown
page read and write
 clean
89E0000
unkown
page read and write
 clean
7FF5CD581000
unkown image
page readonly
 clean
89C0000
unkown
page read and write
 clean
EAD8000
unkown image
page readonly
 clean
C6A0000
stack
page read and write
 clean
53D0000
unkown image
page readonly
 clean
16C27B00000
unkown
page read and write
 clean
EB52000
unkown
page read and write
 clean
8A90000
unkown
page read and write
 clean
7FF54228F000
unkown image
page readonly
 clean
8B8D000
stack
page read and write
 clean
B570000
unkown
page read and write
 clean
16C2CAA1000
unkown
page read and write
 clean
B1C9000
unkown
page read and write
 clean
8C30000
unkown
page read and write
 clean
3487AFE000
stack
page read and write
 clean
27B4000
unkown image
page readonly
 clean
AB30000
unkown
page read and write
 clean
7DF50E9A2000
unkown image
page readonly
 clean
CB60000
unkown
page read and write
 clean
B600000
unkown image
page readonly
 clean
7DF50E9A2000
unkown image
page readonly
 clean
7FF50929B000
unkown image
page readonly
 clean
DE1F000
stack
page read and write
 clean
2AC2000
unkown image
page readonly
 clean
C6B0000
stack
page read and write
 clean
EAAF000
unkown image
page readonly
 clean
288B000
unkown image
page readonly
 clean
FF4A0000
unkown image
page readonly
 clean
8A40000
unkown
page read and write
 clean
B330000
unkown
page read and write
 clean
140888D0000
unkown image
page readonly
 clean
2A3F000
unkown image
page readonly
 clean
EB25000
unkown
page read and write
 clean
7DF53ADF0000
unkown image
page readonly
 clean
8B32000
unkown image
page read and write
 clean
7FF4F93E0000
unkown image
page readonly
 clean
2A5B000
unkown image
page readonly
 clean
51D0000
unkown image
page readonly
 clean
A6E8000
unkown
page read and write
 clean
906E000
unkown
page read and write
 clean
140893A2000
unkown
page read and write
 clean
A462000
unkown
page read and write
 clean
7FF52D73F000
unkown image
page readonly
 clean
B330000
unkown
page read and write
 clean
7DF5573D2000
unkown image
page readonly
 clean
C230000
unkown
page read and write
 clean
EB1C000
unkown
page read and write
 clean
27EB000
unkown image
page readonly
 clean
8A20000
unkown
page read and write
 clean
7FF52D6CD000
unkown image
page readonly
 clean
BA6F000
unkown image
page read and write
 clean
7FF525CD4000
unkown image
page readonly
 clean
C920000
unkown
page read and write
 clean
EB29000
unkown
page read and write
 clean
AFD7000
unkown
page read and write
 clean
50A0000
unkown image
page readonly
 clean
4D29000
unkown
page execute read
 clean
16C2C881000
unkown
page read and write
 clean
C920000
unkown
page read and write
 clean
281D000
unkown image
page readonly
 clean
B530000
unkown
page read and write
 clean
2A0B000
unkown image
page readonly
 clean
7DF542900000
unkown image
page readonly
 clean
8A90000
unkown
page read and write
 clean
EABC000
unkown image
page readonly
 clean
7D4000
unkown
page read and write
 clean
EABA000
unkown image
page readonly
 clean
2076FC48000
unkown
page read and write
 clean
B380000
unkown
page read and write
 clean
28D7000
unkown image
page readonly
 clean
7FF525C6C000
unkown image
page readonly
 clean
273C000
unkown image
page readonly
 clean
14089202000
unkown
page read and write
 clean
ADB7000
unkown
page read and write
 clean
EB2F000
unkown
page read and write
 clean
EB20000
unkown
page read and write
 clean
7FF5092D5000
unkown image
page readonly
 clean
AE84000
unkown
page read and write
 clean
7080000
unkown
page read and write
 clean
7FF52D62F000
unkown image
page readonly
 clean
285B000
unkown image
page readonly
 clean
AFAD000
unkown
page read and write
 clean
4E30000
unkown image
page readonly
 clean
DA9D000
stack
page read and write
 clean
C950000
unkown
page read and write
 clean
7FF52CF4D000
unkown image
page readonly
 clean
16C272E0000
unkown image
page readonly
 clean
5670000
unkown image
page readonly
 clean
5170000
unkown
page read and write
 clean
7FF5CD714000
unkown image
page readonly
 clean
A7F0000
unkown
page read and write
 clean
5A0000
unkown image
page readonly
 clean
B1DD000
unkown
page read and write
 clean
A9DD000
unkown
page read and write
 clean
C87C000
stack
page read and write
 clean
14089150000
unkown image
page read and write
 clean
C0CE000
stack
page read and write
 clean
18943320000
unkown image
page readonly
 clean
16C2C860000
unkown
page read and write
 clean
B440000
unkown
page read and write
 clean
B490000
unkown
page read and write
 clean
EB05000
unkown
page read and write
 clean
8AB0000
unkown
page read and write
 clean
1DBEAFA0000
unkown image
page readonly
 clean
C1CF000
stack
page read and write
 clean
7DF4552A0000
unkown image
page readonly
 clean
1DBEB4D0000
unkown image
page readonly
 clean
8A00000
unkown
page read and write
 clean
8B8D000
stack
page read and write
 clean
DD1D000
stack
page read and write
 clean
140893CE000
unkown
page read and write
 clean
AD64000
unkown
page read and write
 clean
9050000
unkown
page read and write
 clean
8C80000
unkown
page read and write
 clean
B340000
unkown
page read and write
 clean
B3A0000
unkown
page read and write
 clean
430000
unkown
page execute read
 clean
4E80000
unkown
page read and write
 clean
7FF5CD60D000
unkown image
page readonly
 clean
7DF53ADF0000
unkown image
page readonly
 clean
55F0000
unkown image
page readonly
 clean
4ED0000
heap default
page read and write
 clean
2AB4000
unkown image
page readonly
 clean
E47F000
stack
page read and write
 clean
7FF5422AA000
unkown image
page readonly
 clean
7FF52D3D6000
unkown image
page readonly
 clean
BA5D000
unkown image
page read and write
 clean
B1F0000
unkown
page read and write
 clean
EB00000
unkown
page read and write
 clean
8AB0000
unkown
page read and write
 clean
914C000
unkown
page read and write
 clean
563D000
stack
page read and write
 clean
51C5000
heap private
page read and write
 clean
14089963000
unkown
page read and write
 clean
7FF5422B4000
unkown image
page readonly
 clean
B3D0000
unkown
page read and write
 clean
16C27A02000
unkown
page read and write
 clean
7DF50E9B0000
unkown image
page readonly
 clean
8A80000
unkown
page read and write
 clean
14089393000
unkown
page read and write
 clean
C06F000
stack
page read and write
 clean
4E10000
unkown
page execute read
 clean
16C273E0000
unkown image
page read and write
 clean
B580000
unkown
page read and write
 clean
A83C000
unkown
page read and write
 clean
4DC6000
heap default
page read and write
 clean
ACB3000
unkown
page read and write
 clean
14088AA7000
unkown
page read and write
 clean
29FC000
unkown image
page readonly
 clean
AB9E000
unkown
page read and write
 clean
14088A5A000
unkown
page read and write
 clean
212CF080000
unkown
page read and write
 clean
2A0B000
unkown image
page readonly
 clean
8F0F000
stack
page read and write
 clean
4E30000
unkown image
page readonly
 clean
8AE0000
unkown
page read and write
 clean
7FF5092D0000
unkown image
page readonly
 clean
C06F000
stack
page read and write
 clean
7FF50932F000
unkown image
page readonly
 clean
FF5A0000
unkown image
page readonly
 clean
CD0B000
unkown
page read and write
 clean
8F4D000
stack
page read and write
 clean
16C279D1000
unkown
page read and write
 clean
8AC0000
unkown
page read and write
 clean
EACF000
unkown image
page readonly
 clean
88D0000
unkown
page read and write
 clean
7DF542910000
unkown image
page readonly
 clean
2A03000
unkown image
page readonly
 clean
4EC0000
unkown
page read and write
 clean
A4CD000
unkown
page read and write
 clean
29BF000
unkown image
page readonly
 clean
27D4000
unkown image
page readonly
 clean
7FF52D625000
unkown image
page readonly
 clean
C900000
unkown
page read and write
 clean
B530000
unkown
page read and write
 clean
14088AA6000
unkown
page read and write
 clean
AD9A000
unkown
page read and write
 clean
CAB7000
unkown
page read and write
 clean
8C40000
unkown
page read and write
 clean
7FF5093C2000
unkown image
page readonly
 clean
7FF52D76A000
unkown image
page readonly
 clean
4AAC1FD000
stack
page read and write
 clean
4E50000
heap private
page read and write
 clean
BF6D000
stack
page read and write
 clean
7FF542265000
unkown image
page readonly
 clean
5550000
unkown image
page readonly
 clean
B3C0000
unkown
page read and write
 clean
587000
unkown
page read and write
 clean
EAD8000
unkown image
page readonly
 clean
7FF509346000
unkown image
page readonly
 clean
8900000
unkown
page read and write
 clean
1DBEB03C000
unkown
page read and write
 clean
A963000
unkown
page read and write
 clean
14088AC7000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
5550000
unkown image
page readonly
 clean
7B5867A000
unkown
page read and write
 clean
27E3000
unkown image
page readonly
 clean
DCDF000
stack
page read and write
 clean
7DF5573D2000
unkown image
page readonly
 clean
7DF40C860000
unkown image
page readonly
 clean
B3B0000
unkown
page read and write
 clean
7FF5CD6EC000
unkown image
page readonly
 clean
A76C000
unkown
page read and write
 clean
337177E000
stack
page read and write
 clean
DF6D000
stack
page read and write
 clean
28FB000
unkown image
page readonly
 clean
1408938D000
unkown
page read and write
 clean
7FF52D871000
unkown image
page readonly
 clean
16C2CA99000
unkown
page read and write
 clean
8C2D000
stack
page read and write
 clean
89A0000
unkown
page read and write
 clean
7DF5E2850000
unkown image
page readonly
 clean
51C0000
heap private
page read and write
 clean
AB30000
unkown
page read and write
 clean
16C27D01000
unkown
page read and write
 clean
7FF5422A4000
unkown image
page readonly
 clean
B8BD000
stack
page read and write
 clean
51CA000
heap private
page read and write
 clean
4E00000
unkown
page execute read
 clean
C620000
stack
page read and write
 clean
B4B0000
unkown
page read and write
 clean
B2C0000
unkown
page read and write
 clean
14088A70000
unkown
page read and write
 clean
C910000
unkown
page read and write
 clean
89F0000
unkown
page read and write
 clean
AF0C000
unkown
page read and write
 clean
51D0000
unkown image
page readonly
 clean
89B0000
unkown
page read and write
 clean
253C000
unkown image
page readonly
 clean
277C000
unkown image
page readonly
 clean
2A3A000
unkown image
page readonly
 clean
18943379000
unkown
page read and write
 clean
4DD0000
unkown
page execute read
 clean
14089319000
unkown
page read and write
 clean
C6B0000
stack
page read and write
 clean
A5D0000
unkown image
page readonly
 clean
140893BE000
unkown
page read and write
 clean
7FF5422CE000
unkown image
page readonly
 clean
1408938D000
unkown
page read and write
 clean
4DC0000
heap default
page read and write
 clean
DB9F000
stack
page read and write
 clean
7FF525CFD000
unkown image
page readonly
 clean
FF5B2000
unkown image
page readonly
 clean
8B8D000
stack
page read and write
 clean
4EB0000
unkown
page read and write
 clean
B350000
unkown
page read and write
 clean
7FF5CD624000
unkown image
page readonly
 clean
A664000
unkown
page read and write
 clean
A95B000
unkown
page read and write
 clean
A6A6000
unkown
page read and write
 clean
281D000
unkown image
page readonly
 clean
16C2CA76000
unkown
page read and write
 clean
16C27474000
unkown
page read and write
 clean
A9F4000
unkown
page read and write
 clean
51A0000
unkown image
page readonly
 clean
51CA000
heap private
page read and write
 clean
BAD9000
unkown image
page read and write
 clean
DF2F000
stack
page read and write
 clean
BAAD000
unkown image
page read and write
 clean
28D7000
unkown image
page readonly
 clean
8900000
unkown
page read and write
 clean
A7F0000
unkown
page read and write
 clean
A874000
unkown
page read and write
 clean
A7AE000
unkown
page read and write
 clean
B590000
unkown
page read and write
 clean
7FF52D095000
unkown image
page readonly
 clean
2862000
unkown image
page readonly
 clean
14088F90000
unkown image
page readonly
 clean
1408935D000
unkown
page read and write
 clean
8B10000
unkown
page read and write
 clean
7FF52D2E2000
unkown image
page readonly
 clean
1408938D000
unkown
page read and write
 clean
BA60000
unkown image
page read and write
 clean
1DBEAF60000
heap private
page read and write
 clean
51C5000
heap private
page read and write
 clean
109C000
unkown image
page readonly
 clean
EACF000
unkown image
page readonly
 clean
906E000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
16C2C9C0000
unkown
page read and write
 clean
AD14000
unkown
page read and write
 clean
7FF52D529000
unkown image
page readonly
 clean
BAD9000
unkown image
page read and write
 clean
6A80000
unkown image
page read and write
 clean
EB25000
unkown
page read and write
 clean
8940000
unkown
page read and write
 clean
8B8D000
stack
page read and write
 clean
C650000
stack
page read and write
 clean
29ED000
unkown image
page readonly
 clean
8C60000
unkown
page read and write
 clean
5560000
unkown
page read and write
 clean
7FF52D743000
unkown image
page readonly
 clean
8E0D000
stack
page read and write
 clean
7DF5573D0000
unkown image
page readonly
 clean
2807000
unkown image
page readonly
 clean
2AB4000
unkown image
page readonly
 clean
A576000
unkown
page read and write
 clean
28B2000
unkown image
page readonly
 clean
CDC2000
unkown
page read and write
 clean
7DF50E992000
unkown image
page readonly
 clean
140893A0000
unkown
page read and write
 clean
2896000
unkown image
page readonly
 clean
4AABE7B000
unkown
page read and write
 clean
272D000
unkown image
page readonly
 clean
C920000
unkown
page read and write
 clean
89F0000
unkown
page read and write
 clean
2579000
unkown image
page readonly
 clean
7FF4F980A000
unkown image
page readonly
 clean
90CB000
unkown
page read and write
 clean
7FF525AD1000
unkown image
page readonly
 clean
B4D0000
unkown
page read and write
 clean
16C272F0000
unkown image
page readonly
 clean
212CEEA0000
unkown image
page readonly
 clean
7DF5E2832000
unkown image
page readonly
 clean
2076FD13000
unkown
page read and write
 clean
8BD0000
unkown
page read and write
 clean
2862000
unkown image
page readonly
 clean
7FF5093BA000
unkown image
page readonly
 clean
29D3000
unkown image
page readonly
 clean
8A60000
unkown
page read and write
 clean
E20E000
stack
page read and write
 clean
587000
unkown
page read and write
 clean
EAC9000
unkown image
page readonly
 clean
16C27413000
unkown
page read and write
 clean
2A2F000
unkown image
page readonly
 clean
E97F17E000
stack
page read and write
 clean
AD96000
unkown
page read and write
 clean
2A52000
unkown image
page readonly
 clean
C980000
unkown
page read and write
 clean
16C28360000
unkown image
page readonly
 clean
CAB7000
unkown
page read and write
 clean
4F1A000
heap default
page read and write
 clean
29D3000
unkown image
page readonly
 clean
29FC000
unkown image
page readonly
 clean
EACB000
unkown image
page readonly
 clean
B5D0000
unkown
page read and write
 clean
140890D0000
unkown image
page write copy
 clean
B4A0000
unkown
page read and write
 clean
2076FD02000
unkown
page read and write
 clean
7FF4F9911000
unkown image
page readonly
 clean
7FF50931A000
unkown image
page readonly
 clean
14089900000
unkown
page read and write
 clean
16C2CA19000
unkown
page read and write
 clean
28B2000
unkown image
page readonly
 clean
16C27424000
unkown
page read and write
 clean
FF5A2000
unkown image
page readonly
 clean
18943190000
unkown image
page read and write
 clean
14089080000
unkown
page read and write
 clean
8AD0000
unkown
page read and write
 clean
27EB000
unkown image
page readonly
 clean
8C80000
unkown
page read and write
 clean
16C2CA3F000
unkown
page read and write
 clean
189431B0000
unkown image
page readonly
 clean
2737000
unkown image
page readonly
 clean
A95B000
unkown
page read and write
 clean
1DBEAFF0000
unkown
page read and write
 clean
FF5C0000
unkown image
page readonly
 clean
DA5F000
stack
page read and write
 clean
7FF525A34000
unkown image
page readonly
 clean
EAF2000
unkown image
page readonly
 clean
C610000
stack
page read and write
 clean
7B588FF000
stack
page read and write
 clean
90D1000
unkown
page read and write
 clean
8C70000
unkown
page read and write
 clean
A5E0000
unkown
page read and write
 clean
8F4D000
stack
page read and write
 clean
272D000
unkown image
page readonly
 clean
B450000
unkown
page read and write
 clean
14088A4D000
unkown
page read and write
 clean
7FF525CF9000
unkown image
page readonly
 clean
7FF4F990A000
unkown image
page readonly
 clean
2076FA90000
unkown image
page readonly
 clean
16C2CA62000
unkown
page read and write
 clean
2816000
unkown image
page readonly
 clean
B340000
unkown
page read and write
 clean
2733000
unkown image
page readonly
 clean
A5D0000
unkown image
page readonly
 clean
EAC5000
unkown image
page readonly
 clean
8BB0000
unkown
page read and write
 clean
EABA000
unkown image
page readonly
 clean
B14A000
unkown
page read and write
 clean
8930000
unkown
page read and write
 clean
212CEFD0000
unkown
page read and write
 clean
7B5877F000
stack
page read and write
 clean
7FF508EE7000
unkown image
page readonly
 clean
EAC9000
unkown image
page readonly
 clean
16C2C750000
unkown
page read and write
 clean
AA46000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
B440000
unkown
page read and write
 clean
87D0000
unkown
page read and write
 clean
7FF5CD62C000
unkown image
page readonly
 clean
430000
unkown
page execute read
 clean
4EFD000
heap default
page read and write
 clean
7FF5CD736000
unkown image
page readonly
 clean
C900000
unkown
page read and write
 clean
18943351000
unkown
page read and write
 clean
A3B0000
unkown
page read and write
 clean
6AA0000
unkown image
page read and write
 clean
B3E0000
unkown
page read and write
 clean
7FF5CCE00000
unkown image
page readonly
 clean
AD72000
unkown
page read and write
 clean
B390000
unkown
page read and write
 clean
212CF029000
unkown
page read and write
 clean
DD1D000
stack
page read and write
 clean
8C60000
unkown
page read and write
 clean
B4A0000
unkown
page read and write
 clean
8F0F000
stack
page read and write
 clean
2ABC000
unkown image
page readonly
 clean
EAAB000
unkown image
page readonly
 clean
8AF0000
unkown
page read and write
 clean
EACB000
unkown image
page readonly
 clean
CDC2000
unkown
page read and write
 clean
569737F000
stack
page read and write
 clean
16C271E0000
unkown image
page readonly
 clean
58B000
unkown
page read and write
 clean
7FF525B41000
unkown image
page readonly
 clean
EABC000
unkown image
page readonly
 clean
9095000
unkown
page read and write
 clean
A4E9000
unkown
page read and write
 clean
2552000
unkown image
page readonly
 clean
27E3000
unkown image
page readonly
 clean
7DF53AE10000
unkown image
page readonly
 clean
7DF53AE02000
unkown image
page readonly
 clean
212CEEB0000
unkown image
page readonly
 clean
16C27B02000
unkown
page read and write
 clean
BAAD000
unkown image
page read and write
 clean
29BF000
unkown image
page readonly
 clean
AFAD000
unkown
page read and write
 clean
18943379000
unkown
page read and write
 clean
EB38000
unkown
page read and write
 clean
4E70000
unkown image
page readonly
 clean
2A5B000
unkown image
page readonly
 clean
2076FC4B000
unkown
page read and write
 clean
7FF52D78B000
unkown image
page readonly
 clean
55E0000
unkown image
page readonly
 clean
7FF52D6EC000
unkown image
page readonly
 clean
B04F000
unkown
page read and write
 clean
569757B000
stack
page read and write
 clean
7FF5253C0000
unkown image
page readonly
 clean
4E20000
unkown
page execute read
 clean
AAA0000
unkown
page read and write
 clean
58B000
unkown
page read and write
 clean
3371A77000
stack
page read and write
 clean
16C27A15000
unkown
page read and write
 clean
EB00000
unkown
page read and write
 clean
C87C000
stack
page read and write
 clean
AD14000
unkown
page read and write
 clean
C8E0000
unkown
page read and write
 clean
DCDF000
stack
page read and write
 clean
4DC0000
heap default
page read and write
 clean
B4E0000
unkown
page read and write
 clean
88D0000
unkown
page read and write
 clean
28D7000
unkown image
page readonly
 clean
B490000
unkown
page read and write
 clean
B67E000
stack
page read and write
 clean
48E000
unkown
page read and write
 clean
906E000
unkown
page read and write
 clean
4E00000
unkown
page execute read
 clean
16C2C868000
unkown
page read and write
 clean
7FF525C80000
unkown image
page readonly
 clean
7FF52D58A000
unkown image
page readonly
 clean
27F9000
unkown image
page readonly
 clean
FF5B0000
unkown image
page readonly
 clean
B360000
unkown
page read and write
 clean
7FF54234A000
unkown image
page readonly
 clean
440000
unkown image
page readonly
 clean
14088A60000
unkown
page read and write
 clean
16C2CA17000
unkown
page read and write
 clean
7FF52D571000
unkown image
page readonly
 clean
212CF08A000
unkown
page read and write
 clean
7FF5091CB000
unkown image
page readonly
 clean
2A56000
unkown image
page readonly
 clean
4E50000
heap private
page read and write
 clean
EB16000
unkown
page read and write
 clean
18943377000
unkown
page read and write
 clean
C8E0000
unkown
page read and write
 clean
5697777000
stack
page read and write
 clean
7FF508BD2000
unkown image
page readonly
 clean
14089391000
unkown
page read and write
 clean
189435A5000
heap private
page read and write
 clean
CA73000
unkown
page read and write
 clean
2737000
unkown image
page readonly
 clean
E1CF000
stack
page read and write
 clean
212CEED0000
heap default
page read and write
 clean
AE5D000
unkown
page read and write
 clean
7FF525CF6000
unkown image
page readonly
 clean
5A0000
unkown image
page readonly
 clean
4EB0000
unkown
page read and write
 clean
7FF541BB3000
unkown image
page readonly
 clean
7FF4F8F60000
unkown image
page readonly
 clean
4AABEFE000
stack
page read and write
 clean
2733000
unkown image
page readonly
 clean
4AAC3FE000
stack
page read and write
 clean
7FF4F9904000
unkown image
page readonly
 clean
7FF509106000
unkown image
page readonly
 clean
B042000
unkown
page read and write
 clean
2A03000
unkown image
page readonly
 clean
1DBEB050000
unkown
page read and write
 clean
4DE0000
unkown
page execute read
 clean
4AAC2FA000
stack
page read and write
 clean
B510000
unkown
page read and write
 clean
B530000
unkown
page read and write
 clean
7D0000
unkown
page read and write
 clean
FF5A2000
unkown image
page readonly
 clean
16C279F0000
unkown
page read and write
 clean
A534000
unkown
page read and write
 clean
7FF5092BA000
unkown image
page readonly
 clean
4AAC87F000
stack
page read and write
 clean
8C50000
unkown
page read and write
 clean
C230000
unkown
page read and write
 clean
A6A6000
unkown
page read and write
 clean
2AA5000
unkown image
page readonly
 clean
55F0000
unkown image
page readonly
 clean
58B000
unkown
page read and write
 clean
A4A7000
unkown
page read and write
 clean
4EDB000
heap default
page read and write
 clean
7FF5093C1000
unkown image
page readonly
 clean
2A10000
unkown image
page readonly
 clean
4E20000
unkown
page execute read
 clean
9050000
unkown
page read and write
 clean
7FF525B7E000
unkown image
page readonly
 clean
7DF50E9B0000
unkown image
page readonly
 clean
B590000
unkown
page read and write
 clean
B20E000
unkown
page read and write
 clean
B8BD000
stack
page read and write
 clean
4EA0000
unkown image
page readonly
 clean
1DBEB070000
unkown
page read and write
 clean
C6B0000
stack
page read and write
 clean
8C40000
unkown
page read and write
 clean
7FF4F978C000
unkown image
page readonly
 clean
C8A0000
unkown image
page readonly
 clean
27C4000
unkown image
page readonly
 clean
14088A3C000
unkown
page read and write
 clean
1408938D000
unkown
page read and write
 clean
C650000
stack
page read and write
 clean
7FF5CD613000
unkown image
page readonly
 clean
1DBEAF70000
unkown image
page readonly
 clean
2A27000
unkown image
page readonly
 clean
A4E9000
unkown
page read and write
 clean
140893A2000
unkown
page read and write
 clean
D3A000
unkown image
page readonly
 clean
C6A0000
stack
page read and write
 clean
B4A0000
unkown
page read and write
 clean
7FF52D7AC000
unkown image
page readonly
 clean
8C30000
unkown
page read and write
 clean
8AE0000
unkown
page read and write
 clean
2AA1000
unkown image
page readonly
 clean
2076FC00000
unkown
page read and write
 clean
4D29000
unkown
page execute read
 clean
7FF5092BC000
unkown image
page readonly
 clean
7FF4F9597000
unkown image
page readonly
 clean
B1F0000
unkown
page read and write
 clean
B2E0000
unkown
page read and write
 clean
C77E000
stack
page read and write
 clean
B450000
unkown
page read and write
 clean
285B000
unkown image
page readonly
 clean
E97ED6E000
stack
page read and write
 clean
B67E000
stack
page read and write
 clean
16C27400000
unkown
page read and write
 clean
212CEE80000
unkown image
page readonly
 clean
14089300000
unkown
page read and write
 clean
8E0D000
stack
page read and write
 clean
D3A000
unkown image
page readonly
 clean
272D000
unkown image
page readonly
 clean
AAA6000
unkown
page read and write
 clean
7FF52D7C4000
unkown image
page readonly
 clean
8940000
unkown
page read and write
 clean
14089394000
unkown
page read and write
 clean
16C2C880000
unkown
page read and write
 clean
7DF51E442000
unkown image
page readonly
 clean
C6C0000
stack
page execute read
 clean
14088A54000
unkown
page read and write
 clean
EAE7000
unkown image
page readonly
 clean
8DCF000
stack
page read and write
 clean
27B4000
unkown image
page readonly
 clean
2816000
unkown image
page readonly
 clean
8A70000
unkown
page read and write
 clean
48E000
unkown
page read and write
 clean
28DD000
unkown image
page readonly
 clean
B510000
unkown
page read and write
 clean
EB38000
unkown
page read and write
 clean
C1F0000
unkown
page read and write
 clean
EAC5000
unkown image
page readonly
 clean
EB47000
unkown
page read and write
 clean
4F1A000
heap default
page read and write
 clean
8BC0000
unkown
page read and write
 clean
7FF4F986A000
unkown image
page readonly
 clean
2A2F000
unkown image
page readonly
 clean
8900000
unkown
page read and write
 clean
AE84000
unkown
page read and write
 clean
E37D000
stack
page read and write
 clean
BA77000
unkown image
page read and write
 clean
2888000
unkown image
page readonly
 clean
2722000
unkown image
page readonly
 clean
16C2C9C0000
unkown
page read and write
 clean
7FF508C23000
unkown image
page readonly
 clean
7D4000
unkown
page read and write
 clean
B3A0000
unkown
page read and write
 clean
A462000
unkown
page read and write
 clean
273C000
unkown image
page readonly
 clean
28EA000
unkown image
page readonly
 clean
2076FC89000
unkown
page read and write
 clean
14089802000
unkown
page read and write
 clean
7FF509283000
unkown image
page readonly
 clean
7FF52D77E000
unkown image
page readonly
 clean
B420000
unkown
page read and write
 clean
EB47000
unkown
page read and write
 clean
B3F0000
unkown
page read and write
 clean
B380000
unkown
page read and write
 clean
7FF4F96C3000
unkown image
page readonly
 clean
B520000
unkown
page read and write
 clean
51B0000
unkown image
page readonly
 clean
7FF4F93E6000
unkown image
page readonly
 clean
B5A0000
unkown
page read and write
 clean
27D4000
unkown image
page readonly
 clean
C8F0000
unkown
page read and write
 clean
AA9A000
unkown
page read and write
 clean
7FF5CD6BA000
unkown image
page readonly
 clean
8C2D000
stack
page read and write
 clean
2904000
unkown image
page readonly
 clean
28F4000
unkown image
page readonly
 clean
1408938D000
unkown
page read and write
 clean
AB0E000
unkown
page read and write
 clean
C210000
unkown
page read and write
 clean
DB9F000
stack
page read and write
 clean
CB60000
unkown
page read and write
 clean
A462000
unkown
page read and write
 clean
B310000
unkown
page read and write
 clean
28AB000
unkown image
page readonly
 clean
8C70000
unkown
page read and write
 clean
7FF5CD7AA000
unkown image
page readonly
 clean
8C60000
unkown
page read and write
 clean
58B000
unkown
page read and write
 clean
B600000
unkown image
page readonly
 clean
2862000
unkown image
page readonly
 clean
B10C000
unkown
page read and write
 clean
B3C0000
unkown
page read and write
 clean
281D000
unkown image
page readonly
 clean
E1CF000
stack
page read and write
 clean
1408939E000
unkown
page read and write
 clean
285F000
unkown image
page readonly
 clean
AFD7000
unkown
page read and write
 clean
253E000
unkown image
page readonly
 clean
89C0000
unkown
page read and write
 clean
89E0000
unkown
page read and write
 clean
1DBEB086000
unkown
page read and write
 clean
AAA6000
unkown
page read and write
 clean
2904000
unkown image
page readonly
 clean
C1E0000
unkown
page read and write
 clean
29F5000
unkown image
page readonly
 clean
1408996A000
unkown
page read and write
 clean
E37D000
stack
page read and write
 clean
8A50000
unkown
page read and write
 clean
7FF5CD437000
unkown image
page readonly
 clean
E97F57F000
stack
page read and write
 clean
27F9000
unkown image
page readonly
 clean
AD88000
unkown
page read and write
 clean
7FF5CD511000
unkown image
page readonly
 clean
212CF400000
unkown image
page readonly
 clean
2730000
unkown image
page readonly
 clean
27D9000
unkown image
page readonly
 clean
B470000
unkown
page read and write
 clean
2896000
unkown image
page readonly
 clean
89E0000
unkown
page read and write
 clean
7FF4F95D4000
unkown image
page readonly
 clean
7FF52D7E8000
unkown image
page readonly
 clean
87D0000
unkown
page read and write
 clean
8BD0000
unkown
page read and write
 clean
2AC8000
unkown image
page readonly
 clean
7FF4F984F000
unkown image
page readonly
 clean
140893C2000
unkown
page read and write
 clean
7DF5573E2000
unkown image
page readonly
 clean
8B00000
unkown
page read and write
 clean
AA97000
unkown
page read and write
 clean
7FF52D57F000
unkown image
page readonly
 clean
5664000
heap private
page read and write
 clean
B2E0000
unkown
page read and write
 clean
AE6B000
unkown
page read and write
 clean
A7AE000
unkown
page read and write
 clean
E97EDEE000
stack
page read and write
 clean
EB0B000
unkown
page read and write
 clean
8B20000
unkown image
page read and write
 clean
8AC0000
unkown
page read and write
 clean
16C2C8A4000
unkown
page read and write
 clean
14089391000
unkown
page read and write
 clean
14088A82000
unkown
page read and write
 clean
140890A0000
unkown image
page readonly
 clean
C960000
unkown
page read and write
 clean
18943379000
unkown
page read and write
 clean
4DC6000
heap default
page read and write
 clean
BA00000
unkown image
page readonly
 clean
7FF525CC4000
unkown image
page readonly
 clean
B560000
unkown
page read and write
 clean
EB05000
unkown
page read and write
 clean
B1DD000
unkown
page read and write
 clean
A96D000
unkown
page read and write
 clean
16C27800000
unkown image
page readonly
 clean
C990000
unkown
page read and write
 clean
18943366000
unkown
page read and write
 clean
7FF52D7D4000
unkown image
page readonly
 clean
8DCF000
stack
page read and write
 clean
B420000
unkown
page read and write
 clean
430000
unkown
page execute read
 clean
140893B3000
unkown
page read and write
 clean
7FF508E42000
unkown image
page readonly
 clean
53D0000
unkown image
page readonly
 clean
8CC0000
unkown
page read and write
 clean
27D9000
unkown image
page readonly
 clean
B77E000
stack
page read and write
 clean
7FF525C7E000
unkown image
page readonly
 clean
140893C2000
unkown
page read and write
 clean
B1E0000
unkown
page read and write
 clean
7FF5CD5A1000
unkown image
page readonly
 clean
348807F000
stack
page read and write
 clean
14088AF8000
unkown
page read and write
 clean
AAB2000
unkown
page read and write
 clean
7FF52D5C1000
unkown image
page readonly
 clean
B163000
unkown
page read and write
 clean
87D0000
unkown
page read and write
 clean
4EB0000
unkown
page read and write
 clean
ADA0000
unkown
page read and write
 clean
EACF000
unkown image
page readonly
 clean
8C40000
unkown
page read and write
 clean
B420000
unkown
page read and write
 clean
7FF52D3E0000
unkown image
page readonly
 clean
4DE0000
unkown
page execute read
 clean
140888C0000
heap private
page read and write
 clean
CD0B000
unkown
page read and write
 clean
4DE0000
unkown
page execute read
 clean
A586000
unkown
page read and write
 clean
8CA0000
unkown
page read and write
 clean
16C2C6D0000
unkown
page read and write
 clean
BA57000
unkown image
page read and write
 clean
2A33000
unkown image
page readonly
 clean
A7AE000
unkown
page read and write
 clean
7080000
unkown
page read and write
 clean
C5FE000
stack
page read and write
 clean
16C271A0000
heap private
page read and write
 clean
DBDD000
stack
page read and write
 clean
51C5000
heap private
page read and write
 clean
4AAC0FD000
stack
page read and write
 clean
BA20000
unkown
page read and write
 clean
C730000
stack
page read and write
 clean
430000
unkown
page execute read
 clean
3371B7B000
stack
page read and write
 clean
189435A0000
heap private
page read and write
 clean
A969000
unkown
page read and write
 clean
14088E00000
unkown image
page readonly
 clean
8BB0000
unkown
page read and write
 clean
7FF525BD3000
unkown image
page readonly
 clean
4DC6000
heap default
page read and write
 clean
7FF5CD704000
unkown image
page readonly
 clean
C650000
stack
page read and write
 clean
B4F0000
unkown
page read and write
 clean
B7BD000
stack
page read and write
 clean
337187C000
stack
page read and write
 clean
DE20000
unkown
page read and write
 clean
7FF4F96E1000
unkown image
page readonly
 clean
8F0F000
stack
page read and write
 clean
7FF52D780000
unkown image
page readonly
 clean
C910000
unkown
page read and write
 clean
7FF5CD6D7000
unkown image
page readonly
 clean
9095000
unkown
page read and write
 clean
B4C0000
unkown
page read and write
 clean
1408936F000
unkown
page read and write
 clean
CD0B000
unkown
page read and write
 clean
212CEE60000
unkown image
page read and write
 clean
C690000
stack
page read and write
 clean
4F1A000
heap default
page read and write
 clean
7FF525D72000
unkown image
page readonly
 clean
7FF5CD6EF000
unkown image
page readonly
 clean
B410000
unkown
page read and write
 clean
898D000
stack
page read and write
 clean
1408936E000
unkown
page read and write
 clean
C890000
unkown
page read and write
 clean
EB05000
unkown
page read and write
 clean
8B40000
unkown image
page readonly
 clean
C77E000
stack
page read and write
 clean
AED0000
unkown
page read and write
 clean
212CF070000
unkown
page read and write
 clean
8B00000
unkown
page read and write
 clean
AAB2000
unkown
page read and write
 clean
4E60000
unkown image
page readonly
 clean
8930000
unkown
page read and write
 clean
A462000
unkown
page read and write
 clean
BA77000
unkown image
page read and write
 clean
DCDF000
stack
page read and write
 clean
8B10000
unkown
page read and write
 clean
89D0000
unkown
page read and write
 clean
EAA0000
unkown image
page readonly
 clean
2AD3000
unkown image
page readonly
 clean
1DBEAFD0000
unkown image
page readonly
 clean
8B20000
unkown image
page read and write
 clean
4DB0000
unkown
page execute read
 clean
2AC8000
unkown image
page readonly
 clean
A9E0000
unkown
page read and write
 clean
B2C0000
unkown
page read and write
 clean
AC8B000
unkown
page read and write
 clean
2076FAC0000
heap default
page read and write
 clean
5660000
heap private
page read and write
 clean
16C2C760000
unkown
page read and write
 clean
16C271B0000
unkown image
page readonly
 clean
A965000
unkown
page read and write
 clean
A664000
unkown
page read and write
 clean
EABA000
unkown image
page readonly
 clean
16C27488000
unkown
page read and write
 clean
7FF52D733000
unkown image
page readonly
 clean
7FF509314000
unkown image
page readonly
 clean
16C28370000
unkown image
page readonly
 clean
2A56000
unkown image
page readonly
 clean
90D1000
unkown
page read and write
 clean
B460000
unkown
page read and write
 clean
6FC0000
unkown image
page readonly
 clean
5190000
unkown
page read and write
 clean
53D0000
unkown image
page readonly
 clean
FF5B2000
unkown image
page readonly
 clean
A5E0000
unkown
page read and write
 clean
8A30000
unkown
page read and write
 clean
2A56000
unkown image
page readonly
 clean
B14A000
unkown
page read and write
 clean
55F0000
unkown image
page readonly
 clean
189431D0000
unkown image
page readonly
 clean
14089802000
unkown
page read and write
 clean
2076FC7E000
unkown
page read and write
 clean
B1DD000
unkown
page read and write
 clean
2076FBC0000
unkown
page read and write
 clean
E06F000
stack
page read and write
 clean
5664000
heap private
page read and write
 clean
A5C0000
unkown
page execute read
 clean
7FF4F9912000
unkown image
page readonly
 clean
7FF542260000
unkown image
page readonly
 clean
A83C000
unkown
page read and write
 clean
AD3E000
unkown
page read and write
 clean
7FF52D7F9000
unkown image
page readonly
 clean
BA77000
unkown image
page read and write
 clean
B390000
unkown
page read and write
 clean
4DA0000
unkown
page read and write
 clean
4D90000
unkown image
page read and write
 clean
2AA1000
unkown image
page readonly
 clean
1408938E000
unkown
page read and write
 clean
A9DD000
unkown
page read and write
 clean
B0CB000
unkown
page read and write
 clean
18943370000
unkown
page read and write
 clean
B440000
unkown
page read and write
 clean
7FF52D56B000
unkown image
page readonly
 clean
4DA0000
unkown
page read and write
 clean
16C2CA6E000
unkown
page read and write
 clean
AD60000
unkown
page read and write
 clean
2A3F000
unkown image
page readonly
 clean
90CB000
unkown
page read and write
 clean
2AA5000
unkown image
page readonly
 clean
212CF04A000
unkown
page read and write
 clean
BA9D000
unkown image
page read and write
 clean
9050000
unkown
page read and write
 clean
253E000
unkown image
page readonly
 clean
7FF4F8F5A000
unkown image
page readonly
 clean
8BB0000
unkown
page read and write
 clean
A9F4000
unkown
page read and write
 clean
A622000
unkown
page read and write
 clean
7FF542344000
unkown image
page readonly
 clean
8A50000
unkown
page read and write
 clean
8A60000
unkown
page read and write
 clean
7DF5E2832000
unkown image
page readonly
 clean
51A0000
unkown image
page readonly
 clean
B610000
unkown
page read and write
 clean
A838000
unkown
page read and write
 clean
5670000
unkown image
page readonly
 clean
2888000
unkown image
page readonly
 clean
29D3000
unkown image
page readonly
 clean
14088B02000
unkown
page read and write
 clean
EB1C000
unkown
page read and write
 clean
14088AB0000
unkown
page read and write
 clean
569797E000
stack
page read and write
 clean
C680000
stack
page read and write
 clean
16C27471000
unkown
page read and write
 clean
14088A4F000
unkown
page read and write
 clean
2733000
unkown image
page readonly
 clean
8C2D000
stack
page read and write
 clean
16C2748C000
unkown
page read and write
 clean
51C5000
heap private
page read and write
 clean
2544000
unkown image
page readonly
 clean
3487BFC000
stack
page read and write
 clean
51A0000
unkown image
page readonly
 clean
7FF5CD7A4000
unkown image
page readonly
 clean
7FF5CD73D000
unkown image
page readonly
 clean
4DC6000
heap default
page read and write
 clean
ADA0000
unkown
page read and write
 clean
8A40000
unkown
page read and write
 clean
277C000
unkown image
page readonly
 clean
BA5D000
unkown image
page read and write
 clean
AE9C000
unkown
page read and write
 clean
7DF51E452000
unkown image
page readonly
 clean
7FF508E90000
unkown image
page readonly
 clean
5664000
heap private
page read and write
 clean
8BB0000
unkown
page read and write
 clean
C930000
unkown
page read and write
 clean
EB38000
unkown
page read and write
 clean
2A5B000
unkown image
page readonly
 clean
89C0000
unkown
page read and write
 clean
2783000
unkown image
page readonly
 clean
16C2C9A0000
unkown
page read and write
 clean
C87A000
stack
page read and write
 clean
AB9E000
unkown
page read and write
 clean
1894337E000
unkown
page read and write
 clean
7FF4F981E000
unkown image
page readonly
 clean
212CF013000
unkown
page read and write
 clean
B380000
unkown
page read and write
 clean
1DBEB000000
unkown
page read and write
 clean
7FF509234000
unkown image
page readonly
 clean
7FF4F9773000
unkown image
page readonly
 clean
212CF050000
unkown
page read and write
 clean
2AA1000
unkown image
page readonly
 clean
BA60000
unkown image
page read and write
 clean
2AC2000
unkown image
page readonly
 clean
E47F000
stack
page read and write
 clean
4E53000
heap private
page read and write
 clean
1408936D000
unkown
page read and write
 clean
2862000
unkown image
page readonly
 clean
B540000
unkown
page read and write
 clean
51B0000
unkown image
page readonly
 clean
8AE0000
unkown
page read and write
 clean
16C27B18000
unkown
page read and write
 clean
EAAF000
unkown image
page readonly
 clean
8BD0000
unkown
page read and write
 clean
7DF5573F0000
unkown image
page readonly
 clean
7FF525CAC000
unkown image
page readonly
 clean
A72A000
unkown
page read and write
 clean
3487D7B000
stack
page read and write
 clean
3371C7F000
stack
page read and write
 clean
1DBEB013000
unkown
page read and write
 clean
C630000
stack
page read and write
 clean
7FF5CD6BE000
unkown image
page readonly
 clean
904F000
stack
page read and write
 clean
16C28160000
unkown image
page read and write
 clean
7FF525CCA000
unkown image
page readonly
 clean
4E53000
heap private
page read and write
 clean
4DA0000
unkown
page read and write
 clean
5170000
unkown
page read and write
 clean
1DBEB100000
unkown
page read and write
 clean
A969000
unkown
page read and write
 clean
C660000
stack
page read and write
 clean
7FF525CB7000
unkown image
page readonly
 clean
4DB0000
unkown
page execute read
 clean
B300000
unkown
page read and write
 clean
B8FD000
stack
page read and write
 clean
EB29000
unkown
page read and write
 clean
14089140000
unkown
page read and write
 clean
BA10000
unkown image
page readonly
 clean
7FF525B61000
unkown image
page readonly
 clean
7FF52D5B6000
unkown image
page readonly
 clean
A969000
unkown
page read and write
 clean
B0AD000
unkown
page read and write
 clean
48E000
unkown
page read and write
 clean
14089394000
unkown
page read and write
 clean
AA97000
unkown
page read and write
 clean
16C2C6E0000
unkown
page read and write
 clean
C940000
unkown
page read and write
 clean
90CB000
unkown
page read and write
 clean
FF5B0000
unkown image
page readonly
 clean
4EDB000
heap default
page read and write
 clean
189435B0000
unkown image
page readonly
 clean
4DA0000
unkown
page read and write
 clean
7FF5CD72E000
unkown image
page readonly
 clean
2904000
unkown image
page readonly
 clean
AD7C000
unkown
page read and write
 clean
1DBEB2D0000
unkown image
page readonly
 clean
AE9C000
unkown
page read and write
 clean
AD6E000
unkown
page read and write
 clean
B67E000
stack
page read and write
 clean
272D000
unkown image
page readonly
 clean
14089364000
unkown
page read and write
 clean
4E20000
unkown
page execute read
 clean
212CEE70000
heap private
page read and write
 clean
A961000
unkown
page read and write
 clean
5660000
heap private
page read and write
 clean
3487C7E000
stack
page read and write
 clean
B570000
unkown
page read and write
 clean
B540000
unkown
page read and write
 clean
B610000
unkown
page read and write
 clean
212CF113000
unkown
page read and write
 clean
C70D000
stack
page read and write
 clean
C600000
stack
page read and write
 clean
5A0000
unkown image
page readonly
 clean
EAC0000
unkown image
page readonly
 clean
8910000
unkown
page read and write
 clean
4AAC5FF000
stack
page read and write
 clean
C640000
stack
page read and write
 clean
8C70000
unkown
page read and write
 clean
7FF50908B000
unkown image
page readonly
 clean
7FF4F93F5000
unkown image
page readonly
 clean
7FF4F988E000
unkown image
page readonly
 clean
AC8B000
unkown
page read and write
 clean
C660000
stack
page read and write
 clean
8AD0000
unkown
page read and write
 clean
A3B0000
unkown
page read and write
 clean
253C000
unkown image
page readonly
 clean
16C2C9B0000
unkown
page read and write
 clean
20770402000
unkown
page read and write
 clean
906E000
unkown
page read and write
 clean
14089375000
unkown
page read and write
 clean
7FF4F9874000
unkown image
page readonly
 clean
7FF508A0A000
unkown image
page readonly
 clean
189431B0000
unkown image
page readonly
 clean
51C0000
heap private
page read and write
 clean
7DF50E9A0000
unkown image
page readonly
 clean
51B0000
unkown image
page readonly
 clean
7D0000
unkown
page read and write
 clean
16C27453000
unkown
page read and write
 clean
285F000
unkown image
page readonly
 clean
B400000
unkown
page read and write
 clean
2076FC6E000
unkown
page read and write
 clean
AD68000
unkown
page read and write
 clean
14088AEF000
unkown
page read and write
 clean
8B40000
unkown image
page readonly
 clean
2783000
unkown image
page readonly
 clean
C70D000
stack
page read and write
 clean
5B0000
unkown image
page readonly
 clean
2807000
unkown image
page readonly
 clean
7FF52D470000
unkown image
page readonly
 clean
B9FF000
stack
page read and write
 clean
AD7C000
unkown
page read and write
 clean
A9E0000
unkown
page read and write
 clean
C610000
stack
page read and write
 clean
8B20000
unkown image
page read and write
 clean
AD3E000
unkown
page read and write
 clean
27F9000
unkown image
page readonly
 clean
B520000
unkown
page read and write
 clean
7FF525CEE000
unkown image
page readonly
 clean
EAE7000
unkown image
page readonly
 clean
7FF52D720000
unkown image
page readonly
 clean
5170000
unkown
page read and write
 clean
C980000
unkown
page read and write
 clean
16C27980000
unkown image
page readonly
 clean
C990000
unkown
page read and write
 clean
8BC0000
unkown
page read and write
 clean
14088AC0000
unkown
page read and write
 clean
8CA0000
unkown
page read and write
 clean
A4CD000
unkown
page read and write
 clean
253E000
unkown image
page readonly
 clean
4EA0000
unkown image
page readonly
 clean
285F000
unkown image
page readonly
 clean
2A2D000
unkown image
page readonly
 clean
29B9000
unkown image
page readonly
 clean
7FF509270000
unkown image
page readonly
 clean
16C2CCB0000
unkown
page read and write
 clean
E30F000
stack
page read and write
 clean
7FF5CD5BE000
unkown image
page readonly
 clean
212CF07F000
unkown
page read and write
 clean
7DF542900000
unkown image
page readonly
 clean
A3B0000
unkown
page read and write
 clean
BA10000
unkown image
page readonly
 clean
27D9000
unkown image
page readonly
 clean
7FF5422BE000
unkown image
page readonly
 clean
212CF000000
unkown
page read and write
 clean
1408937A000
unkown
page read and write
 clean
16C2CA93000
unkown
page read and write
 clean
4E90000
unkown
page read and write
 clean
A76C000
unkown
page read and write
 clean
89C0000
unkown
page read and write
 clean
277C000
unkown image
page readonly
 clean
16C273D0000
unkown
page read and write
 clean
8A20000
unkown
page read and write
 clean
16C271D0000
unkown image
page readonly
 clean
A9F4000
unkown
page read and write
 clean
7FF52D5B4000
unkown image
page readonly
 clean
A4CD000
unkown
page read and write
 clean
2A52000
unkown image
page readonly
 clean
4E80000
unkown
page read and write
 clean
C5FE000
stack
page read and write
 clean
DA5F000
stack
page read and write
 clean
B570000
unkown
page read and write
 clean
7DF4407C0000
unkown image
page readonly
 clean
14088C00000
unkown image
page readonly
 clean
ADB7000
unkown
page read and write
 clean
140888F0000
unkown image
page readonly
 clean
7FF52D395000
unkown image
page readonly
 clean
4E30000
unkown image
page readonly
 clean
8C60000
unkown
page read and write
 clean
212CF108000
unkown
page read and write
 clean
7DF53AE10000
unkown image
page readonly
 clean
7FF52D7C8000
unkown image
page readonly
 clean
140893AF000
unkown
page read and write
 clean
EAA0000
unkown image
page readonly
 clean
AB9E000
unkown
page read and write
 clean
7DF5573F0000
unkown image
page readonly
 clean
27D4000
unkown image
page readonly
 clean
9095000
unkown
page read and write
 clean
ACF2000
unkown
page read and write
 clean
7FF525CAF000
unkown image
page readonly
 clean
140893B1000
unkown
page read and write
 clean
7FF5090D0000
unkown image
page readonly
 clean
1894337D000
unkown
page read and write
 clean
CC78000
unkown
page read and write
 clean
16C27476000
unkown
page read and write
 clean
55E0000
unkown image
page readonly
 clean
AFAD000
unkown
page read and write
 clean
AD72000
unkown
page read and write
 clean
AD96000
unkown
page read and write
 clean
B590000
unkown
page read and write
 clean
EABC000
unkown image
page readonly
 clean
B390000
unkown
page read and write
 clean
2AA5000
unkown image
page readonly
 clean
16C2C990000
unkown
page read and write
 clean
C210000
unkown
page read and write
 clean
4AACAFC000
stack
page read and write
 clean
B4F0000
unkown
page read and write
 clean
AEB7000
unkown
page read and write
 clean
8A50000
unkown
page read and write
 clean
C890000
unkown
page read and write
 clean
EB25000
unkown
page read and write
 clean
8CA0000
unkown
page read and write
 clean
4E90000
unkown
page read and write
 clean
C1F0000
unkown
page read and write
 clean
AD14000
unkown
page read and write
 clean
A832000
unkown
page read and write
 clean
C670000
stack
page read and write
 clean
A925000
unkown
page read and write
 clean
4EB0000
unkown
page read and write
 clean
16C2CA1D000
unkown
page read and write
 clean
2A27000
unkown image
page readonly
 clean
51D0000
unkown image
page readonly
 clean
7FF525C8B000
unkown image
page readonly
 clean
B1C9000
unkown
page read and write
 clean
8A10000
unkown
page read and write
 clean
7FF5091B1000
unkown image
page readonly
 clean
B4B0000
unkown
page read and write
 clean
14088A56000
unkown
page read and write
 clean
B3F0000
unkown
page read and write
 clean
B3D0000
unkown
page read and write
 clean
7DF51E452000
unkown image
page readonly
 clean
7080000
unkown
page read and write
 clean
DF6D000
stack
page read and write
 clean
ADA0000
unkown
page read and write
 clean
2A2F000
unkown image
page readonly
 clean
EAB6000
unkown image
page readonly
 clean
27E3000
unkown image
page readonly
 clean
8AF0000
unkown
page read and write
 clean
51B0000
unkown image
page readonly
 clean
6A80000
unkown image
page read and write
 clean
89B0000
unkown
page read and write
 clean
4D10000
unkown
page read and write
 clean
C0CE000
stack
page read and write
 clean
2552000
unkown image
page readonly
 clean
BA57000
unkown image
page read and write
 clean
7D4000
unkown
page read and write
 clean
1408938F000
unkown
page read and write
 clean
C950000
unkown
page read and write
 clean
1408983C000
unkown
page read and write
 clean
C950000
unkown
page read and write
 clean
16C286C0000
unkown
page read and write
 clean
8CB0000
unkown
page read and write
 clean
7B586FE000
stack
page read and write
 clean
4E00000
unkown
page execute read
 clean
4E50000
heap private
page read and write
 clean
AA9A000
unkown
page read and write
 clean
BA60000
unkown image
page read and write
 clean
20770000000
unkown image
page readonly
 clean
EAA5000
unkown image
page readonly
 clean
7FF509084000
unkown image
page readonly
 clean
DA9D000
stack
page read and write
 clean
2737000
unkown image
page readonly
 clean
AD7E000
unkown
page read and write
 clean
8AA0000
unkown
page read and write
 clean
5B0000
unkown image
page readonly
 clean
AB5E000
unkown
page read and write
 clean
18943376000
unkown
page read and write
 clean
AE5D000
unkown
page read and write
 clean
14088920000
heap default
page read and write
 clean
B163000
unkown
page read and write
 clean
14089396000
unkown
page read and write
 clean
5670000
unkown image
page readonly
 clean
8A00000
unkown
page read and write
 clean
B8FD000
stack
page read and write
 clean
6FC0000
unkown image
page readonly
 clean
16C2C9C0000
unkown
page read and write
 clean
4AAC9FF000
stack
page read and write
 clean
C680000
stack
page read and write
 clean
7FF509173000
unkown image
page readonly
 clean
AE5D000
unkown
page read and write
 clean
14088B13000
unkown
page read and write
 clean
B550000
unkown
page read and write
 clean
7FF5092E7000
unkown image
page readonly
 clean
88D0000
unkown
page read and write
 clean
7B587FF000
stack
page read and write
 clean
28DD000
unkown image
page readonly
 clean
A664000
unkown
page read and write
 clean
B3E0000
unkown
page read and write
 clean
7FF52D76C000
unkown image
page readonly
 clean
8AC0000
unkown
page read and write
 clean
8E0D000
stack
page read and write
 clean
2076FAA0000
unkown image
page readonly
 clean
B4D0000
unkown
page read and write
 clean
28FB000
unkown image
page readonly
 clean
A5C0000
unkown
page execute read
 clean
28F4000
unkown image
page readonly
 clean
B350000
unkown
page read and write
 clean
2076FC3C000
unkown
page read and write
 clean
28B2000
unkown image
page readonly
 clean
7FF52D411000
unkown image
page readonly
 clean
7FF52D401000
unkown image
page readonly
 clean
B7BD000
stack
page read and write
 clean
AB0E000
unkown
page read and write
 clean
5190000
unkown
page read and write
 clean
7FF542351000
unkown image
page readonly
 clean
8A80000
unkown
page read and write
 clean
5B0000
unkown image
page readonly
 clean
14088B27000
unkown
page read and write
 clean
14088A5B000
unkown
page read and write
 clean
8A70000
unkown
page read and write
 clean
14089391000
unkown
page read and write
 clean
2AC8000
unkown image
page readonly
 clean
7DF438CC0000
unkown image
page readonly
 clean
7FF4F9701000
unkown image
page readonly
 clean
7FF4F976D000
unkown image
page readonly
 clean
A963000
unkown
page read and write
 clean
CAB7000
unkown
page read and write
 clean
7FF525CDF000
unkown image
page readonly
 clean
There are 2320 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://earthy-unruly-shroud.glitch.me/ikowthlodisgoods.html
 malicious