Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\097c7525-dd04-4ae8-8395-719c9897d76e.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1307013b-ae24-46ac-a1c9-a239a26d10a5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\1508c819-be8b-48ef-ab40-82eb845271e4.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\155d2823-a6ca-43cd-a868-7a88b59e7872.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2853f2bc-5b8f-40c1-96d1-56c40a8be678.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\2d204f1c-649b-491e-b073-91c6628bb440.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\46211e82-a1ca-4130-8a32-aa8507401785.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\979c7365-4db5-480d-bb89-8a295d7440d2.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\000002.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0398f951-8cb1-4069-826a-8c56b4dad919.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\04b0af2d-2668-4002-97ff-271744050b2c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\21e151be-d2d8-49e4-ab61-fa7d47a0d347.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2445734a-a1bd-4cda-ab1a-1038713a1c6f.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\447ffb02-17f1-4df2-8bd4-0717d0f01fcb.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\6ae60d7c-ddaa-4873-9059-bf7d1631d8ad.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\91da4d9a-cdcd-442f-9c34-23b892562292.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000001
|
PGP\011Secret Key -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\80cfe5db-1550-4897-a8d1-57c904cabb7c.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\6e7b1f98-b22a-44f8-808f-4c5bb9271312.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old
(copy)
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b13c9e4a-4b78-4a0a-a4ab-648fb55e4674.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f9391904-55b7-4091-ac09-61dfe64b0693.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\ae1e6acb-dd68-429b-8d3a-f7860c7786f6.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\df7fed9f-1eba-452e-8bdd-4c04725a42f1.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\2fa3c091-0620-4365-9436-d44f2f3acfb8.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1023687559\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1023687559\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1023687559\crl-set
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1023687559\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1023687559\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1076056982\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1076056982\download_file_types.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1076056982\manifest.fingerprint
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\6168_1076056982\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_692878306\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_692878306\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_692878306\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_935649365\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_935649365\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_935649365\manifest.json
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\6168_935649365\ssl_error_assistant.pb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c1e0b3d4-c691-48dc-8bab-d22cac04bb2f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\c28e1f74-d536-4061-b3ea-3384a118a928.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\d9b93b4b-f3cd-4b09-9d1d-1dbda98e63dc.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\hr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\hu\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\it\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\ja\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\ko\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\lt\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\lv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\nb\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\pl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\pt_BR\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\pt_PT\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\ro\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\ru\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\sk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\sl\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\sr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\sv\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\th\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\tr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\uk\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\vi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\zh_CN\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_locales\zh_TW\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_1960185979\c1e0b3d4-c691-48dc-8bab-d22cac04bb2f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\am\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ar\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\bg\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\bn\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ca\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\cs\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\da\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\de\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\el\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\en\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\es\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\et\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\fa\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\fi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\fil\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\fr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\gu\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\hi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\hr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\hu\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\id\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\it\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\iw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ja\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\kn\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ko\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\lt\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\lv\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ml\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\mr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ms\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\nb\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\nl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\pl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\pt\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ro\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ru\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\sk\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\sl\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\sr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\sv\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\sw\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\ta\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\te\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\th\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\tr\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\uk\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\vi\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\zh\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\_locales\zh_TW\messages.json
|
HTML document, ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\angular.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\background_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\cast_sender.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\common.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\feedback.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\feedback.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\feedback_script.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\manifest.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\CRX_INSTALL\material_css_min.css
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir6168_453072086\c28e1f74-d536-4061-b3ea-3384a118a928.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\Downloads\df50da4b-e246-40d1-bc31-5bd66999a9bf.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Downloads\win.pac.crdownload (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\Downloads\win.pac:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 174 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://104.155.207.188/win.pac
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1568,8254746983986450573,12491079493607844637,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1924 /prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1568,8254746983986450573,12491079493607844637,131072
--lang=en-US --service-sandbox-type=none --enable-audio-service-sandbox --mojo-platform-channel-handle=4612 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://104.155.207.188/win.pac
|
 |
||
|
https://www.google.com/tools/feedback
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://support.google.com/chromecast/troubleshooter/2995236
|
unknown
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
142.250.185.206
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.186.77
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com;
|
unknown
|
||
|
https://crash.corp.google.com/samples?reportid=&q=
|
unknown
|
||
|
http://104.155.207.188/win.pac
|
104.155.207.188
|
||
|
https://hangouts.google.com/
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
|
142.250.185.193
|
||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://support.google.com/chromecast/answer/2998456
|
unknown
|
||
|
http://angularjs.org
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://github.com/angular/material
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://feedback.googleusercontent.com
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
142.250.186.77
|
||
|
clients.l.google.com
|
142.250.185.206
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.185.193
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.185.206
|
clients.l.google.com
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
104.155.207.188
|
unknown
|
United States
|
||
|
142.250.185.193
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
192.168.2.23
|
unknown
|
unknown
|
||
|
142.250.186.77
|
accounts.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
|
Implementing
|
There are 35 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1DD2490F000
|
heap
|
page read and write
|
||
|
190951C0000
|
trusted library allocation
|
page read and write
|
||
|
2A063100000
|
trusted library allocation
|
page read and write
|
||
|
39D9A7F000
|
stack
|
page read and write
|
||
|
17127708000
|
heap
|
page read and write
|
||
|
2A06327D000
|
heap
|
page read and write
|
||
|
39D96FB000
|
stack
|
page read and write
|
||
|
A14557F000
|
stack
|
page read and write
|
||
|
1AC746A0000
|
heap
|
page read and write
|
||
|
1DD24A20000
|
trusted library allocation
|
page read and write
|
||
|
47AC37F000
|
stack
|
page read and write
|
||
|
21BC323C000
|
heap
|
page read and write
|
||
|
8705CC000
|
stack
|
page read and write
|
||
|
2A063270000
|
heap
|
page read and write
|
||
|
1DD1EF40000
|
heap
|
page read and write
|
||
|
B7180FB000
|
stack
|
page read and write
|
||
|
8712FB000
|
stack
|
page read and write
|
||
|
1DD24918000
|
heap
|
page read and write
|
||
|
1DD24814000
|
heap
|
page read and write
|
||
|
2A06323C000
|
heap
|
page read and write
|
||
|
B7184FE000
|
stack
|
page read and write
|
||
|
17127700000
|
heap
|
page read and write
|
||
|
1DD205C0000
|
trusted library allocation
|
page read and write
|
||
|
1712764F000
|
heap
|
page read and write
|
||
|
1AC74828000
|
heap
|
page read and write
|
||
|
1DD24640000
|
trusted library allocation
|
page read and write
|
||
|
39D947E000
|
stack
|
page read and write
|
||
|
1DD1FB9C000
|
heap
|
page read and write
|
||
|
1DD24A90000
|
trusted library allocation
|
page read and write
|
||
|
8709F7000
|
stack
|
page read and write
|
||
|
1DD248DB000
|
heap
|
page read and write
|
||
|
2A063A02000
|
trusted library allocation
|
page read and write
|
||
|
190951A0000
|
trusted library allocation
|
page read and write
|
||
|
17127629000
|
heap
|
page read and write
|
||
|
19095220000
|
trusted library allocation
|
page read and write
|
||
|
1DD1FB9C000
|
heap
|
page read and write
|
||
|
1DD1FB9C000
|
heap
|
page read and write
|
||
|
17127671000
|
heap
|
page read and write
|
||
|
586A9FF000
|
stack
|
page read and write
|
||
|
1DD24906000
|
heap
|
page read and write
|
||
|
2A06328E000
|
heap
|
page read and write
|
||
|
190943C8000
|
heap
|
page read and write
|
||
|
1DD1F07A000
|
heap
|
page read and write
|
||
|
1DD24918000
|
heap
|
page read and write
|
||
|
1712764B000
|
heap
|
page read and write
|
||
|
1DD245C0000
|
trusted library allocation
|
page read and write
|
||
|
1DD24750000
|
trusted library allocation
|
page read and write
|
||
|
8711FA000
|
stack
|
page read and write
|
||
|
39D9877000
|
stack
|
page read and write
|
||
|
47AC07B000
|
stack
|
page read and write
|
||
|
1DD1EFE0000
|
trusted library allocation
|
page read and write
|
||
|
1DD24902000
|
heap
|
page read and write
|
||
|
1DD24755000
|
trusted library allocation
|
page read and write
|
||
|
1AC74857000
|
heap
|
page read and write
|
||
|
1DD1FB9C000
|
heap
|
page read and write
|
||
|
1DD24917000
|
heap
|
page read and write
|
||
|
1DD24902000
|
heap
|
page read and write
|
||
|
1DD24751000
|
trusted library allocation
|
page read and write
|
||
|
1DD24630000
|
trusted library allocation
|
page read and write
|
||
|
1DD1F0A0000
|
heap
|
page read and write
|
||
|
1712768B000
|
heap
|
page read and write
|
||
|
586AAFE000
|
stack
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
1DD1FB9C000
|
heap
|
page read and write
|
||
|
19094120000
|
trusted library allocation
|
page read and write
|
||
|
21BC3300000
|
heap
|
page read and write
|
||
|
1DD1F9E3000
|
trusted library allocation
|
page read and write
|
||
|
190943AD000
|
heap
|
page read and write
|
||
|
190943AF000
|
heap
|
page read and write
|
||
|
87107E000
|
stack
|
page read and write
|
||
|
1DD1FB9A000
|
heap
|
page read and write
|
||
|
1DD2475E000
|
trusted library allocation
|
page read and write
|
||
|
A14547F000
|
stack
|
page read and write
|
||
|
1DD248FE000
|
heap
|
page read and write
|
||
|
21BC3274000
|
heap
|
page read and write
|
||
|
1DD1FB9B000
|
heap
|
page read and write
|
||
|
1DD248B5000
|
heap
|
page read and write
|
||
|
1DD24917000
|
heap
|
page read and write
|
||
|
8710FE000
|
stack
|
page read and write
|
||
|
1DD2481E000
|
heap
|
page read and write
|
||
|
39D91CB000
|
stack
|
page read and write
|
||
|
1DD1FB13000
|
heap
|
page read and write
|
||
|
1DD1F0BB000
|
heap
|
page read and write
|
||
|
190943AE000
|
heap
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
A144D8F000
|
stack
|
page read and write
|
||
|
1DD1F9E0000
|
trusted library allocation
|
page read and write
|
||
|
870FFF000
|
stack
|
page read and write
|
||
|
21BC3264000
|
heap
|
page read and write
|
||
|
1AC74802000
|
heap
|
page read and write
|
||
|
1AC74FA0000
|
trusted library allocation
|
page read and write
|
||
|
1DD248AA000
|
heap
|
page read and write
|
||
|
B7181F7000
|
stack
|
page read and write
|
||
|
870DFB000
|
stack
|
page read and write
|
||
|
1DD1F029000
|
heap
|
page read and write
|
||
|
1DD1F113000
|
heap
|
page read and write
|
||
|
586AA7A000
|
stack
|
page read and write
|
||
|
1DD24790000
|
trusted library allocation
|
page read and write
|
||
|
1DD20230000
|
trusted library section
|
page readonly
|
||
|
1DD1F0FD000
|
heap
|
page read and write
|
||
|
1DD24917000
|
heap
|
page read and write
|
||
|
1DD1EFB0000
|
heap
|
page read and write
|
||
|
1DD20270000
|
trusted library section
|
page readonly
|
||
|
19094110000
|
heap
|
page read and write
|
||
|
1DD24751000
|
trusted library allocation
|
page read and write
|
||
|
1DD1FA02000
|
heap
|
page read and write
|
||
|
171275A0000
|
heap
|
page read and write
|
||
|
870BFA000
|
stack
|
page read and write
|
||
|
2A063290000
|
heap
|
page read and write
|
||
|
1DD1F055000
|
heap
|
page read and write
|
||
|
870E7F000
|
stack
|
page read and write
|
||
|
2A063300000
|
heap
|
page read and write
|
||
|
2A062F90000
|
heap
|
page read and write
|
||
|
21BC3229000
|
heap
|
page read and write
|
||
|
190951B0000
|
heap
|
page readonly
|
||
|
1AC74902000
|
heap
|
page read and write
|
||
|
1DD24AA0000
|
trusted library allocation
|
page read and write
|
||
|
1AC7483D000
|
heap
|
page read and write
|
||
|
19094368000
|
heap
|
page read and write
|
||
|
19094300000
|
trusted library allocation
|
page read and write
|
||
|
1DD1F070000
|
heap
|
page read and write
|
||
|
1DD245F3000
|
trusted library allocation
|
page read and write
|
||
|
1AC74913000
|
heap
|
page read and write
|
||
|
1DD1F9F0000
|
trusted library allocation
|
page read and write
|
||
|
190942C9000
|
heap
|
page read and write
|
||
|
870EFE000
|
stack
|
page read and write
|
||
|
1DD24902000
|
heap
|
page read and write
|
||
|
1DD1FB59000
|
heap
|
page read and write
|
||
|
1DD1F102000
|
heap
|
page read and write
|
||
|
17127600000
|
heap
|
page read and write
|
||
|
1DD248B5000
|
heap
|
page read and write
|
||
|
1DD24758000
|
trusted library allocation
|
page read and write
|
||
|
1DD24A70000
|
trusted library allocation
|
page read and write
|
||
|
2A063213000
|
heap
|
page read and write
|
||
|
2A063258000
|
heap
|
page read and write
|
||
|
1DD1FB59000
|
heap
|
page read and write
|
||
|
21BC328C000
|
heap
|
page read and write
|
||
|
39D95FB000
|
stack
|
page read and write
|
||
|
A14527B000
|
stack
|
page read and write
|
||
|
1DD248B5000
|
heap
|
page read and write
|
||
|
1DD24AB0000
|
remote allocation
|
page read and write
|
||
|
47AC17B000
|
stack
|
page read and write
|
||
|
1DD1F000000
|
heap
|
page read and write
|
||
|
1DD1F0AD000
|
heap
|
page read and write
|
||
|
21BC30F0000
|
heap
|
page read and write
|
||
|
1DD2475B000
|
trusted library allocation
|
page read and write
|
||
|
1DD2489E000
|
heap
|
page read and write
|
||
|
171275D0000
|
trusted library allocation
|
page read and write
|
||
|
1DD24790000
|
trusted library allocation
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
1DD1FA00000
|
heap
|
page read and write
|
||
|
1DD1F090000
|
heap
|
page read and write
|
||
|
2A063313000
|
heap
|
page read and write
|
||
|
190943C1000
|
heap
|
page read and write
|
||
|
1DD24AC0000
|
trusted library allocation
|
page read and write
|
||
|
1DD24780000
|
trusted library allocation
|
page read and write
|
||
|
1DD24750000
|
trusted library allocation
|
page read and write
|
||
|
1DD2490A000
|
heap
|
page read and write
|
||
|
17127653000
|
heap
|
page read and write
|
||
|
190943A8000
|
heap
|
page read and write
|
||
|
1DD20140000
|
trusted library allocation
|
page read and write
|
||
|
8714FF000
|
stack
|
page read and write
|
||
|
21BC3281000
|
heap
|
page read and write
|
||
|
21BC3C02000
|
trusted library allocation
|
page read and write
|
||
|
1DD248DB000
|
heap
|
page read and write
|
||
|
1DD1EFF0000
|
trusted library section
|
page read and write
|
||
|
1DD1F075000
|
heap
|
page read and write
|
||
|
1DD24771000
|
trusted library allocation
|
page read and write
|
||
|
47ABB2C000
|
stack
|
page read and write
|
||
|
A14517B000
|
stack
|
page read and write
|
||
|
1DD2475A000
|
trusted library allocation
|
page read and write
|
||
|
21BC325B000
|
heap
|
page read and write
|
||
|
586A8F9000
|
stack
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
2A063248000
|
heap
|
page read and write
|
||
|
21BC3274000
|
heap
|
page read and write
|
||
|
21BC3277000
|
heap
|
page read and write
|
||
|
B7182FF000
|
stack
|
page read and write
|
||
|
586A87F000
|
stack
|
page read and write
|
||
|
1DD24902000
|
heap
|
page read and write
|
||
|
1DD2490C000
|
heap
|
page read and write
|
||
|
B717B5C000
|
stack
|
page read and write
|
||
|
190943AE000
|
heap
|
page read and write
|
||
|
17127613000
|
heap
|
page read and write
|
||
|
21BC3180000
|
trusted library allocation
|
page read and write
|
||
|
A145377000
|
stack
|
page read and write
|
||
|
1AC74690000
|
heap
|
page read and write
|
||
|
190951D0000
|
trusted library allocation
|
page read and write
|
||
|
190942F0000
|
trusted library allocation
|
page read and write
|
||
|
B717BDF000
|
stack
|
page read and write
|
||
|
2A063229000
|
heap
|
page read and write
|
||
|
1AC75002000
|
trusted library allocation
|
page read and write
|
||
|
2A063256000
|
heap
|
page read and write
|
||
|
17128002000
|
trusted library allocation
|
page read and write
|
||
|
1DD1F03F000
|
heap
|
page read and write
|
||
|
19094360000
|
heap
|
page read and write
|
||
|
1DD20240000
|
trusted library section
|
page readonly
|
||
|
190943A7000
|
heap
|
page read and write
|
||
|
586A4FB000
|
stack
|
page read and write
|
||
|
1DD1FF00000
|
trusted library allocation
|
page read and write
|
||
|
1DD24914000
|
heap
|
page read and write
|
||
|
1DD24A80000
|
trusted library allocation
|
page read and write
|
||
|
1DD24907000
|
heap
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
1DD24754000
|
trusted library allocation
|
page read and write
|
||
|
8713FC000
|
stack
|
page read and write
|
||
|
1DD1FB00000
|
heap
|
page read and write
|
||
|
21BC3213000
|
heap
|
page read and write
|
||
|
1DD24BA0000
|
trusted library allocation
|
page read and write
|
||
|
2A063288000
|
heap
|
page read and write
|
||
|
17127713000
|
heap
|
page read and write
|
||
|
1DD24800000
|
heap
|
page read and write
|
||
|
1DD1F08A000
|
heap
|
page read and write
|
||
|
1DD24908000
|
heap
|
page read and write
|
||
|
21BC3302000
|
heap
|
page read and write
|
||
|
21BC3308000
|
heap
|
page read and write
|
||
|
1DD24902000
|
heap
|
page read and write
|
||
|
1DD248DB000
|
heap
|
page read and write
|
||
|
B717FFF000
|
stack
|
page read and write
|
||
|
1DD24AB0000
|
remote allocation
|
page read and write
|
||
|
21BC3260000
|
heap
|
page read and write
|
||
|
17127540000
|
heap
|
page read and write
|
||
|
2A063253000
|
heap
|
page read and write
|
||
|
1DD1F9C1000
|
trusted library allocation
|
page read and write
|
||
|
1DD24770000
|
trusted library allocation
|
page read and write
|
||
|
1DD24904000
|
heap
|
page read and write
|
||
|
1DD245D0000
|
trusted library allocation
|
page read and write
|
||
|
17127657000
|
heap
|
page read and write
|
||
|
1DD1FB59000
|
heap
|
page read and write
|
||
|
21BC30E0000
|
heap
|
page read and write
|
||
|
1DD24756000
|
trusted library allocation
|
page read and write
|
||
|
1712767D000
|
heap
|
page read and write
|
||
|
1AC74700000
|
heap
|
page read and write
|
||
|
1DD248F3000
|
heap
|
page read and write
|
||
|
21BC3200000
|
heap
|
page read and write
|
||
|
1DD24C60000
|
trusted library allocation
|
page read and write
|
||
|
1AC74900000
|
heap
|
page read and write
|
||
|
1DD20220000
|
trusted library section
|
page readonly
|
||
|
1DD2490C000
|
heap
|
page read and write
|
||
|
1DD1FC01000
|
trusted library allocation
|
page read and write
|
||
|
19094270000
|
heap
|
page read and write
|
||
|
1DD1F058000
|
heap
|
page read and write
|
||
|
2A062FA0000
|
heap
|
page read and write
|
||
|
19094F50000
|
trusted library allocation
|
page read and write
|
||
|
1712763C000
|
heap
|
page read and write
|
||
|
1DD24794000
|
trusted library allocation
|
page read and write
|
||
|
1DD24750000
|
trusted library allocation
|
page read and write
|
||
|
1AC74800000
|
heap
|
page read and write
|
||
|
1DD2482C000
|
heap
|
page read and write
|
||
|
39D977F000
|
stack
|
page read and write
|
||
|
1DD2491A000
|
heap
|
page read and write
|
||
|
1AC74813000
|
heap
|
page read and write
|
||
|
870CFE000
|
stack
|
page read and write
|
||
|
B7183FF000
|
stack
|
page read and write
|
||
|
1DD2490C000
|
heap
|
page read and write
|
||
|
1DD248B0000
|
trusted library allocation
|
page read and write
|
||
|
B717F7B000
|
stack
|
page read and write
|
||
|
39D997E000
|
stack
|
page read and write
|
||
|
2A063000000
|
heap
|
page read and write
|
||
|
A144D0C000
|
stack
|
page read and write
|
||
|
1DD2491B000
|
heap
|
page read and write
|
||
|
19094250000
|
heap
|
page read and write
|
||
|
1DD20260000
|
trusted library section
|
page readonly
|
||
|
870F7E000
|
stack
|
page read and write
|
||
|
19094460000
|
trusted library allocation
|
page read and write
|
||
|
1DD24780000
|
trusted library allocation
|
page read and write
|
||
|
2A063249000
|
heap
|
page read and write
|
||
|
2A06324E000
|
heap
|
page read and write
|
||
|
1DD1FA15000
|
heap
|
page read and write
|
||
|
1DD2483B000
|
heap
|
page read and write
|
||
|
1DD1FB9C000
|
heap
|
page read and write
|
||
|
A14507E000
|
stack
|
page read and write
|
||
|
2A063250000
|
heap
|
page read and write
|
||
|
17127702000
|
heap
|
page read and write
|
||
|
1AC74875000
|
heap
|
page read and write
|
||
|
2A063308000
|
heap
|
page read and write
|
||
|
B717E7E000
|
stack
|
page read and write
|
||
|
1DD245F0000
|
trusted library allocation
|
page read and write
|
||
|
1DD24848000
|
heap
|
page read and write
|
||
|
1DD248DB000
|
heap
|
page read and write
|
||
|
1DD2485E000
|
heap
|
page read and write
|
||
|
1DD24774000
|
trusted library allocation
|
page read and write
|
||
|
39D94FE000
|
stack
|
page read and write
|
||
|
1DD1F013000
|
heap
|
page read and write
|
||
|
17127530000
|
heap
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
1DD1FB18000
|
heap
|
page read and write
|
||
|
1DD20250000
|
trusted library section
|
page readonly
|
||
|
2A063255000
|
heap
|
page read and write
|
||
|
190943C3000
|
heap
|
page read and write
|
||
|
21BC3313000
|
heap
|
page read and write
|
||
|
1DD248A0000
|
trusted library allocation
|
page read and write
|
||
|
1712764A000
|
heap
|
page read and write
|
||
|
586A97B000
|
stack
|
page read and write
|
||
|
2A06324C000
|
heap
|
page read and write
|
||
|
47AC27B000
|
stack
|
page read and write
|
||
|
1DD1EF50000
|
heap
|
page read and write
|
||
|
17127602000
|
heap
|
page read and write
|
||
|
21BC3150000
|
heap
|
page read and write
|
||
|
1DD248EC000
|
heap
|
page read and write
|
||
|
21BC3252000
|
heap
|
page read and write
|
||
|
2A063200000
|
heap
|
page read and write
|
||
|
1DD24A60000
|
trusted library allocation
|
page read and write
|
||
|
870AF9000
|
stack
|
page read and write
|
||
|
2A063302000
|
heap
|
page read and write
|
||
|
1DD1FC81000
|
trusted library allocation
|
page read and write
|
||
|
1DD1FB59000
|
heap
|
page read and write
|
||
|
190942C0000
|
heap
|
page read and write
|
||
|
8708FE000
|
stack
|
page read and write
|
||
|
190942C5000
|
heap
|
page read and write
|
||
|
586A57E000
|
stack
|
page read and write
|
||
|
19094F60000
|
trusted library allocation
|
page read and write
|
||
|
1DD24AB0000
|
remote allocation
|
page read and write
|
There are 303 hidden memdumps, click here to show them.