Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\066e1eff-d36c-4e9c-8948-66526803648a.tmp
|
SysEx File -
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\550058c2-f2cc-480f-843e-2f73e06aab99.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\7405ca4f-682d-4031-86df-08e48d0a443d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\47544592-1de0-4eb7-8ede-c717ec11fa67.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent
State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\e7739206-7d4f-488d-9117-0c4ffc4ffae5.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\b63836ec-6635-49da-8a18-696b26a40eed.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ceb94f7d-df78-42a9-a54c-38066295f817.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\f3245c96-a635-48bf-9568-db938ae11702.tmp
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ffb05f2f-bad0-42b9-89f7-107a5451aef8.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\bcf295b0-4532-48d0-9438-5f63a56443f3.tmp
|
ASCII text, with very long lines, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\fd88ec9e-890a-4b2f-adf6-7e6a213e2e1d.tmp
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\4badc51e-eda6-451a-b2c3-ea89dacf7a31.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\82621c0c-b3a9-40bf-afaa-d2947204b216.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\4badc51e-eda6-451a-b2c3-ea89dacf7a31.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\bg\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\ca\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\cs\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\da\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\de\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\el\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\en\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\en_GB\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\es\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\es_419\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\et\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\fi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\fil\messages.json
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\fr\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\hi\messages.json
|
UTF-8 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\hr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\hu\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\id\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\it\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\ja\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\ko\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\lt\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\lv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\nb\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\nl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\pl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\pt_BR\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\pt_PT\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\ro\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\ru\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\sk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\sl\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\sr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\sv\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\th\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\tr\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\uk\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\vi\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\zh_CN\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_locales\zh_TW\messages.json
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\_metadata\verified_contents.json
|
ASCII text, with very long lines, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\craw_background.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\craw_window.js
|
ASCII text, with very long lines
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\css\craw_window.css
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\html\craw_window.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\flapper.gif
|
GIF image data, version 89a, 30 x 30
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\icon_128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\icon_16.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\topbar_floating_button.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\topbar_floating_button_close.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\topbar_floating_button_hover.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4324_2011126058\CRX_INSTALL\manifest.json
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 75 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "http://pub.lucidpress.com
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1616,15869322143913586381,16477777855430292938,131072
--lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1920 /prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pub.lucidpress.com
|
|||
|
https://www.google.com
|
unknown
|
||
|
https://www.google.com/images/dot2.gif
|
unknown
|
||
|
https://dns.google
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/intl/en-US/chrome/blank.html
|
unknown
|
||
|
https://ogs.google.com
|
unknown
|
||
|
https://pub.lucidpress.com/
|
13.226.244.72
|
||
|
https://pub.lucidpress.com/favicon.ico
|
13.226.244.72
|
||
|
https://www.google.com/images/cleardot.gif
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
|
216.58.215.238
|
||
|
https://accounts.google.com
|
unknown
|
||
|
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
|
142.250.203.109
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
http://pub.lucidpress.com/
|
13.226.244.72
|
||
|
https://apis.google.com
|
unknown
|
||
|
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.google.com/images/x2.gif
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://www-googleapis-staging.sandbox.google.com
|
unknown
|
||
|
https://accounts.google.com/MergeSession
|
unknown
|
||
|
https://clients2.google.com
|
unknown
|
||
|
https://clients2.google.com/service/update2/crx
|
unknown
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
accounts.google.com
|
142.250.203.109
|
||
|
d3v04nmt9jknbk.cloudfront.net
|
13.226.244.72
|
||
|
clients.l.google.com
|
216.58.215.238
|
||
|
pub.lucidpress.com
|
unknown
|
||
|
clients2.google.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.226.244.72
|
d3v04nmt9jknbk.cloudfront.net
|
United States
|
||
|
192.168.2.1
|
unknown
|
unknown
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
216.58.215.238
|
clients.l.google.com
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
142.250.203.109
|
accounts.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
|
S-1-5-21-3853321935-2125563209-4053062332-1002
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gdaefkejpgkiemlaofpalmlakkmbjdnl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
kmendfapggjehodndflmmgagdbamhnfd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mfehgcgbbipciphmccgaenjidiccnmng
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
neajdppkdcdipfabeoofebfddakdcjhd
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
nmmhkkegccagdldgiimedpiccmgmieda
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
pkedcjkdefgpdelpbcmbmeomcjbeemfm
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
|
gfdkimpbcpahaombhbimeihdjnejgicl
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
module_blacklist_cache_md5_digest
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.account_id
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
google.services.last_username
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
|
lastrun
|
There are 31 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
28D39BF0000
|
heap
|
page read and write
|
||
|
21FEAE23000
|
trusted library allocation
|
page read and write
|
||
|
AC2517B000
|
stack
|
page read and write
|
||
|
2BF8C77000
|
stack
|
page read and write
|
||
|
2BF8EFF000
|
stack
|
page read and write
|
||
|
2BF8FFF000
|
stack
|
page read and write
|
||
|
2088C629000
|
heap
|
page read and write
|
||
|
2088C613000
|
heap
|
page read and write
|
||
|
2BF8A7B000
|
stack
|
page read and write
|
||
|
DE59A7F000
|
stack
|
page read and write
|
||
|
28D3A490000
|
trusted library allocation
|
page read and write
|
||
|
2BF897E000
|
stack
|
page read and write
|
||
|
21FE9A73000
|
heap
|
page read and write
|
||
|
21FEEE30000
|
trusted library allocation
|
page read and write
|
||
|
EB410FD000
|
stack
|
page read and write
|
||
|
2088C700000
|
heap
|
page read and write
|
||
|
26720A02000
|
trusted library allocation
|
page read and write
|
||
|
2088C665000
|
heap
|
page read and write
|
||
|
21FEA1F0000
|
trusted library section
|
page readonly
|
||
|
28D39C13000
|
heap
|
page read and write
|
||
|
28D39C40000
|
heap
|
page read and write
|
||
|
28D39B80000
|
heap
|
page read and write
|
||
|
21FEF120000
|
trusted library allocation
|
page read and write
|
||
|
EB4127F000
|
stack
|
page read and write
|
||
|
EB40D7F000
|
stack
|
page read and write
|
||
|
26720010000
|
heap
|
page read and write
|
||
|
28D39C28000
|
heap
|
page read and write
|
||
|
21FEA1D0000
|
trusted library section
|
page readonly
|
||
|
21FEA318000
|
heap
|
page read and write
|
||
|
EB40E7B000
|
stack
|
page read and write
|
||
|
DE5997F000
|
stack
|
page read and write
|
||
|
21FEAE30000
|
trusted library allocation
|
page read and write
|
||
|
21FEF130000
|
trusted library allocation
|
page read and write
|
||
|
EB40EFE000
|
stack
|
page read and write
|
||
|
2088C410000
|
heap
|
page read and write
|
||
|
AC24F7E000
|
stack
|
page read and write
|
||
|
EB40A77000
|
stack
|
page read and write
|
||
|
21FEF130000
|
remote allocation
|
page read and write
|
||
|
21FEA313000
|
heap
|
page read and write
|
||
|
EB40F7E000
|
stack
|
page read and write
|
||
|
21FEF100000
|
trusted library allocation
|
page read and write
|
||
|
EB4137C000
|
stack
|
page read and write
|
||
|
21FE9AFB000
|
heap
|
page read and write
|
||
|
21FEF229000
|
heap
|
page read and write
|
||
|
2088C600000
|
heap
|
page read and write
|
||
|
21FEA202000
|
heap
|
page read and write
|
||
|
2088C656000
|
heap
|
page read and write
|
||
|
21FEEFD8000
|
trusted library allocation
|
page read and write
|
||
|
21FEA1E0000
|
trusted library section
|
page readonly
|
||
|
26720302000
|
heap
|
page read and write
|
||
|
EB4097E000
|
stack
|
page read and write
|
||
|
21FEF200000
|
heap
|
page read and write
|
||
|
2088C66D000
|
heap
|
page read and write
|
||
|
2088C65D000
|
heap
|
page read and write
|
||
|
21FEA1C0000
|
trusted library section
|
page readonly
|
||
|
EB4117E000
|
stack
|
page read and write
|
||
|
21FEF2E5000
|
heap
|
page read and write
|
||
|
DE5967E000
|
stack
|
page read and write
|
||
|
21FEEFD0000
|
trusted library allocation
|
page read and write
|
||
|
EB411FF000
|
stack
|
page read and write
|
||
|
DE59B7B000
|
stack
|
page read and write
|
||
|
28D39D00000
|
heap
|
page read and write
|
||
|
DE5936B000
|
stack
|
page read and write
|
||
|
21FEF2C5000
|
heap
|
page read and write
|
||
|
28D39C6D000
|
heap
|
page read and write
|
||
|
2088C626000
|
heap
|
page read and write
|
||
|
28D39B90000
|
heap
|
page read and write
|
||
|
AC24EFE000
|
stack
|
page read and write
|
||
|
2088C400000
|
heap
|
page read and write
|
||
|
26720290000
|
heap
|
page read and write
|
||
|
21FEA358000
|
heap
|
page read and write
|
||
|
21FEF2DA000
|
heap
|
page read and write
|
||
|
26720110000
|
trusted library allocation
|
page read and write
|
||
|
2BF8B7B000
|
stack
|
page read and write
|
||
|
21FEF261000
|
heap
|
page read and write
|
||
|
26720213000
|
heap
|
page read and write
|
||
|
21FEA318000
|
heap
|
page read and write
|
||
|
21FEEFF4000
|
trusted library allocation
|
page read and write
|
||
|
2088C663000
|
heap
|
page read and write
|
||
|
2088C691000
|
heap
|
page read and write
|
||
|
28D3A602000
|
trusted library allocation
|
page read and write
|
||
|
28D39C00000
|
heap
|
page read and write
|
||
|
21FEF23D000
|
heap
|
page read and write
|
||
|
21FE9A76000
|
heap
|
page read and write
|
||
|
21FEF0A0000
|
trusted library allocation
|
page read and write
|
||
|
21FE9A71000
|
heap
|
page read and write
|
||
|
21FEEE40000
|
trusted library allocation
|
page read and write
|
||
|
2088C65E000
|
heap
|
page read and write
|
||
|
2671FFA0000
|
heap
|
page read and write
|
||
|
28D39C52000
|
heap
|
page read and write
|
||
|
2088C702000
|
heap
|
page read and write
|
||
|
2088CE02000
|
trusted library allocation
|
page read and write
|
||
|
2088C67F000
|
heap
|
page read and write
|
||
|
21FE9B13000
|
heap
|
page read and write
|
||
|
21FEF209000
|
heap
|
page read and write
|
||
|
21FE9B02000
|
heap
|
page read and write
|
||
|
21FEF2B0000
|
heap
|
page read and write
|
||
|
21FE9A29000
|
heap
|
page read and write
|
||
|
2088C470000
|
heap
|
page read and write
|
||
|
21FEF2FD000
|
heap
|
page read and write
|
||
|
21FEEFD0000
|
trusted library allocation
|
page read and write
|
||
|
21FEF000000
|
trusted library allocation
|
page read and write
|
||
|
21FEF010000
|
trusted library allocation
|
page read and write
|
||
|
AC2537F000
|
stack
|
page read and write
|
||
|
21FEF24A000
|
heap
|
page read and write
|
||
|
21FEA9E0000
|
trusted library allocation
|
page read and write
|
||
|
EB40B7A000
|
stack
|
page read and write
|
||
|
21FEA215000
|
heap
|
page read and write
|
||
|
28D39D02000
|
heap
|
page read and write
|
||
|
28D39D13000
|
heap
|
page read and write
|
||
|
21FEEEC0000
|
trusted library allocation
|
page read and write
|
||
|
21FE9A9A000
|
heap
|
page read and write
|
||
|
2BF887C000
|
stack
|
page read and write
|
||
|
21FE9940000
|
trusted library section
|
page read and write
|
||
|
AC2547E000
|
stack
|
page read and write
|
||
|
2BF8E7D000
|
stack
|
page read and write
|
||
|
21FEF2DF000
|
heap
|
page read and write
|
||
|
21FEF0E0000
|
trusted library allocation
|
page read and write
|
||
|
21FE9A8F000
|
heap
|
page read and write
|
||
|
21FEA1B0000
|
trusted library section
|
page readonly
|
||
|
21FE97C0000
|
heap
|
page read and write
|
||
|
21FEAE20000
|
trusted library allocation
|
page read and write
|
||
|
21FEEFF1000
|
trusted library allocation
|
page read and write
|
||
|
EB4087B000
|
stack
|
page read and write
|
||
|
AC2507C000
|
stack
|
page read and write
|
||
|
21FEAE01000
|
trusted library allocation
|
page read and write
|
||
|
21FE9A8A000
|
heap
|
page read and write
|
||
|
2671FFB0000
|
heap
|
page read and write
|
||
|
AC24E7C000
|
stack
|
page read and write
|
||
|
21FEA200000
|
heap
|
page read and write
|
||
|
AC25277000
|
stack
|
page read and write
|
||
|
EB4147F000
|
stack
|
page read and write
|
||
|
21FEF000000
|
trusted library allocation
|
page read and write
|
||
|
21FE9930000
|
trusted library allocation
|
page read and write
|
||
|
EB40FFF000
|
stack
|
page read and write
|
||
|
21FEA1A0000
|
trusted library section
|
page readonly
|
||
|
28D39C02000
|
heap
|
page read and write
|
||
|
21FEEEB0000
|
trusted library allocation
|
page read and write
|
||
|
26720283000
|
heap
|
page read and write
|
||
|
2088C66C000
|
heap
|
page read and write
|
||
|
21FEEFF0000
|
trusted library allocation
|
page read and write
|
||
|
2088C63C000
|
heap
|
page read and write
|
||
|
21FE9830000
|
heap
|
page read and write
|
||
|
21FE9A00000
|
heap
|
page read and write
|
||
|
2672022A000
|
heap
|
page read and write
|
||
|
DE5987B000
|
stack
|
page read and write
|
||
|
2BF8D7E000
|
stack
|
page read and write
|
||
|
21FE9AB9000
|
heap
|
page read and write
|
||
|
2088C668000
|
heap
|
page read and write
|
||
|
21FEEFDE000
|
trusted library allocation
|
page read and write
|
||
|
26720271000
|
heap
|
page read and write
|
||
|
EB40C7A000
|
stack
|
page read and write
|
||
|
21FEF21B000
|
heap
|
page read and write
|
||
|
21FE9A13000
|
heap
|
page read and write
|
||
|
21FEF014000
|
trusted library allocation
|
page read and write
|
||
|
2088C689000
|
heap
|
page read and write
|
||
|
21FEF130000
|
remote allocation
|
page read and write
|
||
|
21FE9A3D000
|
heap
|
page read and write
|
||
|
2BF88FF000
|
stack
|
page read and write
|
||
|
2088C661000
|
heap
|
page read and write
|
||
|
21FE97D0000
|
heap
|
page read and write
|
||
|
21FEA359000
|
heap
|
page read and write
|
||
|
21FEF0F0000
|
trusted library allocation
|
page read and write
|
||
|
26720313000
|
heap
|
page read and write
|
||
|
2088C66A000
|
heap
|
page read and write
|
||
|
21FEF2E3000
|
heap
|
page read and write
|
||
|
21FE9A6C000
|
heap
|
page read and write
|
||
|
21FEF2F8000
|
heap
|
page read and write
|
||
|
21FE9A58000
|
heap
|
page read and write
|
||
|
26720200000
|
heap
|
page read and write
|
||
|
DE593EE000
|
stack
|
page read and write
|
||
|
2088C713000
|
heap
|
page read and write
|
||
|
2088C570000
|
trusted library allocation
|
page read and write
|
||
|
21FEA300000
|
heap
|
page read and write
|
||
|
21FEA302000
|
heap
|
page read and write
|
||
|
21FEF2A7000
|
heap
|
page read and write
|
||
|
2672028E000
|
heap
|
page read and write
|
||
|
21FEF110000
|
trusted library allocation
|
page read and write
|
||
|
28D39C75000
|
heap
|
page read and write
|
||
|
2088C708000
|
heap
|
page read and write
|
||
|
21FEF130000
|
remote allocation
|
page read and write
|
||
|
2672023C000
|
heap
|
page read and write
|
||
|
EB408FE000
|
stack
|
page read and write
|
There are 173 hidden memdumps, click here to show them.