Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
U59WtZz2Sg.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build2.exe
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build3.exe
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt19.lst
|
PostScript document text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\eventpage_bin_prod.js
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\flapper.gif
|
GIF image data 6044 x 14818
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\256.png
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\256.png
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{5BAAF43C-032B-11EB-90E4-ECF4BB570DC9}.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_637194112741176080.bin
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\dikxvqf\imagestore.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ThirdPartyNotices.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\de\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\es\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\fr\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\hu\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\it\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\ja\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\ko\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\nl\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\pl\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\pt-BR\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\pt-PT\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\ru\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\sv\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\tr\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\zh-CN\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\zh-TW\OneDrive.adml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\am-ET\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\en-US\msipc.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\he\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ig-NG\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\acm_low_disk_space_online_only.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\finderExtensionPrompt.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\kfm_folders_image.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\acm_low_disk_space_online_only.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\done_graphic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\finderExtensionPrompt.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\folder_image_documents.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ja\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ko\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ku-Arab\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\nso-ZA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\pa-Arab-PK\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\plugins.qmltypes
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Extras\plugins.qmltypes
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Templates.2\plugins.qmltypes
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\rw\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ti\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\wo\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\xh-ZA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\yo-NG\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\zh-CN\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\zh-TW\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install_2019-06-27_113458_1850-1854.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000013.db
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000a.db
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000b.db
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\build2[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\build3[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\SmartScreenCache.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Shell\DefaultLayouts.xml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin
|
PDP-11 overlaid separate executable not stripped
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\SyncVerbose.etl.0001
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\UnistackCircular.etl.0001
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\UnistackCritical.etl.0001
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Messaging_8wekyb3d8bbwe\LocalCache\MessagingBackgroundTaskLog.etl
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_10[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_11[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_12[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_14[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_17[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_18[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_19[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_21[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_22[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_23[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_24[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_27[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_2[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_3[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_6[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_7[1].txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\GA0XG3F1\www.bing[1].xml
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{2c863731-2a35-4444-9405-4d7cbb267ab4}\0.0.filtertrie.intermediate.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{2c863731-2a35-4444-9405-4d7cbb267ab4}\Apps.ft
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{2c863731-2a35-4444-9405-4d7cbb267ab4}\Apps.index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{536fe6e8-a600-46a1-adbb-191db00f5995}\0.0.filtertrie.intermediate.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{536fe6e8-a600-46a1-adbb-191db00f5995}\Apps.ft
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{536fe6e8-a600-46a1-adbb-191db00f5995}\Apps.index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{91ed1363-4d6b-46a6-b5af-d1ee0e00268b}\0.0.filtertrie.intermediate.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{91ed1363-4d6b-46a6-b5af-d1ee0e00268b}\Apps.ft
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{91ed1363-4d6b-46a6-b5af-d1ee0e00268b}\Apps.index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{ac30bccc-f672-44da-81fe-b3f316bbd507}\0.0.filtertrie.intermediate.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{ac30bccc-f672-44da-81fe-b3f316bbd507}\Apps.ft
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Apps_{ac30bccc-f672-44da-81fe-b3f316bbd507}\Apps.index
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\appsconversions.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\appsglobals.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\appssynonyms.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\settingsconversions.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\settingsglobals.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\settingssynonyms.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{13d888a1-0da9-488d-b29e-c632055a5b8d}\0.0.filtertrie.intermediate.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{13d888a1-0da9-488d-b29e-c632055a5b8d}\Settings.ft
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{7b0be05b-dd29-4634-bd2c-c09b9631250d}\0.0.filtertrie.intermediate.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{7b0be05b-dd29-4634-bd2c-c09b9631250d}\Settings.ft
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133051620838562510.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133051620921860467.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133142701119838854.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133142701138403912.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133142701505080737.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\DeviceSearchCache\SettingsCache.txt
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\TempState\CortanaUnifiedTileModelCache.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-shm
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppTracing_startedInBGMode.etl
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\StartUnifiedTileModelCache.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxCommAlwaysOnLog.etl
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxCommAlwaysOnLog_Old.etl
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\CR_4BAC1.tmp\setup.exe
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\DismHost.exe
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\AppxProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\AssocProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\CbsProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\CompatProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\DismCore.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\DismProv.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\DmiProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\FfuProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\FolderProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\GenericProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\IBSProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\ImagingProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\IntlProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\LogProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\MsiProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\OSProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\OfflineSetupProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\ProvProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\SetupPlatformProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\SmiProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\SysprepProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\TransmogProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\UnattendProvider.dll.mui
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\VhdProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\WimProvider.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\chrome_installer.log
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\images\flapper.gif
|
GIF image data 14588
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\tmpCDDA.tmp
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO1033.acl
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_1280_1024_POS4.jpg
|
JPEG image data
|
dropped
|
|
|
|
C:\Users\user\Application Data\Microsoft\Office\MSO1033.acl.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Desktop\BPMLNOBVSB.jpg
|
data
|
dropped
|
|
|
|
C:\Users\user\Desktop\KZWFNRXYKI\QNCYCDFIJJ.mp3
|
data
|
dropped
|
|
|
|
C:\Users\user\Desktop\WUTJSCBCFX\WUTJSCBCFX.docx
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build3.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Adobe\Acrobat\DC\AdobeSysFnt19.lst.uyro (copy)
|
PostScript document text
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Adobe\Acrobat\DC\UserCache.bin.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Application Data\Application Data\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\MSIMGSIZ.DAT.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\UrlBlock\urlblock_637194112741176080.bin.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\FileCoAuth.exe.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\FileSyncConfig.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\FileSyncHelper.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\OneDrive.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\OneDriveSetup.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\OneDriveStandaloneUpdater.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\OneDriveUpdaterService.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\ThirdPartyNotices.txt.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000013.db.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000a.db.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000b.db.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Windows\Shell\DefaultLayouts.xml.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Microsoft\Windows\UPPS\UPPS.bin.uyro (copy)
|
PDP-11 overlaid separate executable not stripped
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Messaging_8wekyb3d8bbwe\LocalCache\MessagingBackgroundTaskLog.etl.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat.LOG1.uyro
(copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\TempState\CortanaUnifiedTileModelCache.dat.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-shm.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppTracing_startedInBGMode.etl.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\StartUnifiedTileModelCache.dat.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxCommAlwaysOnLog.etl.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxCommAlwaysOnLog_Old.etl.uyro
(copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\CR_4BAC1.tmp\setup.exe.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\DismHost.exe.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\AppxProvider.dll.mui.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\AssocProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\CbsProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\CompatProvider.dll.mui.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\DismCore.dll.mui.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\DismProv.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\DmiProvider.dll.mui.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\FfuProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\FolderProvider.dll.mui.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\GenericProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\IBSProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\ImagingProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\IntlProvider.dll.mui.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\F0AA5307-87B6-41CC-8AB9-9D4E70F644BD\en-US\LogProvider.dll.mui.uyro (copy)
|
MS-DOS executable
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\chrome_installer.log.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temp\tmpCDDA.tmp.uyro (copy)
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temporary Internet Files\Low\MSIMGSIZ.DAT.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\Local Settings\Temporary Internet Files\Low\SmartScreenCache.dat.uyro (copy)
|
data
|
dropped
|
|
|
|
C:\Users\user\_readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\_readme.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\ProgramData\15593502492893213849595709
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie
0x3d, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\28325875654976084354326271
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 2, database pages 36, 1st free page 10, free
pages 4, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\28516965580031020035471649
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 2, database pages 36, 1st free page 10, free
pages 4, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\50023325401737157063598945
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie
0x19, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\53195122028892118046415569
|
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie
0x3d, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\69859612379489584907088796
|
SQLite 3.x database, last written using SQLite version 3038005, file counter 10, database pages 7, 1st free page 5, free pages
2, cookie 0x13, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
|
C:\SystemID\PersonalID.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\4DDQNYCN\www.msn[1].xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeCMapFnt19.lst
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AcroFnt19.lst
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheRdr65536.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Color\ACECache11.lst
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USS.jcp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00001.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USSres00002.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Comms\UnistoreDB\USStmp.jtx
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\ConnectedDevicesPlatform\CDPGlobalSettings.cdp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62FC182D-10C8.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\128.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\_metadata\computed_hashes.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\_metadata\verified_contents.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\dasherSettingSchema.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\manifest.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.14.0_0\page_embed_script.js
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_metadata\computed_hashes.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_metadata\verified_contents.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\craw_background.js
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\craw_window.js
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\craw_window.css
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\craw_window.html
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\icon_128.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\icon_16.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\topbar_floating_button.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\topbar_floating_button_close.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\topbar_floating_button_hover.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\topbar_floating_button_maximize.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\topbar_floating_button_pressed.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\manifest.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\128.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\192.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\32.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\48.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\64.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\96.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\128.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\192.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\48.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\64.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\96.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\128.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\192.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\256.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\32.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\48.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\64.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\96.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\128.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\192.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\256.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\32.png
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\heavy_ad_intervention_opt_out.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\previews_opt_out.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\IconCache.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0\UsageLogs\addinutil.exe.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\unarchiver.exe.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\sdiagnhost.exe.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\NGenTask.exe.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\ngen.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\8P7RGF10\www.microsoft[1].xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DSW732N5\www.google[1].xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\DURNCK2N\www.msn[1].xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QALADACS\contextual.media[1].xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DomainSuggestions\en-US.1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\IECompatData\iecompatdata.xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{5BAAF43B-032B-11EB-90E4-ECF4BB570DC9}.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{5BAAF43D-032B-11EB-90E4-ECF4BB570DC9}.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{71FBE94F-990A-11E9-90DB-ECF4BB570DC9}.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\Last Active\{7B1657B8-990A-11E9-90DB-ECF4BB570DC9}.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\VersionManager\versionlist.xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\brndlog.txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\ie4uinit-ClearIconCache.log
|
Unicode text, UTF-16, little-endian text, with very long lines (416), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\ie4uinit-UserConfig.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\01_Music_auto_rated_at_5_stars.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\02_Music_added_in_the_last_month.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\03_Music_rated_at_4_or_5_stars.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\04_Music_played_in_the_last_month.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\05_Pictures_taken_in_the_last_month.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\06_Pictures_rated_4_or_5_stars.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\07_TV_recorded_in_the_last_week.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\08_Video_rated_at_4_or_5_stars.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\09_Music_played_the_most.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\10_All_Music.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\11_All_Pictures.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Media Player\Sync Playlists\en-US\00007464\12_All_Video.wpl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\AppBlue.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\AppErrorBlue.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\AppErrorWhite.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\AppWhite.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\AutoPlayOptIn.gif
|
GIF image data 32437 x 10601
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\AutoPlayOptIn.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ElevatedAppBlue.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ElevatedAppWhite.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\Error.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ErrorPage.html
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\FileCoAuth.exe
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\FileSyncConfig.exe
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\FileSyncHelper.exe
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\KFMHeroToast.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\KFMLockedFileToast.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\KFMScanExclusionToast.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LoadingPage.html
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-black_scale-100.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-black_scale-125.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-black_scale-150.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-black_scale-200.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-black_scale-400.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-white_scale-100.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-white_scale-125.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-white_scale-150.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-white_scale-200.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.contrast-white_scale-400.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.scale-100.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.scale-125.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.scale-150.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.scale-200.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveMedTile.scale-400.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-black_scale-100.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-black_scale-125.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-black_scale-150.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-black_scale-200.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-black_scale-400.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-white_scale-100.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-white_scale-125.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-white_scale-150.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-white_scale-200.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.contrast-white_scale-400.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.scale-100.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.scale-125.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.scale-150.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.scale-200.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\LogoImages\OneDriveSmallTile.scale-400.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\OneDrive.VisualElementsManifest.xml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\OneDrive.exe
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\OneDriveLogo.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\OneDriveSetup.exe
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\OneDriveStandaloneUpdater.exe
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\OneDriveUpdaterService.exe
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\QuotaCritical.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\QuotaError.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\QuotaNearing.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\Resources.pri
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\SaveApplicationEventLogs.wsf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ScreenshotOptIn.gif
|
GIF image data 8837
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\TestSharePage.html
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\Warning.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\adm\OneDrive.admx
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\af\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\alertIcon.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ar\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\as-IN\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\az-Latn-AZ\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\be\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\bg\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\bn-BD\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\bn-IN\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\bs-Latn-BA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ca-Es-VALENCIA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ca\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\cs\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\cy-GB\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\da\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\de\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\el\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\en-GB\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\en\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\es\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\et\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\eu\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\fa\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\fi\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\fil-PH\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\fr\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ga-IE\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\gd\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\gl\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\gu\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ha-Latn-NG\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\hi\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\hr\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\hu\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\hy\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\id\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\acmDismissIcon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\backArrow.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\blurrect.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\cancelIcon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\checkboxComposite.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\checkmark_finished.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\checkmark_hovered.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\checkmark_in_progress.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\checkmark_selected.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\chevron.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\chevronUp.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\clock_icon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\cloud.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\completed_icon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\done_graphic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\errorIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\folderIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\folder_image_desktop.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\folder_image_documents.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\folder_image_pictures.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\forwardArrow.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\globeIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\iceBucket.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\infoIcon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\loading.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\loading_spinner.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\lock_icon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\onDemandFiles.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\onDemandFilesDehydrate.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\onDemandSelectiveSync.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\overflowIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\overflowIconLarge.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\partiallyFreezing.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\paused.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\pc_alert.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\premiumIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\reSignIn.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\recycleBin.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\shield_icon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\signIn.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\stackedIceCubes.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\vaultIntro.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\vaultUnlocked.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\warning-symbol_grey.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\darkTheme\waterGlass.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\acmDismissIcon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\backArrow.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\blurrect.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\cancelIcon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\checkboxComposite.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\checkmark_finished.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\checkmark_hovered.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\checkmark_in_progress.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\checkmark_selected.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\chevron.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\chevronUp.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\clock_icon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\cloud.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\completed_icon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\errorIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\folderIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\folder_image_desktop.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\folder_image_pictures.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\forwardArrow.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\globeIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\iceBucket.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\infoIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\kfm_folders_image.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\loading.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\loading_spinner.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\lock_icon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\onDemandFiles.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\onDemandFilesDehydrate.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\onDemandSelectiveSync.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\overflowIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\overflowIconLarge.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\partiallyFreezing.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\paused.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\pc_alert.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\premiumIcon.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\reSignIn.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\recycleBin.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\shield_icon.svg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\signIn.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\stackedIceCubes.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\vaultIntro.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\vaultUnlocked.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\warning-symbol_grey.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\images\lightTheme\waterGlass.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\is\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\it\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ka\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\kk\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\km-KH\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\kn\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\kok\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ky\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\lb-LU\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\lt\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\lv\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\mi-NZ\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\mk\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ml-IN\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\mn\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\mr\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ms\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\mt-MT\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\nb-NO\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ne-NP\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\nl\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\nn-NO\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\or-IN\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\pa\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\pl\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\prs-AF\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\pt-BR\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\pt-PT\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\FabExMDL2.ttf
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick.2\plugins.qmltypes
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\Button.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\CheckBox.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\Dialog.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\DialogButtonBox.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\Label.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\Menu.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\MenuItem.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\Popup.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\ProgressBar.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\RadioButton.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\ScrollBar.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\ScrollIndicator.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\ScrollView.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Controls.2\TextField.qml
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Layouts\plugins.qmltypes
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\qml\QtQuick\Window.2\plugins.qmltypes
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\quc\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\quz-PE\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ro\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ru\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sd-Arab-PK\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\si-LK\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sk\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sl\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sq\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sr-Cyrl-BA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sr-Cyrl-RS\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sr-Latn-RS\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sv\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\sw\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ta\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\te\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\tg\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\th\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\tk-TM\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\tn-ZA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\tr\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\tt\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ug\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\uk\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\ur\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable, MZ for MS-DOS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\uz-Latn-UZ\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\vaultIntro.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\vi\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\19.086.0502.0006\zu-ZA\FileSync.LocalizedResources.dll.mui
|
MS-DOS executable
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\ECSConfig.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-2019-06-27.1836.5964.1.aodl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-2019-06-27.1836.5964.1.odl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser-2019-06-27.1836.1304.1.aodl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser-2019-06-27.1836.1304.1.odl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser_2019-06-27_113458_1870-1874.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install-PerUser_2019-06-27_183655_1304-3128.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Install_2019-06-27_183642_5964-4704.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall-PerMachine_2020-07-27_073929_fc4-179c.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall-PerMachine_2020-08-26_080035_7d4-44.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall-PerMachine_2020-09-30_074451_aa8-131c.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall-PerUser_2020-07-27_073929_178c-1790.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall-PerUser_2020-08-26_080035_1794-1798.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall-PerUser_2020-09-30_074451_11d8-c6c.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall_2020-07-27_073928_f5c-16d8.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall_2020-08-26_080034_1748-11c4.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Uninstall_2020-09-30_074451_2bc-160c.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2019-06-27_113559_1bf4-37c.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2019-06-27_113735_d88-127c.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2020-07-23_101959_1494-1498.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\Update_2020-07-27_073907_1630-1634.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\parentTelemetryCache.otc.session
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\OneDrive\setup\logs\userTelemetryCache.otc.session
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28\Policy.vpol
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_00.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_01.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_02.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_03.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_04.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_05.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_06.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_07.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows Live\Bici\_08.sqm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\microsoft-skydrive-desktop_16_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_11_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_17_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_22_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_23_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_27_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_37_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_38_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_43_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_9_0.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\cversions.3.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{0A0496DA-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog.etl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db
|
GeoSwath RDF
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1920.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_2560.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_custom_stream.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_exif.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide_alternate.db
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\geo[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\get[1].htm
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookie
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V0100009.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V010000A.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V010000B.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01res00001.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01res00002.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\1527c705-839a-4832-9118-54d4Bd6a0c89_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\E2A4F912-2574-4A75-9BB0-0D023378592B_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\InputApp_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.AccountsControl_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.AsyncTextService_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.BioEnrollment_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.CredDialogHost_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ECApp_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.GetHelp_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.LockApp_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Messaging_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.OneConnect_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.PPIProjection_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.People_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Print3D_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.StorePurchaseApp_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Wallet_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WebMediaExtensions_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Win32WebViewHost_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.CapturePicker_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\LocalState\Features\du.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_13[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_15[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_16[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_20[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_25[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_26[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_4[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_5[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_8[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\C__Windows_SystemApps_Microsoft.Windows.Cortana_cw5n1h2txyewy_cache_Desktop_9[1].txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AC\AppCache\E5I42ZYH\1\appcache[1].man
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.edb
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.chk
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edbres00001.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edbres00002.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edbtmp.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\apps.csg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\apps.schema
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\settings.csg
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Input_{4b01d48e-72ca-4621-8570-a88f4a6b1ec4}\settings.schema
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{13d888a1-0da9-488d-b29e-c632055a5b8d}\Settings.index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\ConstraintIndex\Settings_{7b0be05b-dd29-4634-bd2c-c09b9631250d}\Settings.index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-wal
|
SQLite Write-Ahead Log, version 14580171
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.Xbox.TCUI_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxGameOverlay_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxIdentityProvider_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxIdentityProvider_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.XboxSpeechToTextOverlay_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Windows.CBSPreview_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Windows.PrintDialog_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxStore.hxd
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AdobeARM.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\JavaDeployReg.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\SetupExe(2020072310200717D0).log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\bg\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\ca\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\cs\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\da\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\de\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\el\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\en\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\en_GB\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\es\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\es_419\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\et\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\fi\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\fil\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\fr\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\hi\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\hr\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\hu\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\id\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\it\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\ja\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\ko\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\lt\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\lv\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\nb\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\nl\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\pl\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\pt_BR\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\pt_PT\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\ro\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\ru\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\sk\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\sl\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\sr\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\sv\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\th\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\tr\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\uk\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\vi\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\zh_CN\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_locales\zh_TW\messages.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\_metadata\verified_contents.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\craw_background.js
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\craw_window.js
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\css\craw_window.css
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\html\craw_window.html
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\images\topbar_floating_button.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\images\topbar_floating_button_close.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\images\topbar_floating_button_hover.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\images\topbar_floating_button_maximize.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\images\topbar_floating_button_pressed.png
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\manifest.fingerprint
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir4296_1252151785\CRX_INSTALL\manifest.json
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\bowsakkdestx.txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\0FDED5CEB68C302B1CDB2BDDD9D0000E76539CB0.crl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\CRLCache\CE338828149963DCEA4CD26BB86F0363B4CA0BA5.crl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\addressbook.acrodata
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\APASixthEditionOfficeOnline.xsl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\CHICAGO.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\GB.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\GostName.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\GostTitle.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\HarvardAnglia2008OfficeOnline.xsl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\IEEE2006OfficeOnline.xsl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\ISO690.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\ISO690Nmerical.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\MLASeventhEditionOfficeOnline.xsl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\SIST02.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Bibliography\Style\TURABIAN.XSL
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Document Building Blocks\1033\16\Built-In Building Blocks.dotx
|
Zip archive data, at least v2.0 to extract, compression method=[0xffffd045]
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Templates\Normal.dotm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\CameraRoll.library-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\5f7b5f1e01b83767.automaticDestinations-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Desktop (create shortcut).DeskLink
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\APASixthEditionOfficeOnline.xsl.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\CHICAGO.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\GB.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\GostName.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\GostTitle.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\HarvardAnglia2008OfficeOnline.xsl.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\IEEE2006OfficeOnline.xsl.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\ISO690.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\ISO690Nmerical.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\MLASeventhEditionOfficeOnline.xsl.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\SIST02.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Bibliography\Style\TURABIAN.XSL.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Office\Recent\Templates.LNK.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Office\Recent\index.dat.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Templates\Normal.dotm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Windows\Libraries\CameraRoll.library-ms.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Documents.library-ms.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Music.library-ms.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Pictures.library-ms.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Application Data\Microsoft\Windows\Libraries\Videos.library-ms.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Cookies\deprecated.cookie.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BPMLNOBVSB.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BPMLNOBVSB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\BPMLNOBVSB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\FENIVHOIKN.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\FENIVHOIKN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\JSDNGYCOWY.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\JSDNGYCOWY.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\BPMLNOBVSB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\BPMLNOBVSB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\KZWFNRXYKI.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\KZWFNRXYKI.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\NEBFQQYWPS.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\NEBFQQYWPS.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\QNCYCDFIJJ.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\UOOJJOZIRH.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\UOOJJOZIRH.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\WKXEWIOTXI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\KZWFNRXYKI\WKXEWIOTXI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\JSDNGYCOWY.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\JSDNGYCOWY.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\KZWFNRXYKI.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\KZWFNRXYKI.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\LTKMYBSEYZ.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\LTKMYBSEYZ.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\NWTVCDUMOB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\NWTVCDUMOB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\WUTJSCBCFX.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\WUTJSCBCFX.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\YPSIACHYXW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\LTKMYBSEYZ\YPSIACHYXW.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NEBFQQYWPS.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NEBFQQYWPS.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NWTVCDUMOB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\NWTVCDUMOB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\QNCYCDFIJJ.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\QNCYCDFIJJ.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\RAYHIWGKDI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\RAYHIWGKDI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\SFPUSAFIOL.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\SFPUSAFIOL.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\SQRKHNBNYN.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\SQRKHNBNYN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\UOOJJOZIRH.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\UOOJJOZIRH.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WKXEWIOTXI.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WKXEWIOTXI.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WKXEWIOTXI.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WKXEWIOTXI.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WKXEWIOTXI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WKXEWIOTXI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\BPMLNOBVSB.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\BPMLNOBVSB.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\FENIVHOIKN.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\FENIVHOIKN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\KZWFNRXYKI.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\KZWFNRXYKI.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\WKXEWIOTXI.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\WKXEWIOTXI.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\WUTJSCBCFX.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\ZBEDCJPBEY.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\WUTJSCBCFX\ZBEDCJPBEY.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\RAYHIWGKDI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\RAYHIWGKDI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\SFPUSAFIOL.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\SFPUSAFIOL.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\SQRKHNBNYN.png
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\SQRKHNBNYN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\WKXEWIOTXI.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\WKXEWIOTXI.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\YPSIACHYXW.docx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\YPSIACHYXW.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\ZBEDCJPBEY.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\YPSIACHYXW\ZBEDCJPBEY.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\ZBEDCJPBEY.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\ZBEDCJPBEY.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\ZBEDCJPBEY.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Desktop\ZBEDCJPBEY.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BPMLNOBVSB.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BPMLNOBVSB.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BPMLNOBVSB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\BPMLNOBVSB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\FENIVHOIKN.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\FENIVHOIKN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\JSDNGYCOWY.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\JSDNGYCOWY.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\BPMLNOBVSB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\BPMLNOBVSB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\KZWFNRXYKI.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\KZWFNRXYKI.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\NEBFQQYWPS.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\NEBFQQYWPS.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\QNCYCDFIJJ.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\QNCYCDFIJJ.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\UOOJJOZIRH.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\UOOJJOZIRH.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\WKXEWIOTXI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\KZWFNRXYKI\WKXEWIOTXI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\JSDNGYCOWY.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\JSDNGYCOWY.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\KZWFNRXYKI.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\KZWFNRXYKI.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\LTKMYBSEYZ.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\LTKMYBSEYZ.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\NWTVCDUMOB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\NWTVCDUMOB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\WUTJSCBCFX.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\WUTJSCBCFX.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\YPSIACHYXW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\LTKMYBSEYZ\YPSIACHYXW.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NEBFQQYWPS.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NEBFQQYWPS.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NWTVCDUMOB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\NWTVCDUMOB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\QNCYCDFIJJ.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\QNCYCDFIJJ.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\RAYHIWGKDI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\RAYHIWGKDI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SFPUSAFIOL.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SFPUSAFIOL.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQRKHNBNYN.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\SQRKHNBNYN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\UOOJJOZIRH.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\UOOJJOZIRH.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WKXEWIOTXI.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WKXEWIOTXI.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WKXEWIOTXI.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WKXEWIOTXI.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WKXEWIOTXI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WKXEWIOTXI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\BPMLNOBVSB.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\BPMLNOBVSB.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\FENIVHOIKN.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\FENIVHOIKN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\KZWFNRXYKI.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\KZWFNRXYKI.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\WKXEWIOTXI.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\WKXEWIOTXI.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\WUTJSCBCFX.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\WUTJSCBCFX.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\ZBEDCJPBEY.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\WUTJSCBCFX\ZBEDCJPBEY.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\RAYHIWGKDI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\RAYHIWGKDI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\SFPUSAFIOL.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\SFPUSAFIOL.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\SQRKHNBNYN.png
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\SQRKHNBNYN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\WKXEWIOTXI.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\WKXEWIOTXI.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\YPSIACHYXW.docx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\YPSIACHYXW.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\ZBEDCJPBEY.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\YPSIACHYXW\ZBEDCJPBEY.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\ZBEDCJPBEY.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Documents\ZBEDCJPBEY.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Documents\ZBEDCJPBEY.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Documents\ZBEDCJPBEY.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BPMLNOBVSB.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BPMLNOBVSB.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BPMLNOBVSB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\BPMLNOBVSB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\FENIVHOIKN.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\FENIVHOIKN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\JSDNGYCOWY.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\JSDNGYCOWY.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\KZWFNRXYKI.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\KZWFNRXYKI.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\KZWFNRXYKI.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\KZWFNRXYKI.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\KZWFNRXYKI.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\KZWFNRXYKI.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\LTKMYBSEYZ.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\LTKMYBSEYZ.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NEBFQQYWPS.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NEBFQQYWPS.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NWTVCDUMOB.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\NWTVCDUMOB.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\QNCYCDFIJJ.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\QNCYCDFIJJ.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\RAYHIWGKDI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\RAYHIWGKDI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\SFPUSAFIOL.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\SFPUSAFIOL.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\SQRKHNBNYN.png
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\SQRKHNBNYN.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\UOOJJOZIRH.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\UOOJJOZIRH.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WKXEWIOTXI.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WKXEWIOTXI.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WKXEWIOTXI.mp3
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WKXEWIOTXI.mp3.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WKXEWIOTXI.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WKXEWIOTXI.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WUTJSCBCFX.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WUTJSCBCFX.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WUTJSCBCFX.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\WUTJSCBCFX.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\YPSIACHYXW.docx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\YPSIACHYXW.docx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\YPSIACHYXW.jpg
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\YPSIACHYXW.jpg.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\ZBEDCJPBEY.pdf
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\ZBEDCJPBEY.pdf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\ZBEDCJPBEY.xlsx
|
data
|
dropped
|
||
|
C:\Users\user\Downloads\ZBEDCJPBEY.xlsx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Amazon.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Amazon.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Bing.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Bing.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Facebook.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Facebook.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Google.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Google.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Live.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Live.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\NYTimes.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\NYTimes.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Reddit.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Reddit.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Twitter.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Twitter.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Wikipedia.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Wikipedia.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Youtube.url
|
data
|
dropped
|
||
|
C:\Users\user\Favorites\Youtube.url.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Adobe\Acrobat\DC\AdobeCMapFnt19.lst.uyro (copy)
|
PostScript document text
|
dropped
|
||
|
C:\Users\user\Local Settings\Adobe\Acrobat\DC\IconCacheRdr65536.dat.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Adobe\Color\ACECache11.lst.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Comms\UnistoreDB\USS.jcp.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Comms\UnistoreDB\USSres00001.jrs.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Comms\UnistoreDB\USSres00002.jrs.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Comms\UnistoreDB\USStmp.jtx.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\ConnectedDevicesPlatform\CDPGlobalSettings.cdp.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Google\Chrome\User Data\CrashpadMetrics-active.pma.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\IconCache.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\CLR_v2.0\UsageLogs\addinutil.exe.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\CLR_v2.0_32\UsageLogs\unarchiver.exe.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\CLR_v4.0\UsageLogs\sdiagnhost.exe.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\CLR_v4.0_32\UsageLogs\NGenTask.exe.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\CLR_v4.0_32\ngen.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\DomainSuggestions\en-US.1.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\IECompatData\iecompatdata.xml.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\VersionManager\versionlist.xml.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\brndlog.txt.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\ie4uinit-ClearIconCache.log.uyro (copy)
|
Unicode text, UTF-16, little-endian text, with very long lines (416), with no line terminators
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Internet Explorer\ie4uinit-UserConfig.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\AppBlue.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\AppErrorBlue.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\AppErrorWhite.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\AppWhite.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\AutoPlayOptIn.gif.uyro (copy)
|
GIF image data 32437 x 10601
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\AutoPlayOptIn.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\ElevatedAppBlue.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\ElevatedAppWhite.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\Error.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\ErrorPage.html.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\KFMHeroToast.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\KFMLockedFileToast.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\KFMScanExclusionToast.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\LoadingPage.html.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\OneDrive.VisualElementsManifest.xml.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\OneDriveLogo.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\QuotaCritical.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\QuotaError.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\QuotaNearing.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\Resources.pri.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\SaveApplicationEventLogs.wsf.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\ScreenshotOptIn.gif.uyro (copy)
|
GIF image data 8837
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\TestSharePage.html.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\Warning.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\alertIcon.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\19.086.0502.0006\vaultIntro.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\OneDrive\setup\ECSConfig.json.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\PenWorkspace\DiscoverCacheData.dat.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28\Policy.vpol.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_00.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_01.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_02.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_03.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_04.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_05.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_06.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_07.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows Live\Bici\_08.sqm.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\1033\StructuredQuerySchema.bin.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\microsoft-skydrive-desktop_16_0.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_11_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_17_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_22_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_23_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_27_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_37_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_38_0.png.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\ActionCenterCache\windows-systemtoast-securityandmaintenance_9_0.png.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\cversions.1.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\cversions.3.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Caches\{0A0496DA-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db.uyro
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\ExplorerStartupLog.etl.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\ExplorerStartupLog_RunOnce.etl.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_1280.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_1920.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_2560.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_768.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_96.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_custom_stream.db.uyro (copy)
|
GeoSwath RDF
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_exif.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_sr.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_wide.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\iconcache_wide_alternate.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_1280.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_1920.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_2560.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_768.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_custom_stream.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_exif.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_sr.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_wide.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\Explorer\thumbcache_wide_alternate.db.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V01.chk.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V0100009.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V010000A.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V010000B.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V01res00001.jrs.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V01res00002.jrs.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Microsoft\Windows\WebCache\V01tmp.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\1527c705-839a-4832-9118-54d4Bd6a0c89_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\E2A4F912-2574-4A75-9BB0-0D023378592B_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\InputApp_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.AccountsControl_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.AsyncTextService_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.BioEnrollment_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.CredDialogHost_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.ECApp_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.GetHelp_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Getstarted_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.LockApp_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Messaging_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Microsoft3DViewer_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MicrosoftEdgeDevToolsClient_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Office.OneNote_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.OneConnect_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.PPIProjection_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.People_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Print3D_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.StorePurchaseApp_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Wallet_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WebMediaExtensions_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Win32WebViewHost_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.CapturePicker_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1.uyro
(copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.OOBENetworkCaptivePortal_cw5n1h2txyewy\Settings\settings.dat.uyro
(copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.OOBENetworkConnectionFlow_cw5n1h2txyewy\Settings\settings.dat.uyro
(copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.ParentalControls_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite-wal.uyro (copy)
|
SQLite Write-Ahead Log, version 14580171
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\MediaDb.v1.sqlite.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.PinningConfirmationDialog_cw5n1h2txyewy\Settings\settings.dat.uyro
(copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsCalculator_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsCamera_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsMaps_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.Xbox.TCUI_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxApp_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxGameOverlay_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxIdentityProvider_8wekyb3d8bbwe\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxIdentityProvider_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.XboxSpeechToTextOverlay_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Windows.CBSPreview_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\Windows.PrintDialog_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxStore.hxd.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat.LOG1.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Packages\windows.immersivecontrolpanel_cw5n1h2txyewy\Settings\settings.dat.uyro (copy)
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\Local Settings\Temp\AdobeARM.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Temp\JavaDeployReg.log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\Temp\SetupExe(2020072310200717D0).log.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\Local Settings\bowsakkdestx.txt.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\SendTo\Bluetooth File Transfer.LNK.uyro (copy)
|
data
|
dropped
|
||
|
C:\Users\user\SendTo\Desktop (create shortcut).DeskLink.uyro (copy)
|
data
|
dropped
|
There are 1321 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\U59WtZz2Sg.exe
|
C:\Users\user\Desktop\U59WtZz2Sg.exe
|
|
|
|
C:\Users\user\Desktop\U59WtZz2Sg.exe
|
C:\Users\user\Desktop\U59WtZz2Sg.exe
|
|
|
|
C:\Users\user\Desktop\U59WtZz2Sg.exe
|
"C:\Users\user\Desktop\U59WtZz2Sg.exe" --Admin IsNotAutoStart IsNotTask
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe --Task
|
|
|
|
C:\Users\user\Desktop\U59WtZz2Sg.exe
|
"C:\Users\user\Desktop\U59WtZz2Sg.exe" --Admin IsNotAutoStart IsNotTask
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe --Task
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
"C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build2.exe
|
"C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build2.exe"
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
"C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build2.exe
|
"C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build2.exe"
|
|
|
|
C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build3.exe
|
"C:\Users\user\AppData\Local\81bc8e9b-9d47-41ad-b82b-bbc3ff54a6de\build3.exe"
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
/C /create /F /sc minute /mo 1 /tn "Azure-Update-Task" /tr "C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
|
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
/C /create /F /sc minute /mo 1 /tn "Azure-Update-Task" /tr "C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe"
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
"C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe" --AutoStart
|
|
|
|
C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe
|
"C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a\U59WtZz2Sg.exe" --AutoStart
|
|
|
|
C:\Windows\SysWOW64\icacls.exe
|
icacls "C:\Users\user\AppData\Local\439dd104-1941-4ae6-af5f-8afc23993f7a" /deny *S-1-1-0:(OI)(CI)(DE,DC)
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WMIADAP.exe
|
wmiadap.exe /F /T /R
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://uaery.top/dl/build2.exeJ_
|
unknown
|
|
|
|
http://uaery.top/dl/build2.exe
|
116.121.62.237
|
|
|
|
https://we.tl/t-5UcwRdS3ED
|
unknown
|
|
|
|
https://we.tl/t-5UcwRdS3
|
unknown
|
|
|
|
http://uaery.top/dl/build2.exe$run
|
unknown
|
|
|
|
http://fresherlights.com/test1/get.php
|
|
||
|
http://fresherlights.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54&first=true
|
222.236.49.123
|
|
|
|
http://uaery.top/dl/build2.exerunk6
|
unknown
|
|
|
|
https://mail.google.com/mail/?usp=installed_webapp
|
unknown
|
||
|
http://fresherlights.com/files/1/build3.exerun
|
unknown
|
||
|
http://searchads.msn.net/.cfm?&&kp=1&
|
unknown
|
||
|
https://t.me/asifrazatg
|
149.154.167.99
|
||
|
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=chrom322;cat=chrom01g;ord=58648497779
|
unknown
|
||
|
http://www.inkscape.org/)
|
unknown
|
||
|
https://www.youtube.com/:
|
unknown
|
||
|
https://mail.google.com/mail/
|
unknown
|
||
|
https://deff.nelreports.net/api/report?cat=msn
|
unknown
|
||
|
https://docs.google.com/document/B
|
unknown
|
||
|
https://mail.google.com/mail/:
|
unknown
|
||
|
https://docs.google.com/
|
unknown
|
||
|
https://docs.google.com/document/:
|
unknown
|
||
|
https://www.google.com/chrome/
|
unknown
|
||
|
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=clien612;cat=chromx;ord=1;num=3931852
|
unknown
|
||
|
https://aka.ms/AA23z1a
|
unknown
|
||
|
https://res-a.akamaihd.net/__media__/pics/8000/72/941/fallback1.jpg
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
http://www.msn.com/?ocid=iehp
|
unknown
|
||
|
https://mail.google.com/mail/B
|
unknown
|
||
|
https://api.2ip.ua/geo.json=P
|
unknown
|
||
|
https://drive.google.com/?lfhs=2
|
unknown
|
||
|
https://onedrive.live.com/about/en-us/0
|
unknown
|
||
|
https://api.2ip.ua/geo.jsongP
|
unknown
|
||
|
https://www.youtube.com/s/notifications/manifest/cr_install.html
|
unknown
|
||
|
https://www.youtube.com/B
|
unknown
|
||
|
http://www.reddit.com/
|
unknown
|
||
|
http://www.qt.io/contact-us.
|
unknown
|
||
|
https://www.youtube.com/?feature=ytca
|
unknown
|
||
|
http://www.ecma-international.org/ecma-262/5.1/#sec-C
|
unknown
|
||
|
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
|
unknown
|
||
|
https://www.google.com/chrome/application/x-msdownloadC:
|
unknown
|
||
|
http://88.198.94.71/176356074953.zip
|
88.198.94.71
|
||
|
https://docs.google.com/presentation/
|
unknown
|
||
|
http://www.gnu.org/licenses/gpl-2.0.html.
|
unknown
|
||
|
https://payments.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
https://www.gnu.org/licenses/lgpl.html.
|
unknown
|
||
|
https://api.2ip.ua/geo.jsonl
|
unknown
|
||
|
https://contextual.media.net/medianet.php?cid=8CU157172&crid=858412214&size=306x271&https=1
|
unknown
|
||
|
http://fresherlights.com/files/1/build3.exe(
|
unknown
|
||
|
https://api.2ip.ua/geo.jsonk
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
http://www.msn.com/
|
unknown
|
||
|
https://docs.google.com/spreadsheets/
|
unknown
|
||
|
https://api.2ip.ua/geo.json=
|
unknown
|
||
|
http://fresherlights.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54&first=trueW
|
unknown
|
||
|
https://api.2ip.ua/B
|
unknown
|
||
|
http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
|
unknown
|
||
|
https://api.2ip.ua/geo.json5
|
unknown
|
||
|
http://aka.ms/rmssdk)
|
unknown
|
||
|
http://www.youtube.com/
|
unknown
|
||
|
https://dl.google.com/tag/s/appguid%3D%7B8A69D345-D564-463C-AFF1-A69D9E530F96%7D%26iid%3D%7BE6B7572D
|
unknown
|
||
|
https://www.google.com/chrome/thank-you.html?statcb=0&installdataindex=empty&defaultbrowser=02Google
|
unknown
|
||
|
http://www.qt.io/terms-conditions.
|
unknown
|
||
|
http://www.openssl.org/)
|
unknown
|
||
|
http://www.inkscape.org/namespaces/inkscape
|
unknown
|
||
|
https://www.google.com/
|
unknown
|
||
|
https://docs.google.com/document/
|
unknown
|
||
|
http://www.qt.io/licensing/
|
unknown
|
||
|
https://mail.google.com/mail/installwebapp?usp=chrome_default
|
unknown
|
||
|
https://drive.google.com/drive/installwebapp?usp=chrome_default
|
unknown
|
||
|
http://88.198.94.71/
|
88.198.94.71
|
||
|
https://www.google.com/chrome/static/images/favicons/favicon-16x16.png
|
unknown
|
||
|
http://www.amazon.com/
|
unknown
|
||
|
https://docs.google.com/presentation/B
|
unknown
|
||
|
https://docs.google.com/document/installwebapp?usp=chrome_default
|
unknown
|
||
|
https://sandbox.google.com/payments/v4/js/integrator.js
|
unknown
|
||
|
http://www.twitter.com/
|
unknown
|
||
|
https://docs.google.com/presentation/:
|
unknown
|
||
|
https://docs.google.com/presentation/installwebapp?usp=chrome_default
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
|
unknown
|
||
|
https://docs.google.com/spreadsheets/?usp=installed_webapp
|
unknown
|
||
|
https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e
|
unknown
|
||
|
https://docs.google.com/spreadsheets/B
|
unknown
|
||
|
http://aka.ms/sia
|
unknown
|
||
|
https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8HBI57XIG&prvid=77%2
|
unknown
|
||
|
http://fresherlights.com/files/1/build3.exe$run
|
unknown
|
||
|
https://docs.google.com/spreadsheets/:
|
unknown
|
||
|
http://www.freetype.org
|
unknown
|
||
|
https://www.google.com/chrome/thank-you.html?statcb=0&installdataindex=empty&defaultbrowser=0
|
unknown
|
||
|
http://facebook.github.io/react/docs/error-decoder.html?invariant
|
unknown
|
||
|
http://www.nytimes.com/
|
unknown
|
||
|
https://drive.google.com/:
|
unknown
|
||
|
https://api.2ip.ua/
|
unknown
|
||
|
http://aka.ms/rmsfaq)
|
unknown
|
||
|
https://adservice.google.com/ddm/fls/i/src=2542116;type=chrom322;cat=chrom01g;ord=5864849777998;gtm=
|
unknown
|
||
|
http://88.198.94.71/517
|
88.198.94.71
|
||
|
https://adservice.google.co.uk/ddm/fls/i/src=2542116;type=chrom322;cat=chrom01g;ord=5864849777998;gt
|
unknown
|
||
|
https://api.2ip.ua/geo.json
|
162.0.217.254
|
||
|
https://aka.ms/Vh5j3k
|
unknown
|
||
|
http://creativecommons.org/ns#
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
uaery.top
|
116.121.62.237
|
|
|
|
fresherlights.com
|
222.236.49.123
|
|
|
|
t.me
|
149.154.167.99
|
||
|
api.2ip.ua
|
162.0.217.254
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
116.121.62.237
|
uaery.top
|
Korea Republic of
|
|
|
|
222.236.49.123
|
fresherlights.com
|
Korea Republic of
|
|
|
|
88.198.94.71
|
unknown
|
Germany
|
||
|
162.0.217.254
|
api.2ip.ua
|
Canada
|
||
|
149.154.167.99
|
t.me
|
United Kingdom
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
|
SysHelper
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
|
SysHelper
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2220000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2280000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
20D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
21A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
3060000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
21E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2230000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4D8000
|
unkown
|
page readonly
|
||
|
306C000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
remote allocation
|
page read and write
|
||
|
2FB9000
|
trusted library allocation
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
2F8A000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3464000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
677000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
20F0F323000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
80E000
|
stack
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
26F40000
|
trusted library allocation
|
page read and write
|
||
|
2A4D000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3007000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
F5F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
5BE000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
93BD000
|
stack
|
page read and write
|
||
|
27840000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20F0F220000
|
unkown
|
page read and write
|
||
|
B95000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4D6000
|
unkown
|
page read and write
|
||
|
61ED3000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
20EF000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
5B0000
|
direct allocation
|
page read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
3193000
|
trusted library allocation
|
page read and write
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
32C9000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
31B4000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
30B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
687000
|
heap
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
2105000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
26F67000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
3218000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
84E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
319B000
|
trusted library allocation
|
page read and write
|
||
|
473000
|
unkown
|
page readonly
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
71F000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31B4000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
2C7A000
|
stack
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
274F000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
B7DFEF9000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
C1E000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
2B4E000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
B70000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
410000
|
unkown
|
page execute read
|
||
|
890000
|
heap
|
page read and write
|
||
|
681000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2CE0000
|
remote allocation
|
page read and write
|
||
|
32FF000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9EC000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
A6F000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
26F66000
|
trusted library allocation
|
page read and write
|
||
|
26F6D000
|
trusted library allocation
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
262F000
|
stack
|
page read and write
|
||
|
1A38E000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9D000
|
stack
|
page read and write
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
B7DFBFE000
|
stack
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20F0F513000
|
heap
|
page read and write
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
7FE000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3238000
|
trusted library allocation
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
861000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
53A000
|
heap
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
30B0000
|
remote allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3027000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31C9000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3027000
|
trusted library allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
2B4A000
|
stack
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
1A4CE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3005000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
723000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
32AD000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
F6A000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
470000
|
unkown
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
827000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2F6C000
|
stack
|
page read and write
|
||
|
4D6000
|
unkown
|
page read and write
|
||
|
45A000
|
remote allocation
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2FB2000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1A34F000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
410000
|
unkown
|
page execute read
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
4D6000
|
unkown
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
26F72000
|
trusted library allocation
|
page read and write
|
||
|
F61E000
|
stack
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
43D000
|
unkown
|
page read and write
|
||
|
473000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
306F000
|
direct allocation
|
page read and write
|
||
|
B7DFDFE000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
412000
|
unkown
|
page write copy
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
5EE000
|
stack
|
page read and write
|
||
|
71F000
|
stack
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
26F6F000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
95F000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3199000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3363000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
7FF000
|
stack
|
page read and write
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
61E00000
|
direct allocation
|
page execute and read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
32AD000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
32B0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
EE5000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page execute read
|
||
|
520000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
276F000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20F0EFD0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
731000
|
heap
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
716000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
674000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FAF000
|
trusted library allocation
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
6F3000
|
heap
|
page read and write
|
||
|
322B000
|
trusted library allocation
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
EE3000
|
unkown
|
page readonly
|
||
|
2410000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
61ECC000
|
direct allocation
|
page read and write
|
||
|
90E000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
71E000
|
heap
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
1A8BE000
|
stack
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1AD50000
|
unclassified section
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
617000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3248000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
300D000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
339C000
|
trusted library allocation
|
page read and write
|
||
|
26F6D000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
25FF000
|
stack
|
page read and write
|
||
|
3186000
|
trusted library allocation
|
page read and write
|
||
|
86F000
|
stack
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
81F000
|
stack
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
31BB000
|
trusted library allocation
|
page read and write
|
||
|
20F0F300000
|
trusted library allocation
|
page read and write
|
||
|
31A3000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
26F66000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3062000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
17B000
|
stack
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
322E000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1A61E000
|
stack
|
page read and write
|
||
|
28CF000
|
stack
|
page read and write
|
||
|
323F000
|
trusted library allocation
|
page read and write
|
||
|
3376000
|
trusted library allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9600000
|
trusted library allocation
|
page read and write
|
||
|
45A000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
273F000
|
stack
|
page read and write
|
||
|
4AA000
|
heap
|
page read and write
|
||
|
3003000
|
trusted library allocation
|
page read and write
|
||
|
2D1E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2B7D000
|
stack
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3062000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4A3000
|
unkown
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
6A1000
|
heap
|
page read and write
|
||
|
94BD000
|
stack
|
page read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
908000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
30B0000
|
heap
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
2520000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
325A000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
61ED0000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3015000
|
trusted library allocation
|
page read and write
|
||
|
2FB9000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3336000
|
trusted library allocation
|
page read and write
|
||
|
323E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3195000
|
trusted library allocation
|
page read and write
|
||
|
B7DF7AD000
|
stack
|
page read and write
|
||
|
21B0000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
2FFF000
|
trusted library allocation
|
page read and write
|
||
|
330D000
|
trusted library allocation
|
page read and write
|
||
|
72E000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
319B000
|
trusted library allocation
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3007000
|
trusted library allocation
|
page read and write
|
||
|
B7DFEFE000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9DB000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
27810000
|
remote allocation
|
page read and write
|
||
|
318A000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
3247000
|
trusted library allocation
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
26F62000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31D9000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1AB2F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
26DBB000
|
trusted library allocation
|
page read and write
|
||
|
B91000
|
unkown
|
page execute read
|
||
|
412000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2FF7000
|
trusted library allocation
|
page read and write
|
||
|
689000
|
heap
|
page read and write
|
||
|
31A7000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
20F0F315000
|
trusted library allocation
|
page read and write
|
||
|
27CE000
|
stack
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
61E01000
|
direct allocation
|
page execute read
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
32DC000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
818000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
2FEA000
|
trusted library allocation
|
page read and write
|
||
|
2B8D000
|
stack
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FA7000
|
trusted library allocation
|
page read and write
|
||
|
8DC000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3021000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
278E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2770D000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31E9000
|
trusted library allocation
|
page read and write
|
||
|
723000
|
heap
|
page read and write
|
||
|
2F80000
|
trusted library allocation
|
page read and write
|
||
|
31AC000
|
trusted library allocation
|
page read and write
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
9660000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2FA1000
|
trusted library allocation
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3181000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
51A000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3380000
|
trusted library allocation
|
page read and write
|
||
|
93C000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
318D000
|
trusted library allocation
|
page read and write
|
||
|
2FD6000
|
trusted library allocation
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
31E4000
|
trusted library allocation
|
page read and write
|
||
|
80F000
|
stack
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
B93000
|
unkown
|
page readonly
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
32AE000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20F0F030000
|
heap
|
page read and write
|
||
|
6C6000
|
heap
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
B91000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
401000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3026000
|
trusted library allocation
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
20F0F228000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
89C000
|
heap
|
page read and write
|
||
|
31B4000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
473000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page execute read
|
||
|
473000
|
unkown
|
page readonly
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
2660000
|
heap
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
1A9BF000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
61ED4000
|
direct allocation
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3222000
|
trusted library allocation
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20EF000
|
stack
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
B67000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4A3000
|
unkown
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
321E000
|
trusted library allocation
|
page read and write
|
||
|
26F50000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
2FD7000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
3066000
|
direct allocation
|
page read and write
|
||
|
685000
|
heap
|
page read and write
|
||
|
31E4000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
329C000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
33F5000
|
trusted library allocation
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
1AC4F000
|
trusted library allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
894000
|
heap
|
page read and write
|
||
|
27250000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
266E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
300C000
|
trusted library allocation
|
page read and write
|
||
|
218B000
|
trusted library allocation
|
page execute and read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
20F0F302000
|
trusted library allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
1A9F0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1A20F000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
B94000
|
unkown
|
page read and write
|
||
|
23C0000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1A9F0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
7EA000
|
heap
|
page read and write
|
||
|
5B8000
|
heap
|
page read and write
|
||
|
3077000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
DB7000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
3381000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3004000
|
trusted library allocation
|
page read and write
|
||
|
85E000
|
stack
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
4E6000
|
heap
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
64E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
538000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
32BA000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
322D000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
2C7A000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
334F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2FAA000
|
trusted library allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
6CF000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1FEE000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
27730000
|
heap
|
page read and write
|
||
|
306F000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
301E000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3019000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
31C9000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
26F70000
|
trusted library allocation
|
page read and write
|
||
|
2FB2000
|
trusted library allocation
|
page read and write
|
||
|
473000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3248000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
302D000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
703000
|
heap
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
B95000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2CE0000
|
remote allocation
|
page read and write
|
||
|
2C7E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31AA000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
9AD000
|
stack
|
page read and write
|
||
|
301C000
|
trusted library allocation
|
page read and write
|
||
|
2B7D000
|
stack
|
page read and write
|
||
|
2780B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
703000
|
heap
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
31A3000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
2B0F000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
6C5000
|
heap
|
page read and write
|
||
|
287F000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
210E000
|
trusted library allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
3182000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3062000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
5C7000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
870000
|
heap
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
4B9000
|
heap
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3518000
|
trusted library allocation
|
page read and write
|
||
|
8AD000
|
heap
|
page read and write
|
||
|
B0F000
|
stack
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
2FFC000
|
trusted library allocation
|
page read and write
|
||
|
3008000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
28CE000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3381000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
EE3000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
276A0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
412000
|
unkown
|
page write copy
|
||
|
1A9F0000
|
remote allocation
|
page read and write
|
||
|
2FFE000
|
trusted library allocation
|
page read and write
|
||
|
717000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
688000
|
heap
|
page read and write
|
||
|
3336000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20F0F502000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20F0F500000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20F0F213000
|
unkown
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page read and write
|
||
|
3063000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20F3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D6000
|
unkown
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
EE4000
|
unkown
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
1A48F000
|
stack
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3007000
|
trusted library allocation
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
20FB000
|
trusted library allocation
|
page execute and read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3230000
|
trusted library allocation
|
page read and write
|
||
|
91F000
|
heap
|
page read and write
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
3336000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3011000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
33C5000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
91F000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
86A000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3213000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3372000
|
trusted library allocation
|
page read and write
|
||
|
23B0000
|
direct allocation
|
page read and write
|
||
|
89A000
|
heap
|
page read and write
|
||
|
8F4000
|
heap
|
page read and write
|
||
|
615000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
26E40000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
EE1000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
678000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20F0F413000
|
heap
|
page read and write
|
||
|
20F0F402000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2CE0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
4A3000
|
unkown
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
71E000
|
heap
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
EE0000
|
unkown
|
page readonly
|
||
|
610000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
F60000
|
heap
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9C000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
308A000
|
stack
|
page read and write
|
||
|
275A1000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3017000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
27DC2000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
306F000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
19E000
|
stack
|
page read and write
|
||
|
10CA000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
85B000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2FFD000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
87D000
|
heap
|
page read and write
|
||
|
57E000
|
stack
|
page read and write
|
||
|
2B3B000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
20F0EFC0000
|
heap
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
26F62000
|
trusted library allocation
|
page read and write
|
||
|
3193000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
89F000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
333D000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
45A000
|
remote allocation
|
page execute and read and write
|
||
|
1A71E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1A87A000
|
stack
|
page read and write
|
||
|
BDE000
|
stack
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
B6F000
|
stack
|
page read and write
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
26F73000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
87E000
|
stack
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
90E000
|
heap
|
page read and write
|
||
|
3229000
|
trusted library allocation
|
page read and write
|
||
|
2E31000
|
heap
|
page read and write
|
||
|
3326000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
32C1000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
323C000
|
trusted library allocation
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3181000
|
trusted library allocation
|
page read and write
|
||
|
193000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
318B000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
2EFE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
3013000
|
trusted library allocation
|
page read and write
|
||
|
6CD000
|
heap
|
page read and write
|
||
|
4A3000
|
unkown
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3050000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
82E000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1A77D000
|
stack
|
page read and write
|
||
|
196000
|
stack
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
8C6000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
318A000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
20F0F202000
|
unkown
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
6EE000
|
stack
|
page read and write
|
||
|
3578000
|
trusted library allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
26D79000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
86A000
|
heap
|
page read and write
|
||
|
2B3A000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
61EB4000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1AA2E000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
115F000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
667000
|
heap
|
page read and write
|
||
|
2C8A000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
70A000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
20F0F222000
|
unkown
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
276C0000
|
heap
|
page read and write
|
||
|
91C000
|
heap
|
page read and write
|
||
|
2780F000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
30000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
530000
|
heap
|
page read and write
|
||
|
1A24E000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
288F000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
32F1000
|
trusted library allocation
|
page read and write
|
||
|
4D6000
|
unkown
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2F5E000
|
stack
|
page read and write
|
||
|
732000
|
heap
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
8FD000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3004000
|
trusted library allocation
|
page read and write
|
||
|
547000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1A5CF000
|
stack
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2FB3000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2FED000
|
trusted library allocation
|
page read and write
|
||
|
318D000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
6FD000
|
heap
|
page read and write
|
||
|
A3B000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
410000
|
unkown
|
page execute read
|
||
|
21B0000
|
heap
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
29CF000
|
stack
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3196000
|
trusted library allocation
|
page read and write
|
||
|
1FEE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
31EA000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3024000
|
trusted library allocation
|
page read and write
|
||
|
2FAF000
|
trusted library allocation
|
page read and write
|
||
|
8DE000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3006000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
3226000
|
trusted library allocation
|
page read and write
|
||
|
8CA000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
B7DFCFF000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3248000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
723000
|
heap
|
page read and write
|
||
|
61EB7000
|
direct allocation
|
page readonly
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
322C000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
26D40000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
473000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B90000
|
unkown
|
page readonly
|
||
|
31C4000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
341C000
|
trusted library allocation
|
page read and write
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
F51E000
|
stack
|
page read and write
|
||
|
2220000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
83E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
92F000
|
stack
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
52B000
|
remote allocation
|
page execute and read and write
|
||
|
2773A000
|
heap
|
page read and write
|
||
|
31C1000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
306A000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
275A0000
|
heap
|
page read and write
|
||
|
878000
|
heap
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3181000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
26D4C000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
6AC000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
26C21000
|
trusted library allocation
|
page read and write
|
||
|
3309000
|
trusted library allocation
|
page read and write
|
||
|
EE5000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
20CB1000
|
trusted library allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
529000
|
remote allocation
|
page execute and read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
32F4000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
732000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
318F000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
2FF5000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
A1F000
|
stack
|
page read and write
|
||
|
3362000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
unkown
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2F70000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
20F0F200000
|
unkown
|
page read and write
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
26F75000
|
trusted library allocation
|
page read and write
|
||
|
31BD000
|
trusted library allocation
|
page read and write
|
||
|
3186000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
B93000
|
unkown
|
page readonly
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
AEF000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
9DC000
|
stack
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
B4E000
|
stack
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page execute read
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
412000
|
unkown
|
page write copy
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1862F000
|
stack
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
724000
|
heap
|
page read and write
|
||
|
61ECD000
|
direct allocation
|
page readonly
|
||
|
321E000
|
trusted library allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
680000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
4D8000
|
unkown
|
page readonly
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2E30000
|
remote allocation
|
page read and write
|
||
|
DA7000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page write copy
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
3060000
|
direct allocation
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
9630000
|
direct allocation
|
page read and write
|
||
|
307A000
|
direct allocation
|
page read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
direct allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1B0000
|
remote allocation
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
There are 1721 hidden memdumps, click here to show them.