Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 39, 1st free page 10, free
pages 4, cookie 0x45, schema 4, UTF-8, version-valid-for 3
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 28, cookie
0x1d, schema 4, UTF-8, version-valid-for 2
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\AppData\Roaming\1000051000\eb98fe5174.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\1000052000\53c7d901f1.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\AAAAECGHCBGCBFHIIDHI
|
ASCII text, with very long lines (1809), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\BFHDAEHDAKECGCAKFCFI
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\ECBAEBGH
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie
0x21, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\HCGCBFHCFCFBFIEBGHJECGHCFI
|
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\HDAFIIDAKJDGDHIDAKJJ
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie
0xb, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\ProgramData\IIJEBAECGCBKECAAAEBFBGHJJE
|
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version
2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\ProgramData\JDBFIIEB
|
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie
0x24, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\ProgramData\KKJDGDHIDBGIECBGHJDBAAKJDH
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 11
|
dropped
|
||
|
C:\ProgramData\freebl3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\mozglue.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\msvcp140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\nss3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\softokn3.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\vcruntime140.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\057ea00c-79af-43a3-bc67-5e853f7f9be8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\09370d44-6957-4eec-9aec-dfc68b988f16.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\66800bc1-67ac-4953-a0af-959bf08cddb8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3DADA-1FF8.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3DADB-1568.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\058465db-01e3-4f73-9e7e-d54d98227187.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\1adee57f-afc3-4ab0-aca4-df804fdcaa5f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\3e1f47b9-e68d-4ae1-97bb-a6d7cd5831e2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\52abeaca-2c68-45c3-9d34-6f025c8b9f85.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\90319d6d-50ea-4063-b2a4-d684c7ec80b9.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
|
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie
0x8, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\0bee317f-270e-40d8-9d38-4e959e97b7f5.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\2341597b-5cd3-4b4f-a9d4-25d3e442aab6.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\5520d1da-520a-4c55-9901-32bc1256acb1.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF3c4e7.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\f8139160-f5a1-495b-a221-7153af596bf2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF453c9.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF422f5.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\0d44eb04-83d7-46b6-9152-c1864c532a5b.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c60417b7-c0bf-4401-93be-8e284a53a481.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\e9866b75-f1cb-49a1-b6b2-ce47817663ec.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\cb7e708e-17dc-4224-9140-d1a436b5e074.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3b632.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3b7d7.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3b835.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3df45.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF40868.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF446f8.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\b8f64198-15bf-47fb-8583-a08e4af0a4da.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\cba0dcf9-e923-48b5-845c-6cbd95e7e3ea.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\e2ee47ba-5606-46b4-91ae-8e400346dd0e.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\e4118a48-e13c-4aac-9602-80db50bc4dbb.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ebb984a3-141b-45ee-9374-6c78496ab289.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ff11b226-6867-4072-b4a0-6fc9dceaf8e7.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0cd80ba7-d14d-4bcb-877d-f2a9da30b906.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\36d0e254-15ae-4dbe-9f38-d7623fffd484.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3f8e383f-2eab-4cd9-aac3-23a5b6fbb57f.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4bb9a6d6-a96a-455b-a732-dbc69aad42f0.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6cd9a2dd-751d-4878-894d-beb9659b9b1a.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\76b5d917-568c-4aeb-9c4e-c8c394e734ad.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\89a80bc4-713b-4fd5-9f33-5beeebdfcb61.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\60a151a9-6044-4cbb-8aa4-6958b6a7ece2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3DAED-C20.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3DAF6-DB8.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3DAFE-1F08.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\62ac867d-7059-4a6a-b8ca-075af05c023c.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\77ec836c-fdd9-447f-86c6-81e514f59401.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\90f50751-1d6b-4a8c-8ef5-9ae2ed07aa21.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\93bd589d-016f-4304-8f0e-f2c826ab3025.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0b27e979-be90-4077-96f4-624d277de5ea.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7f57a6c9-4342-43c9-8af5-02db9cc61e2e.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\88b27d37-c3f6-4e48-822d-a0e2f97c56c8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9d533cbf-bc8e-4cae-9a39-52963c38e49d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF42d75.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF40701.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF417ba.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF42d84.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\bb30bd8c-b441-4d9e-a207-23de344eff7a.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ec3bde57-4413-4d3c-82ee-a7d909f2b0d6.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF44e3b.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\00a172d0-34bb-4a37-bb15-ecf040703bea.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports~RF417ba.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d5494e54-7044-4dc4-8a5f-af495bbeb5b2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\e7f611df-1733-445f-9b72-d0f63c469777.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, 1st free page 5, free pages
2, cookie 0x5, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 87, cookie
0x66, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d8c99fb9-d48a-4b89-a45c-e48db92f45c8.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40125.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40164.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF41f3c.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF41f4c.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF41f6b.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF41f7b.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF44022.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF44032.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cc6829cd-c4cb-4b2e-8bc6-f775a3c99dfe.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f0d360f9-7e02-4583-9701-7a507051ccf8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\random[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\freebl3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\mozglue[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\msvcp140[1].dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\nss3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\softokn3[1].dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\vcruntime140[1].dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\random[1].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\1000053001\8eb30d7f71.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\79c41a86-b9c8-4c0d-af72-2718544137a7.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\adb33330-df04-4a0a-a55a-54146745e171.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e931a81a-b83d-42d1-bda5-1d088f67d910.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\f4d2671a-378e-4455-9c48-8eba9115435b.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\af\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\am\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ar\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\az\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\be\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\bg\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\bn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ca\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\cs\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\cy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\da\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\de\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\el\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\en\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\en_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\en_GB\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\en_US\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\es\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\es_419\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\et\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\eu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\fa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\fi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\fil\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\fr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\fr_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\gl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\gu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\hi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\hr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\hu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\hy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\id\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\is\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\it\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\iw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ja\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ka\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\kk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\km\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\kn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ko\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\lo\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\lt\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\lv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ml\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\mn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\mr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ms\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\my\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ne\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\nl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\no\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\pa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\pl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\pt_BR\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\pt_PT\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ro\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ru\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\si\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\sk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\sl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\sr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\sv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\sw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ta\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\te\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\th\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\tr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\uk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\ur\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\vi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\zh_CN\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\zh_HK\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\zh_TW\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_locales\zu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\dasherSettingSchema.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\offscreendocument.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\offscreendocument_main.js
|
ASCII text, with very long lines (4369)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\page_embed_script.js
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\CRX_INSTALL\service_worker_bin_prod.js
|
ASCII text, with very long lines (4369)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1520866546\e931a81a-b83d-42d1-bda5-1d088f67d910.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1829533389\79c41a86-b9c8-4c0d-af72-2718544137a7.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1829533389\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1829533389\CRX_INSTALL\content.js
|
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1829533389\CRX_INSTALL\content_new.js
|
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir3104_1829533389\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\HFX9MDF7057M2ABSIGCL.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\MPR6GBBFJI4ST955S5LY.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-shm
|
data
|
dropped
|
||
|
C:\Windows\Tasks\explorti.job
|
data
|
dropped
|
There are 507 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
"C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
|
|
|
|
C:\Users\user\AppData\Roaming\1000051000\eb98fe5174.exe
|
"C:\Users\user\AppData\Roaming\1000051000\eb98fe5174.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\1000052000\53c7d901f1.exe
|
"C:\Users\user\AppData\Roaming\1000052000\53c7d901f1.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=2064,i,2067255111273932546,8949113653420219710,262144
--disable-features=TranslateUI /prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
--flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2616 --field-trial-handle=1980,i,18313026722689796995,6821314584092164517,262144
--disable-features=TranslateUI /prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4612 --field-trial-handle=1980,i,18313026722689796995,6821314584092164517,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7040 --field-trial-handle=1980,i,18313026722689796995,6821314584092164517,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6416 --field-trial-handle=1980,i,18313026722689796995,6821314584092164517,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6416 --field-trial-handle=1980,i,18313026722689796995,6821314584092164517,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=3056 --field-trial-handle=2840,i,12003501403383072226,2430536015777904389,262144
/prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4132 --field-trial-handle=2840,i,12003501403383072226,2430536015777904389,262144
/prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6108 --field-trial-handle=2840,i,12003501403383072226,2430536015777904389,262144
/prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6108 --field-trial-handle=2840,i,12003501403383072226,2430536015777904389,262144
/prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1160,i,17042684596641100279,13993029759771197311,262144
/prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1684 --field-trial-handle=2064,i,2036512315538271588,12735040485945945240,262144
/prefetch:3
|
|
|
|
C:\Users\user\AppData\Local\Temp\1000053001\8eb30d7f71.exe
|
"C:\Users\user\AppData\Local\Temp\1000053001\8eb30d7f71.exe"
|
There are 14 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.215.113.100/0d60be0de163924d/nss3.dllllo
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpion:
|
unknown
|
|
|
|
http://185.215.113.19/Vi9leo/index.phpHarddiskVolumef
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/vcruntime140.dll
|
185.215.113.100
|
|
|
|
http://185.215.113.100/ZkRm
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/msvcp140.dllP
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/nss3.dll5
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/nss3.dllK
|
unknown
|
|
|
|
http://185.215.113.100/
|
185.215.113.100
|
|
|
|
http://185.215.113.100/0d60be0de163924d/mozglue.dll
|
185.215.113.100
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phprowser
|
unknown
|
|
|
|
http://185.215.113.19/Vi9leo/index.php
|
185.215.113.19
|
|
|
|
http://185.215.113.100/0d60be0de163924d/nss3.dllY
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpmainnet
|
unknown
|
|
|
|
http://185.215.113.100
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/nss3.dllllG
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpm&
|
unknown
|
|
|
|
http://185.215.113.100/ws
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/nss3.dllll9
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phprofiles
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/sqlite3.dll
|
185.215.113.100
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpDq
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.php/
|
unknown
|
|
|
|
http://185.215.113.19/
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.php2
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpDu
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.php3
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/vcruntime140.dlld
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/nss3.dll
|
185.215.113.100
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.php#
|
unknown
|
|
|
|
http://185.215.113.100e2b1563c6670f193.phpion:
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpAECGHCBGCBFHIIDHI$3
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/vcruntime140.dllD
|
unknown
|
|
|
|
http://185.215.113.100/ocal
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/freebl3.dlla
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/mozglue.dllk
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.php
|
185.215.113.100
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpM
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/softokn3.dllA
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpU
|
unknown
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpE36
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/softokn3.dll
|
185.215.113.100
|
|
|
|
http://185.215.113.100/e2b1563c6670f193.phpA
|
unknown
|
|
|
|
http://185.215.113.100/0d60be0de163924d/freebl3.dll
|
185.215.113.100
|
|
|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://msn.com
|
unknown
|
||
|
https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phpAppDataB$
|
unknown
|
||
|
https://docs.google.com/
|
unknown
|
||
|
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.php26
|
unknown
|
||
|
https://myaccount.google.com/signinoptions/passwordC:
|
unknown
|
||
|
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
|
unknown
|
||
|
https://www.office.com/
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phpppData
|
unknown
|
||
|
http://185.215.113.16/well/random.exe
|
unknown
|
||
|
http://www.mozilla.com/en-US/blocklist/
|
unknown
|
||
|
https://mozilla.org0/
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK201621kbG1nY
|
unknown
|
||
|
http://185.215.113.16/steam/random.exeBH
|
unknown
|
||
|
https://drive-daily-2.corp.google.com/
|
unknown
|
||
|
https://drive-daily-4.corp.google.com/
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Ed1aWxkV
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17mluIFdhbGxldHxmbmpobWtoaG1rYm
|
unknown
|
||
|
https://www.ecosia.org/newtab/
|
unknown
|
||
|
https://drive-daily-1.corp.google.com/
|
unknown
|
||
|
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
|
unknown
|
||
|
https://drive-daily-5.corp.google.com/
|
unknown
|
||
|
https://www.google.com/favicon.ico
|
142.250.64.68
|
||
|
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
unknown
|
||
|
https://www.google.com/chrome
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.php53001
|
unknown
|
||
|
https://chromewebstore.google.com/
|
unknown
|
||
|
https://drive-preprod.corp.google.com/
|
unknown
|
||
|
https://chrome.google.com/webstore/
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx
|
142.250.181.225
|
||
|
https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phpQ
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17WdsYWhtbmRlZHwxfDB8MHxab2hvIF
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phpT
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phpL
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phptch
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phps
|
unknown
|
||
|
https://drive-staging.corp.google.com/
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.phpz
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://185.215.113.19/fae1daa8e9eb0eefeb8846d934f48b15eaa495c49#
|
unknown
|
||
|
http://www.sqlite.org/copyright.html.
|
unknown
|
||
|
https://chrome.cloudflare-dns.com
|
unknown
|
||
|
http://185.215.113.19/Vi9leo/index.php3001
|
unknown
|
||
|
https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://drive-autopush.corp.google.com/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.181.225
|
||
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
|
sni1gl.wpc.nucdn.net
|
152.199.21.175
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
bzib.nelreports.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.215.113.100
|
unknown
|
Portugal
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
185.215.113.19
|
unknown
|
Portugal
|
|
|
|
152.195.19.97
|
unknown
|
United States
|
||
|
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
|
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
142.250.65.238
|
unknown
|
United States
|
||
|
172.64.41.3
|
unknown
|
United States
|
||
|
185.215.113.16
|
unknown
|
Portugal
|
||
|
142.250.64.68
|
unknown
|
United States
|
||
|
142.250.181.225
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
There are 2 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_5736606B9E4AF5D84DA5A728AAAD52EB
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_installdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_enableddate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_a5d6a53e96afdef13bf25bb88d9341c7
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\Commands\on-logon-autolaunch
|
Enabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ProfileErrorState
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles
|
EnhancedLinkOpeningDefault
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_13bbe73648289fe96dfa1aa1bf23b3da
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ShortcutName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jmjflgjpcpepeafmmgdpfkogkghcpiha
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
There are 83 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
AF1000
|
unkown
|
page execute and read and write
|
|
|
|
4D70000
|
direct allocation
|
page read and write
|
|
|
|
52D0000
|
direct allocation
|
page read and write
|
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
52D0000
|
direct allocation
|
page read and write
|
|
|
|
FAE000
|
heap
|
page read and write
|
|
|
|
AF1000
|
unkown
|
page execute and read and write
|
|
|
|
AF1000
|
unkown
|
page execute and read and write
|
|
|
|
AF1000
|
unkown
|
page execute and read and write
|
|
|
|
FAE000
|
heap
|
page read and write
|
|
|
|
1D3BD000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
CD3000
|
unkown
|
page execute and write copy
|
||
|
1464000
|
heap
|
page read and write
|
||
|
15B1000
|
heap
|
page read and write
|
||
|
B59000
|
unkown
|
page write copy
|
||
|
6FAC000
|
stack
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
3170000
|
direct allocation
|
page read and write
|
||
|
4A8F000
|
stack
|
page read and write
|
||
|
4CDF000
|
stack
|
page read and write
|
||
|
18FE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1D4F0000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4CCE000
|
stack
|
page read and write
|
||
|
6C00000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
3F4E000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
41CE000
|
stack
|
page read and write
|
||
|
4EE0000
|
direct allocation
|
page execute and read and write
|
||
|
1D3B1000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
969000
|
unkown
|
page execute and read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
1CD3E000
|
stack
|
page read and write
|
||
|
4A6C000
|
stack
|
page read and write
|
||
|
47FF000
|
stack
|
page read and write
|
||
|
1632000
|
heap
|
page read and write
|
||
|
2B3F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
2EFF000
|
stack
|
page read and write
|
||
|
DDD000
|
stack
|
page read and write
|
||
|
3E0F000
|
stack
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
443F000
|
stack
|
page read and write
|
||
|
4DAE000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
3F8E000
|
stack
|
page read and write
|
||
|
3F7E000
|
stack
|
page read and write
|
||
|
430E000
|
stack
|
page read and write
|
||
|
3B4F000
|
stack
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
FA9000
|
unkown
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
530C000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3AF000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
133A000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4801000
|
heap
|
page read and write
|
||
|
3D0E000
|
stack
|
page read and write
|
||
|
32BF000
|
stack
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
29446000
|
heap
|
page read and write
|
||
|
F6E000
|
stack
|
page read and write
|
||
|
304F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3BC000
|
heap
|
page read and write
|
||
|
48D1000
|
heap
|
page read and write
|
||
|
1575000
|
heap
|
page read and write
|
||
|
364E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1CDAD000
|
stack
|
page read and write
|
||
|
3AAE000
|
stack
|
page read and write
|
||
|
661000
|
unkown
|
page execute and write copy
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
3B8E000
|
stack
|
page read and write
|
||
|
44AE000
|
stack
|
page read and write
|
||
|
11C000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
1D3BC000
|
heap
|
page read and write
|
||
|
2ACF000
|
stack
|
page read and write
|
||
|
315E000
|
stack
|
page read and write
|
||
|
61EB4000
|
direct allocation
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
B39000
|
unkown
|
page execute and write copy
|
||
|
129E000
|
stack
|
page read and write
|
||
|
5470000
|
direct allocation
|
page execute and read and write
|
||
|
5331000
|
direct allocation
|
page read and write
|
||
|
432F000
|
stack
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
6C8D1000
|
unkown
|
page execute read
|
||
|
36EE000
|
stack
|
page read and write
|
||
|
6EAB000
|
stack
|
page read and write
|
||
|
5470000
|
direct allocation
|
page execute and read and write
|
||
|
3BAF000
|
stack
|
page read and write
|
||
|
1CE3E000
|
stack
|
page read and write
|
||
|
15E7000
|
heap
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
54A0000
|
direct allocation
|
page execute and read and write
|
||
|
E0A000
|
unkown
|
page execute and write copy
|
||
|
A8E000
|
stack
|
page read and write
|
||
|
1066000
|
heap
|
page read and write
|
||
|
396E000
|
stack
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
1D3B6000
|
heap
|
page read and write
|
||
|
40BE000
|
stack
|
page read and write
|
||
|
1533000
|
heap
|
page read and write
|
||
|
394E000
|
stack
|
page read and write
|
||
|
40EE000
|
stack
|
page read and write
|
||
|
3A4E000
|
stack
|
page read and write
|
||
|
1D3BB000
|
heap
|
page read and write
|
||
|
41EF000
|
stack
|
page read and write
|
||
|
378F000
|
stack
|
page read and write
|
||
|
27EB000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1023000
|
heap
|
page read and write
|
||
|
1531000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
5539000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
404F000
|
stack
|
page read and write
|
||
|
1CFEE000
|
stack
|
page read and write
|
||
|
5E4000
|
unkown
|
page readonly
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
DFB000
|
unkown
|
page execute and read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
430F000
|
stack
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
119E000
|
stack
|
page read and write
|
||
|
46CE000
|
stack
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
6CB0F000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1C9AF000
|
stack
|
page read and write
|
||
|
DD8000
|
stack
|
page read and write
|
||
|
1D3C5000
|
heap
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
1D3CC000
|
heap
|
page read and write
|
||
|
364F000
|
stack
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
1D3B2000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
5331000
|
direct allocation
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4C40000
|
trusted library allocation
|
page read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
1D3CB000
|
heap
|
page read and write
|
||
|
6826000
|
heap
|
page read and write
|
||
|
37EF000
|
stack
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
95B000
|
unkown
|
page execute and read and write
|
||
|
484E000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
10AF000
|
stack
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
2DFE000
|
stack
|
page read and write
|
||
|
563B000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
390E000
|
stack
|
page read and write
|
||
|
1D3C6000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
2827000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
3F0F000
|
stack
|
page read and write
|
||
|
1D3B9000
|
heap
|
page read and write
|
||
|
1649000
|
heap
|
page read and write
|
||
|
6820000
|
heap
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
6D72000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
433E000
|
stack
|
page read and write
|
||
|
1D12D000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
400E000
|
stack
|
page read and write
|
||
|
1CFEE000
|
stack
|
page read and write
|
||
|
3A7E000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
75D000
|
unkown
|
page execute and read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
32EF000
|
stack
|
page read and write
|
||
|
6CA000
|
unkown
|
page execute and read and write
|
||
|
378E000
|
stack
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
447E000
|
stack
|
page read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
407F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
969000
|
unkown
|
page execute and write copy
|
||
|
29431000
|
heap
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
440E000
|
stack
|
page read and write
|
||
|
55EB000
|
stack
|
page read and write
|
||
|
105D000
|
heap
|
page read and write
|
||
|
5E4000
|
unkown
|
page readonly
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and write copy
|
||
|
1464000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
DC3000
|
unkown
|
page execute and read and write
|
||
|
1D3E0000
|
heap
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
15E3000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4DCF000
|
stack
|
page read and write
|
||
|
3F4F000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
440F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5490000
|
direct allocation
|
page execute and read and write
|
||
|
4C80000
|
direct allocation
|
page read and write
|
||
|
354E000
|
stack
|
page read and write
|
||
|
1D3B8000
|
heap
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
5DC000
|
unkown
|
page write copy
|
||
|
15E1000
|
heap
|
page read and write
|
||
|
7E7000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
46BF000
|
stack
|
page read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
6AEE000
|
stack
|
page read and write
|
||
|
15F1000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
B59000
|
unkown
|
page write copy
|
||
|
DC3000
|
unkown
|
page execute and read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
4CBC000
|
stack
|
page read and write
|
||
|
FAB000
|
unkown
|
page execute and write copy
|
||
|
3B0F000
|
stack
|
page read and write
|
||
|
130D000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
454F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1CD6F000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
7450000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
390F000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5C6D000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
47CE000
|
stack
|
page read and write
|
||
|
3CCF000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
36BE000
|
stack
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
4A30000
|
direct allocation
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
418E000
|
stack
|
page read and write
|
||
|
45AF000
|
stack
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
FAA000
|
heap
|
page read and write
|
||
|
161B000
|
heap
|
page read and write
|
||
|
4C80000
|
direct allocation
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
660000
|
unkown
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
162B000
|
heap
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
4BC0000
|
direct allocation
|
page execute and read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
4F00000
|
direct allocation
|
page execute and read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
DFB000
|
unkown
|
page execute and read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
1628000
|
heap
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
436E000
|
stack
|
page read and write
|
||
|
4E67000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
5F0E000
|
stack
|
page read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
318C000
|
stack
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page read and write
|
||
|
296D0000
|
heap
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
2949B000
|
heap
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
6F3000
|
unkown
|
page execute and read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
2346F000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page execute and read and write
|
||
|
15DD000
|
heap
|
page read and write
|
||
|
36CE000
|
stack
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
1C8AE000
|
stack
|
page read and write
|
||
|
6BEF000
|
stack
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
133A000
|
stack
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
5A1E000
|
stack
|
page read and write
|
||
|
DFB000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1D3AC000
|
heap
|
page read and write
|
||
|
2944D000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
156E000
|
heap
|
page read and write
|
||
|
15FF000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
46FE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
4800000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
6FF000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page readonly
|
||
|
42FF000
|
stack
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
3A4F000
|
stack
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
414F000
|
stack
|
page read and write
|
||
|
E0A000
|
unkown
|
page execute and write copy
|
||
|
3CBF000
|
stack
|
page read and write
|
||
|
41BF000
|
stack
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
61ED4000
|
direct allocation
|
page readonly
|
||
|
A44000
|
heap
|
page read and write
|
||
|
29434000
|
heap
|
page read and write
|
||
|
1D0ED000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
B52000
|
unkown
|
page execute and read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
296E6000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1CB2E000
|
stack
|
page read and write
|
||
|
4E4F000
|
stack
|
page read and write
|
||
|
408F000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
468F000
|
stack
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
4A5F000
|
stack
|
page read and write
|
||
|
293F0000
|
heap
|
page read and write
|
||
|
3DCF000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
1D28E000
|
stack
|
page read and write
|
||
|
1D39F000
|
heap
|
page read and write
|
||
|
40AF000
|
stack
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
5480000
|
direct allocation
|
page execute and read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
348F000
|
stack
|
page read and write
|
||
|
2DEF000
|
stack
|
page read and write
|
||
|
61ECC000
|
direct allocation
|
page read and write
|
||
|
1D3BA000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5290000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
32CF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
3CCE000
|
stack
|
page read and write
|
||
|
1D3C0000
|
heap
|
page read and write
|
||
|
61ED0000
|
direct allocation
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
70EF000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
1622000
|
heap
|
page read and write
|
||
|
2A2F000
|
stack
|
page read and write
|
||
|
125F000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
3170000
|
direct allocation
|
page read and write
|
||
|
1632000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
744C000
|
stack
|
page read and write
|
||
|
3DFF000
|
stack
|
page read and write
|
||
|
3D2E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
61E01000
|
direct allocation
|
page execute read
|
||
|
150E000
|
stack
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
4EAF000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
13E4000
|
heap
|
page read and write
|
||
|
10EE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
60C0000
|
heap
|
page read and write
|
||
|
3C4E000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
1D3C0000
|
heap
|
page read and write
|
||
|
CE5000
|
unkown
|
page execute and read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
AF1000
|
unkown
|
page execute and write copy
|
||
|
360F000
|
stack
|
page read and write
|
||
|
FA9000
|
unkown
|
page execute and read and write
|
||
|
2952E000
|
stack
|
page read and write
|
||
|
510000
|
unkown
|
page readonly
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
54C0000
|
direct allocation
|
page execute and read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
6CB55000
|
unkown
|
page readonly
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
2B6F000
|
stack
|
page read and write
|
||
|
545C000
|
stack
|
page read and write
|
||
|
530B000
|
stack
|
page read and write
|
||
|
40CE000
|
stack
|
page read and write
|
||
|
1D3B2000
|
heap
|
page read and write
|
||
|
350E000
|
stack
|
page read and write
|
||
|
5E0E000
|
stack
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
DC3000
|
unkown
|
page execute and read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
56A4000
|
heap
|
page read and write
|
||
|
DFB000
|
unkown
|
page execute and read and write
|
||
|
1007000
|
heap
|
page read and write
|
||
|
1D3E0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
6C30000
|
heap
|
page read and write
|
||
|
61EB7000
|
direct allocation
|
page readonly
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
4E42000
|
heap
|
page read and write
|
||
|
4E70000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
3CCF000
|
stack
|
page read and write
|
||
|
4ED0000
|
direct allocation
|
page execute and read and write
|
||
|
45BE000
|
stack
|
page read and write
|
||
|
B5A000
|
stack
|
page read and write
|
||
|
DDE000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
46CF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
15BB000
|
heap
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
DD2000
|
stack
|
page read and write
|
||
|
B59000
|
unkown
|
page read and write
|
||
|
46CF000
|
stack
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E1F000
|
stack
|
page read and write
|
||
|
1073000
|
heap
|
page read and write
|
||
|
5AC000
|
unkown
|
page readonly
|
||
|
390F000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
5480000
|
direct allocation
|
page execute and read and write
|
||
|
356F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
1D3C5000
|
heap
|
page read and write
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
4B6F000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and read and write
|
||
|
12DE000
|
stack
|
page read and write
|
||
|
54E0000
|
direct allocation
|
page execute and read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
3BBE000
|
stack
|
page read and write
|
||
|
6C971000
|
unkown
|
page execute read
|
||
|
394E000
|
stack
|
page read and write
|
||
|
1D3DB000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
E0A000
|
unkown
|
page execute and write copy
|
||
|
1603000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
B59000
|
unkown
|
page read and write
|
||
|
4E30000
|
direct allocation
|
page execute and read and write
|
||
|
3BEE000
|
stack
|
page read and write
|
||
|
1D394000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
3A8E000
|
stack
|
page read and write
|
||
|
296DE000
|
heap
|
page read and write
|
||
|
4C80000
|
direct allocation
|
page read and write
|
||
|
A2C000
|
unkown
|
page execute and read and write
|
||
|
572F000
|
stack
|
page read and write
|
||
|
29439000
|
heap
|
page read and write
|
||
|
FF7000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
3E3E000
|
stack
|
page read and write
|
||
|
374F000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
1061000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
4A30000
|
direct allocation
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
404E000
|
stack
|
page read and write
|
||
|
5E0000
|
unkown
|
page write copy
|
||
|
3B8F000
|
stack
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
4B9F000
|
stack
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
69AE000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
AF1000
|
unkown
|
page execute and write copy
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
FA9000
|
unkown
|
page execute and read and write
|
||
|
1D3C5000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
807000
|
unkown
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
434E000
|
stack
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
37FE000
|
stack
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
54D0000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
1626000
|
heap
|
page read and write
|
||
|
1649000
|
heap
|
page read and write
|
||
|
4F60000
|
direct allocation
|
page execute and read and write
|
||
|
576E000
|
stack
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
3CFE000
|
stack
|
page read and write
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
49F0000
|
trusted library allocation
|
page read and write
|
||
|
953000
|
unkown
|
page execute and read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
106C000
|
heap
|
page read and write
|
||
|
52C0000
|
direct allocation
|
page read and write
|
||
|
29440000
|
heap
|
page read and write
|
||
|
3B8F000
|
stack
|
page read and write
|
||
|
17FE000
|
stack
|
page read and write
|
||
|
5490000
|
direct allocation
|
page execute and read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
4A30000
|
direct allocation
|
page read and write
|
||
|
457F000
|
stack
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
4D60000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
F2E000
|
heap
|
page read and write
|
||
|
4CF1000
|
direct allocation
|
page read and write
|
||
|
1D3BC000
|
heap
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
6CB50000
|
unkown
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
498E000
|
stack
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
444E000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
92B000
|
unkown
|
page execute and read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
1D3C7000
|
heap
|
page read and write
|
||
|
47CF000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
B59000
|
unkown
|
page write copy
|
||
|
1D3C6000
|
heap
|
page read and write
|
||
|
444F000
|
stack
|
page read and write
|
||
|
1D3BC000
|
heap
|
page read and write
|
||
|
52F000
|
unkown
|
page execute and read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
3DCE000
|
stack
|
page read and write
|
||
|
420E000
|
stack
|
page read and write
|
||
|
180000
|
heap
|
page read and write
|
||
|
15BE000
|
heap
|
page read and write
|
||
|
EF5000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4810000
|
heap
|
page read and write
|
||
|
4BCF000
|
stack
|
page read and write
|
||
|
54D0000
|
direct allocation
|
page execute and read and write
|
||
|
4F20000
|
direct allocation
|
page execute and read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
C05000
|
stack
|
page read and write
|
||
|
161A000
|
heap
|
page read and write
|
||
|
458F000
|
stack
|
page read and write
|
||
|
37BF000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
1D390000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D38C000
|
stack
|
page read and write
|
||
|
B39000
|
unkown
|
page execute and read and write
|
||
|
1CCFF000
|
stack
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
660000
|
unkown
|
page readonly
|
||
|
FAB000
|
unkown
|
page execute and write copy
|
||
|
113A000
|
heap
|
page read and write
|
||
|
3CEE000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
FA9000
|
unkown
|
page execute and read and write
|
||
|
4910000
|
trusted library allocation
|
page read and write
|
||
|
FAB000
|
unkown
|
page execute and write copy
|
||
|
B02000
|
unkown
|
page execute and read and write
|
||
|
3170000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
296D8000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
368F000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and write copy
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
4C0E000
|
stack
|
page read and write
|
||
|
A07000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
4BD0000
|
direct allocation
|
page execute and read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
3B7F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
100A000
|
heap
|
page read and write
|
||
|
1D3B9000
|
heap
|
page read and write
|
||
|
EED000
|
stack
|
page read and write
|
||
|
DC3000
|
unkown
|
page execute and read and write
|
||
|
293D0000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
3F6F000
|
stack
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
4A9E000
|
stack
|
page read and write
|
||
|
1CEAC000
|
stack
|
page read and write
|
||
|
1632000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
562E000
|
stack
|
page read and write
|
||
|
153B000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
CE5000
|
unkown
|
page execute and read and write
|
||
|
A20000
|
direct allocation
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
3B4E000
|
stack
|
page read and write
|
||
|
1D3BA000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
54A0000
|
direct allocation
|
page execute and read and write
|
||
|
CD2000
|
unkown
|
page execute and read and write
|
||
|
1CAEF000
|
stack
|
page read and write
|
||
|
388F000
|
stack
|
page read and write
|
||
|
41FE000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
B3A000
|
unkown
|
page execute and write copy
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
494F000
|
stack
|
page read and write
|
||
|
1D3B6000
|
heap
|
page read and write
|
||
|
54C0000
|
direct allocation
|
page execute and read and write
|
||
|
40CE000
|
stack
|
page read and write
|
||
|
162B000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
6C95E000
|
unkown
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
470E000
|
stack
|
page read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
52C0000
|
direct allocation
|
page read and write
|
||
|
5D2000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1CC6E000
|
stack
|
page read and write
|
||
|
8FD000
|
stack
|
page read and write
|
||
|
7451000
|
heap
|
page read and write
|
||
|
4ACE000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
114D000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
724000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
58AE000
|
stack
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
35AE000
|
stack
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page execute and read and write
|
||
|
3BCE000
|
stack
|
page read and write
|
||
|
3E0F000
|
stack
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
1D3A9000
|
heap
|
page read and write
|
||
|
FAB000
|
unkown
|
page execute and write copy
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
382E000
|
stack
|
page read and write
|
||
|
1082000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
163D000
|
heap
|
page read and write
|
||
|
6AAF000
|
stack
|
page read and write
|
||
|
112E000
|
stack
|
page read and write
|
||
|
31EE000
|
stack
|
page read and write
|
||
|
5DC000
|
unkown
|
page read and write
|
||
|
61ECD000
|
direct allocation
|
page readonly
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
F27000
|
heap
|
page read and write
|
||
|
163D000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
5AC000
|
unkown
|
page readonly
|
||
|
1CBBF000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
4BA0000
|
direct allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4F30000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
15AB000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
6CB4E000
|
unkown
|
page read and write
|
||
|
123B000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1590000
|
heap
|
page read and write
|
||
|
380E000
|
stack
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
3E6E000
|
stack
|
page read and write
|
||
|
2820000
|
heap
|
page read and write
|
||
|
4F70000
|
direct allocation
|
page execute and read and write
|
||
|
162B000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1079000
|
heap
|
page read and write
|
||
|
422E000
|
stack
|
page read and write
|
||
|
1531000
|
heap
|
page read and write
|
||
|
96A000
|
unkown
|
page execute and write copy
|
||
|
491000
|
unkown
|
page execute and read and write
|
||
|
AF0000
|
unkown
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page execute and read and write
|
||
|
4F50000
|
direct allocation
|
page execute and read and write
|
||
|
751000
|
unkown
|
page execute and read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
6C8D0000
|
unkown
|
page readonly
|
||
|
4F10000
|
direct allocation
|
page execute and read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
3C8E000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
AF0000
|
unkown
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
318F000
|
stack
|
page read and write
|
||
|
1156000
|
heap
|
page read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page execute and read and write
|
||
|
1C9EE000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and write copy
|
||
|
3E4E000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
282B000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
39CF000
|
stack
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
B5B000
|
unkown
|
page execute and read and write
|
||
|
3A0F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
332E000
|
stack
|
page read and write
|
||
|
428F000
|
stack
|
page read and write
|
||
|
3D8F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
490F000
|
stack
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1623000
|
heap
|
page read and write
|
||
|
5D2000
|
unkown
|
page readonly
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1D3E0000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
41CF000
|
stack
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
4BB0000
|
direct allocation
|
page execute and read and write
|
||
|
37CE000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
317F000
|
stack
|
page read and write
|
||
|
4E00000
|
direct allocation
|
page execute and read and write
|
||
|
338F000
|
stack
|
page read and write
|
||
|
6D0000
|
unkown
|
page execute and read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
45B1000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1CEED000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
B52000
|
unkown
|
page execute and read and write
|
||
|
38FF000
|
stack
|
page read and write
|
||
|
AF0000
|
unkown
|
page readonly
|
||
|
2290000
|
heap
|
page read and write
|
||
|
464F000
|
stack
|
page read and write
|
||
|
42CF000
|
stack
|
page read and write
|
||
|
AF1000
|
unkown
|
page execute and write copy
|
||
|
408E000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
29640000
|
trusted library allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
93D000
|
stack
|
page read and write
|
||
|
156A000
|
heap
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
3A4F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
3A6F000
|
stack
|
page read and write
|
||
|
1CE9E000
|
stack
|
page read and write
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
1D3DE000
|
heap
|
page read and write
|
||
|
350F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
3F3F000
|
stack
|
page read and write
|
||
|
5DAD000
|
stack
|
page read and write
|
||
|
107B000
|
heap
|
page read and write
|
||
|
3A8E000
|
stack
|
page read and write
|
||
|
B52000
|
unkown
|
page execute and read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
15FF000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4811000
|
heap
|
page read and write
|
||
|
3C8F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
30AE000
|
stack
|
page read and write
|
||
|
450F000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
F2B000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
5CAD000
|
stack
|
page read and write
|
||
|
4B80000
|
direct allocation
|
page execute and read and write
|
||
|
480E000
|
stack
|
page read and write
|
||
|
454E000
|
stack
|
page read and write
|
||
|
B59000
|
unkown
|
page read and write
|
||
|
318D000
|
heap
|
page read and write
|
||
|
48D1000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4DD1000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E10000
|
direct allocation
|
page execute and read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
1CBFE000
|
stack
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
554000
|
unkown
|
page execute and read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
696F000
|
stack
|
page read and write
|
||
|
3E2F000
|
stack
|
page read and write
|
||
|
AF1000
|
unkown
|
page execute and write copy
|
||
|
1464000
|
heap
|
page read and write
|
||
|
48D1000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and write copy
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
131E000
|
stack
|
page read and write
|
||
|
42CE000
|
stack
|
page read and write
|
||
|
340F000
|
stack
|
page read and write
|
||
|
2B7C000
|
stack
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page execute and read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
1CF9F000
|
stack
|
page read and write
|
||
|
4DD0000
|
direct allocation
|
page execute and read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
511000
|
unkown
|
page execute read
|
||
|
15E2000
|
heap
|
page read and write
|
||
|
4E80000
|
direct allocation
|
page execute and read and write
|
||
|
4D4E000
|
stack
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
6825000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
342F000
|
stack
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
434E000
|
stack
|
page read and write
|
||
|
1D4FA000
|
heap
|
page read and write
|
||
|
4DBF000
|
stack
|
page read and write
|
||
|
1D3B6000
|
heap
|
page read and write
|
||
|
3BCE000
|
stack
|
page read and write
|
||
|
5B1F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
444F000
|
stack
|
page read and write
|
||
|
353F000
|
stack
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
368E000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
367F000
|
stack
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
306F000
|
stack
|
page read and write
|
||
|
133C000
|
stack
|
page read and write
|
||
|
420E000
|
stack
|
page read and write
|
||
|
36C000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
3A3F000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
6CB4F000
|
unkown
|
page write copy
|
||
|
3F4E000
|
stack
|
page read and write
|
||
|
3E4E000
|
stack
|
page read and write
|
||
|
CE5000
|
unkown
|
page execute and read and write
|
||
|
B59000
|
unkown
|
page write copy
|
||
|
510000
|
unkown
|
page readonly
|
||
|
1D3BF000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
CE5000
|
unkown
|
page execute and read and write
|
||
|
1531000
|
heap
|
page read and write
|
||
|
468E000
|
stack
|
page read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
29410000
|
heap
|
page read and write
|
||
|
4F30000
|
direct allocation
|
page execute and read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
54E0000
|
direct allocation
|
page execute and read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
15FF000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
3147000
|
heap
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
458E000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1508000
|
heap
|
page read and write
|
||
|
5B6D000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
AD0000
|
direct allocation
|
page execute and read and write
|
||
|
3E0E000
|
stack
|
page read and write
|
||
|
2F4E000
|
stack
|
page read and write
|
||
|
B5B000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
346E000
|
stack
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
491000
|
unkown
|
page execute and write copy
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
661000
|
unkown
|
page execute and read and write
|
||
|
1CFD000
|
stack
|
page read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
83C000
|
stack
|
page read and write
|
||
|
4D0F000
|
stack
|
page read and write
|
||
|
448E000
|
stack
|
page read and write
|
||
|
52C0000
|
direct allocation
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1622000
|
heap
|
page read and write
|
||
|
10AF000
|
stack
|
page read and write
|
||
|
48D1000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
B03000
|
unkown
|
page execute and write copy
|
||
|
448E000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
408F000
|
stack
|
page read and write
|
||
|
150C000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
3FAE000
|
stack
|
page read and write
|
||
|
6C970000
|
unkown
|
page readonly
|
||
|
4F90000
|
direct allocation
|
page execute and read and write
|
||
|
61ED3000
|
direct allocation
|
page read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
2BAE000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
6C962000
|
unkown
|
page readonly
|
||
|
AE0000
|
direct allocation
|
page execute and read and write
|
||
|
3ECF000
|
stack
|
page read and write
|
||
|
731000
|
unkown
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
133E000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
430F000
|
stack
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
48CF000
|
stack
|
page read and write
|
||
|
AFB000
|
unkown
|
page execute and read and write
|
||
|
1D396000
|
heap
|
page read and write
|
||
|
185E000
|
stack
|
page read and write
|
||
|
1D3B1000
|
heap
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
DD4000
|
stack
|
page read and write
|
||
|
E09000
|
unkown
|
page execute and read and write
|
||
|
69C000
|
unkown
|
page execute and read and write
|
||
|
B23000
|
unkown
|
page execute and read and write
|
||
|
15FF000
|
heap
|
page read and write
|
||
|
61E00000
|
direct allocation
|
page execute and read and write
|
||
|
A20000
|
direct allocation
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
E0A000
|
unkown
|
page execute and write copy
|
||
|
85C000
|
unkown
|
page execute and read and write
|
||
|
478F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
ACE000
|
stack
|
page read and write
|
||
|
54F0000
|
direct allocation
|
page execute and read and write
|
||
|
DF0000
|
unkown
|
page execute and read and write
|
||
|
6C3E000
|
heap
|
page read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
1D3C3000
|
heap
|
page read and write
|
||
|
1D22D000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
6C94D000
|
unkown
|
page readonly
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
15DA000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1154000
|
heap
|
page read and write
|
||
|
A20000
|
direct allocation
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
AF0000
|
unkown
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
45B0000
|
heap
|
page read and write
|
||
|
59AF000
|
stack
|
page read and write
|
||
|
4BDE000
|
stack
|
page read and write
|
||
|
4E20000
|
direct allocation
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
38CE000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
161F000
|
heap
|
page read and write
|
||
|
3A0E000
|
stack
|
page read and write
|
||
|
1D3BD000
|
heap
|
page read and write
|
||
|
1320000
|
direct allocation
|
page read and write
|
||
|
B5B000
|
unkown
|
page execute and read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
AF0000
|
unkown
|
page read and write
|
||
|
392F000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
11DB000
|
stack
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
3F0E000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
446F000
|
stack
|
page read and write
|
||
|
B52000
|
unkown
|
page execute and read and write
|
||
|
6D70000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page execute and read and write
|
||
|
1D3C4000
|
heap
|
page read and write
|
||
|
1D3B9000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page execute and read and write
|
||
|
296EE000
|
heap
|
page read and write
|
||
|
2F3E000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1D3BC000
|
heap
|
page read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
313F000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
2800000
|
direct allocation
|
page read and write
|
||
|
1CC2E000
|
stack
|
page read and write
|
||
|
15AA000
|
heap
|
page read and write
|
||
|
393E000
|
stack
|
page read and write
|
||
|
6C31000
|
heap
|
page read and write
|
||
|
B5B000
|
unkown
|
page execute and read and write
|
||
|
418F000
|
stack
|
page read and write
|
||
|
1147000
|
heap
|
page read and write
|
||
|
DE7000
|
heap
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page execute and read and write
|
||
|
1D3C6000
|
heap
|
page read and write
|
||
|
4E0E000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
3D0E000
|
stack
|
page read and write
|
||
|
511000
|
unkown
|
page execute read
|
||
|
1154000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
F70000
|
direct allocation
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
36CE000
|
stack
|
page read and write
|
||
|
6BC000
|
unkown
|
page execute and read and write
|
||
|
123C000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
1622000
|
heap
|
page read and write
|
||
|
45CE000
|
stack
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
523000
|
unkown
|
page execute and read and write
|
||
|
4910000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
50C000
|
stack
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
20FD000
|
stack
|
page read and write
|
||
|
470E000
|
stack
|
page read and write
|
||
|
80D000
|
unkown
|
page execute and read and write
|
||
|
38CF000
|
stack
|
page read and write
|
||
|
54B0000
|
direct allocation
|
page execute and read and write
|
||
|
4F80000
|
direct allocation
|
page execute and read and write
|
||
|
6FEE000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1579000
|
heap
|
page read and write
|
||
|
154D000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
1D3D0000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
1D3AA000
|
heap
|
page read and write
|
||
|
B2B000
|
unkown
|
page execute and read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
358F000
|
stack
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
15A7000
|
heap
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
1464000
|
heap
|
page read and write
|
||
|
B59000
|
unkown
|
page read and write
|
||
|
2962F000
|
stack
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
A44000
|
heap
|
page read and write
|
||
|
34CF000
|
stack
|
page read and write
|
||
|
1628000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
4F40000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
175E000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page execute and read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
43CF000
|
stack
|
page read and write
|
||
|
164A000
|
heap
|
page read and write
|
||
|
3F8E000
|
stack
|
page read and write
|
||
|
1520000
|
direct allocation
|
page read and write
|
||
|
8A0000
|
unkown
|
page execute and read and write
|
||
|
1624000
|
heap
|
page read and write
|
||
|
2FCF000
|
stack
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
760000
|
unkown
|
page execute and read and write
|
||
|
354F000
|
stack
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
380E000
|
stack
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
14C4000
|
heap
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
734C000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
9F0000
|
direct allocation
|
page read and write
|
||
|
4E51000
|
heap
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
There are 1329 hidden memdumps, click here to show them.