IOC Report
XVM5nluelx.exe

loading gif

Files

File Path
Type
Category
Malicious
XVM5nluelx.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\33A3.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\VirtualStore\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Roaming\dejcbcc
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\dejcbcc:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\Desktop\EEGWXUHVUG\EEGWXUHVUG.docx
data
dropped
 malicious
C:\Users\user\Desktop\GRXZDKKVDB.png
data
dropped
 malicious
C:\Users\user\Desktop\NVWZAPQSQL\TQDFJHPUIU.png
data
dropped
 malicious
C:\Users\user\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Explorer.EXE_c21224191a167f50d0fc77956927dc29a8d71181_f78a65ed_ba19aa6d-c6c8-4f22-8ff2-9e5b4e4dd4c9\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1130.tmp.dmp
Mini DuMP crash report, 17 streams, CheckSum 0x00000004, Fri May 24 15:39:37 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER16DE.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER16FF.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\SystemID\PersonalID.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\.curlrc
data
dropped
C:\Users\user\.curlrc.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log.vepi (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000014.db
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000015.db
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\Windows[2].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\get[1].htm
JSON data
dropped
C:\Users\user\AppData\Local\Temp\5C0B.bat
ASCII text, with no line terminators
modified
C:\Users\user\AppData\Local\Temp\B88.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\bowsakkdestx.txt
JSON data
dropped
C:\Users\user\Desktop\BJZFPPWAPT.mp3
data
dropped
C:\Users\user\Desktop\BJZFPPWAPT.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\BJZFPPWAPT.pdf
data
dropped
C:\Users\user\Desktop\BJZFPPWAPT.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\BJZFPPWAPT.xlsx
data
dropped
C:\Users\user\Desktop\BJZFPPWAPT.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\DUUDTUBZFW.jpg
data
dropped
C:\Users\user\Desktop\DUUDTUBZFW.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\DUUDTUBZFW.xlsx
data
dropped
C:\Users\user\Desktop\DUUDTUBZFW.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG.docx
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG.xlsx
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\BJZFPPWAPT.pdf
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\BJZFPPWAPT.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\DUUDTUBZFW.jpg
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\DUUDTUBZFW.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\EEGWXUHVUG.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\EFOYFBOLXA.xlsx
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\EFOYFBOLXA.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\EWZCVGNOWT.mp3
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\EWZCVGNOWT.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\ZGGKNSUKOP.png
data
dropped
C:\Users\user\Desktop\EEGWXUHVUG\ZGGKNSUKOP.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA.docx
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA.jpg
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA.xlsx
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\DUUDTUBZFW.xlsx
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\DUUDTUBZFW.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\EFOYFBOLXA.docx
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\EFOYFBOLXA.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\EWZCVGNOWT.pdf
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\EWZCVGNOWT.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\JDDHMPCDUJ.jpg
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\JDDHMPCDUJ.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\LFOPODGVOH.mp3
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\LFOPODGVOH.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\NWCXBPIUYI.png
data
dropped
C:\Users\user\Desktop\EFOYFBOLXA\NWCXBPIUYI.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\EOWRVPQCCS.pdf
data
dropped
C:\Users\user\Desktop\EOWRVPQCCS.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\EWZCVGNOWT.jpg
data
dropped
C:\Users\user\Desktop\EWZCVGNOWT.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\EWZCVGNOWT.mp3
data
dropped
C:\Users\user\Desktop\EWZCVGNOWT.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\EWZCVGNOWT.pdf
data
dropped
C:\Users\user\Desktop\EWZCVGNOWT.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\GRXZDKKVDB.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\JDDHMPCDUJ.jpg
data
dropped
C:\Users\user\Desktop\JDDHMPCDUJ.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\LFOPODGVOH.mp3
data
dropped
C:\Users\user\Desktop\LFOPODGVOH.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL.docx
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL.pdf
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\BJZFPPWAPT.xlsx
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\BJZFPPWAPT.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\EOWRVPQCCS.pdf
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\EOWRVPQCCS.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\EWZCVGNOWT.jpg
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\EWZCVGNOWT.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\NVWZAPQSQL.docx
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\NVWZAPQSQL.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\NYMMPCEIMA.mp3
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\NYMMPCEIMA.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\NVWZAPQSQL\TQDFJHPUIU.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.png
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA.mp3
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT.docx
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\BJZFPPWAPT.mp3
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\BJZFPPWAPT.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\EEGWXUHVUG.xlsx
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\EEGWXUHVUG.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\EFOYFBOLXA.jpg
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\EFOYFBOLXA.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\GRXZDKKVDB.png
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\GRXZDKKVDB.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\NVWZAPQSQL.pdf
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\NVWZAPQSQL.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\SQSJKEBWDT.docx
data
dropped
C:\Users\user\Desktop\SQSJKEBWDT\SQSJKEBWDT.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\TQDFJHPUIU.png
data
dropped
C:\Users\user\Desktop\TQDFJHPUIU.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\ZGGKNSUKOP.png
data
dropped
C:\Users\user\Desktop\ZGGKNSUKOP.png.vepi (copy)
data
dropped
C:\Users\user\Documents\BJZFPPWAPT.mp3
data
dropped
C:\Users\user\Documents\BJZFPPWAPT.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\BJZFPPWAPT.pdf
data
dropped
C:\Users\user\Documents\BJZFPPWAPT.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\BJZFPPWAPT.xlsx
data
dropped
C:\Users\user\Documents\BJZFPPWAPT.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\DUUDTUBZFW.jpg
data
dropped
C:\Users\user\Documents\DUUDTUBZFW.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\DUUDTUBZFW.xlsx
data
dropped
C:\Users\user\Documents\DUUDTUBZFW.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG.docx
data
dropped
C:\Users\user\Documents\EEGWXUHVUG.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG.xlsx
data
dropped
C:\Users\user\Documents\EEGWXUHVUG.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\BJZFPPWAPT.pdf
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\BJZFPPWAPT.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\DUUDTUBZFW.jpg
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\DUUDTUBZFW.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\EEGWXUHVUG.docx
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\EEGWXUHVUG.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\EFOYFBOLXA.xlsx
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\EFOYFBOLXA.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\EWZCVGNOWT.mp3
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\EWZCVGNOWT.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\ZGGKNSUKOP.png
data
dropped
C:\Users\user\Documents\EEGWXUHVUG\ZGGKNSUKOP.png.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA.docx
data
dropped
C:\Users\user\Documents\EFOYFBOLXA.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA.jpg
data
dropped
C:\Users\user\Documents\EFOYFBOLXA.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA.xlsx
data
dropped
C:\Users\user\Documents\EFOYFBOLXA.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\DUUDTUBZFW.xlsx
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\DUUDTUBZFW.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\EFOYFBOLXA.docx
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\EFOYFBOLXA.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\EWZCVGNOWT.pdf
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\EWZCVGNOWT.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\JDDHMPCDUJ.jpg
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\JDDHMPCDUJ.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\LFOPODGVOH.mp3
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\LFOPODGVOH.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\EFOYFBOLXA\NWCXBPIUYI.png
data
modified
C:\Users\user\Documents\EFOYFBOLXA\NWCXBPIUYI.png.vepi (copy)
data
dropped
C:\Users\user\Documents\EOWRVPQCCS.pdf
data
dropped
C:\Users\user\Documents\EOWRVPQCCS.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\EWZCVGNOWT.jpg
data
dropped
C:\Users\user\Documents\EWZCVGNOWT.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\EWZCVGNOWT.mp3
data
dropped
C:\Users\user\Documents\EWZCVGNOWT.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\EWZCVGNOWT.pdf
data
dropped
C:\Users\user\Documents\EWZCVGNOWT.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\GRXZDKKVDB.png
data
dropped
C:\Users\user\Documents\GRXZDKKVDB.png.vepi (copy)
data
dropped
C:\Users\user\Documents\JDDHMPCDUJ.jpg
data
dropped
C:\Users\user\Documents\JDDHMPCDUJ.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\LFOPODGVOH.mp3
data
dropped
C:\Users\user\Documents\LFOPODGVOH.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL.docx
data
dropped
C:\Users\user\Documents\NVWZAPQSQL.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL.pdf
data
dropped
C:\Users\user\Documents\NVWZAPQSQL.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\BJZFPPWAPT.xlsx
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\BJZFPPWAPT.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\EOWRVPQCCS.pdf
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\EOWRVPQCCS.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\EWZCVGNOWT.jpg
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\EWZCVGNOWT.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\NVWZAPQSQL.docx
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\NVWZAPQSQL.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\NYMMPCEIMA.mp3
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\NYMMPCEIMA.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\TQDFJHPUIU.png
data
dropped
C:\Users\user\Documents\NVWZAPQSQL\TQDFJHPUIU.png.vepi (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.png
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.png.vepi (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA.mp3
data
dropped
C:\Users\user\Documents\NYMMPCEIMA.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT.docx
data
dropped
C:\Users\user\Documents\SQSJKEBWDT.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\BJZFPPWAPT.mp3
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\BJZFPPWAPT.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\EEGWXUHVUG.xlsx
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\EEGWXUHVUG.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\EFOYFBOLXA.jpg
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\EFOYFBOLXA.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\GRXZDKKVDB.png
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\GRXZDKKVDB.png.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\NVWZAPQSQL.pdf
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\NVWZAPQSQL.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\SQSJKEBWDT.docx
data
dropped
C:\Users\user\Documents\SQSJKEBWDT\SQSJKEBWDT.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\TQDFJHPUIU.png
data
dropped
C:\Users\user\Documents\TQDFJHPUIU.png.vepi (copy)
data
dropped
C:\Users\user\Documents\ZGGKNSUKOP.png
data
dropped
C:\Users\user\Documents\ZGGKNSUKOP.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\BJZFPPWAPT.mp3
data
dropped
C:\Users\user\Downloads\BJZFPPWAPT.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\BJZFPPWAPT.pdf
data
dropped
C:\Users\user\Downloads\BJZFPPWAPT.pdf.vepi (copy)
data
dropped
C:\Users\user\Downloads\BJZFPPWAPT.xlsx
data
dropped
C:\Users\user\Downloads\BJZFPPWAPT.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\DUUDTUBZFW.jpg
data
dropped
C:\Users\user\Downloads\DUUDTUBZFW.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\DUUDTUBZFW.xlsx
data
dropped
C:\Users\user\Downloads\DUUDTUBZFW.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\EEGWXUHVUG.docx
data
dropped
C:\Users\user\Downloads\EEGWXUHVUG.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\EEGWXUHVUG.xlsx
data
dropped
C:\Users\user\Downloads\EEGWXUHVUG.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\EFOYFBOLXA.docx
data
dropped
C:\Users\user\Downloads\EFOYFBOLXA.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\EFOYFBOLXA.jpg
data
dropped
C:\Users\user\Downloads\EFOYFBOLXA.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\EFOYFBOLXA.xlsx
data
dropped
C:\Users\user\Downloads\EFOYFBOLXA.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\EOWRVPQCCS.pdf
data
dropped
C:\Users\user\Downloads\EOWRVPQCCS.pdf.vepi (copy)
data
dropped
C:\Users\user\Downloads\EWZCVGNOWT.jpg
data
dropped
C:\Users\user\Downloads\EWZCVGNOWT.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\EWZCVGNOWT.mp3
data
dropped
C:\Users\user\Downloads\EWZCVGNOWT.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\EWZCVGNOWT.pdf
data
dropped
C:\Users\user\Downloads\EWZCVGNOWT.pdf.vepi (copy)
data
dropped
C:\Users\user\Downloads\GRXZDKKVDB.png
data
dropped
C:\Users\user\Downloads\GRXZDKKVDB.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\JDDHMPCDUJ.jpg
data
dropped
C:\Users\user\Downloads\JDDHMPCDUJ.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\LFOPODGVOH.mp3
data
dropped
C:\Users\user\Downloads\LFOPODGVOH.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\NVWZAPQSQL.docx
data
dropped
C:\Users\user\Downloads\NVWZAPQSQL.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\NVWZAPQSQL.pdf
data
dropped
C:\Users\user\Downloads\NVWZAPQSQL.pdf.vepi (copy)
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.png
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\NYMMPCEIMA.mp3
data
dropped
C:\Users\user\Downloads\NYMMPCEIMA.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\SQSJKEBWDT.docx
data
dropped
C:\Users\user\Downloads\SQSJKEBWDT.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\TQDFJHPUIU.png
data
dropped
C:\Users\user\Downloads\TQDFJHPUIU.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\ZGGKNSUKOP.png
data
dropped
C:\Users\user\Downloads\ZGGKNSUKOP.png.vepi (copy)
data
dropped
C:\Users\user\Favorites\Amazon.url
data
dropped
C:\Users\user\Favorites\Amazon.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Bing.url
data
dropped
C:\Users\user\Favorites\Bing.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Facebook.url
data
dropped
C:\Users\user\Favorites\Facebook.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Google.url
data
dropped
C:\Users\user\Favorites\Google.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Live.url
data
dropped
C:\Users\user\Favorites\Live.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\NYTimes.url
data
dropped
C:\Users\user\Favorites\NYTimes.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Reddit.url
data
dropped
C:\Users\user\Favorites\Reddit.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Twitter.url
data
dropped
C:\Users\user\Favorites\Twitter.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Wikipedia.url
data
dropped
C:\Users\user\Favorites\Wikipedia.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Youtube.url
data
dropped
C:\Users\user\Favorites\Youtube.url.vepi (copy)
data
dropped
C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms
data
dropped
C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms.vepi (copy)
data
dropped
There are 287 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\XVM5nluelx.exe
"C:\Users\user\Desktop\XVM5nluelx.exe"
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\dejcbcc
C:\Users\user\AppData\Roaming\dejcbcc
 malicious
C:\Windows\System32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\B88.bat" "
 malicious
C:\Windows\System32\reg.exe
reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
 malicious
C:\Users\user\AppData\Local\Temp\33A3.exe
C:\Users\user\AppData\Local\Temp\33A3.exe
 malicious
C:\Users\user\AppData\Local\Temp\33A3.exe
C:\Users\user\AppData\Local\Temp\33A3.exe
 malicious
C:\Users\user\AppData\Local\Temp\33A3.exe
"C:\Users\user\AppData\Local\Temp\33A3.exe" --Admin IsNotAutoStart IsNotTask
 malicious
C:\Users\user\AppData\Local\Temp\33A3.exe
"C:\Users\user\AppData\Local\Temp\33A3.exe" --Admin IsNotAutoStart IsNotTask
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe --Task
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe --Task
 malicious
C:\Windows\System32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\5C0B.bat" "
 malicious
C:\Windows\System32\reg.exe
reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
"C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
"C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
"C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe
"C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d\33A3.exe" --AutoStart
 malicious
C:\Windows\explorer.exe
explorer.exe
 malicious
C:\Users\user\AppData\Roaming\dejcbcc
C:\Users\user\AppData\Roaming\dejcbcc
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Users\user\AppData\Local\914917ab-8c1c-4917-bfda-a5e2f0055a1d" /deny *S-1-1-0:(OI)(CI)(DE,DC)
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\dllhost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 1028 -s 10828
There are 14 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://trade-inmyus.com/index.php
malicious
http://cajgtus.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54e
unknown
 malicious
http://91.92.253.69/wek.exe
91.92.253.69
 malicious
https://wetransfer.com/downloads/33b490a613f49fa190924f199d2c079e20240512191214/caaf73
unknown
 malicious
http://tradein-myus.com/index.php
malicious
http://193.233.132.167/lend/jfesawdr.exe
193.233.132.167
 malicious
http://sdfjhuz.com/dl/buildz.exe
189.195.132.134
 malicious
https://nessotechbd.com/TEMPradius.exe
192.185.16.114
 malicious
http://trad-einmyus.com/index.php
158.160.165.129
 malicious
http://cajgtus.com/test1/get.php
malicious
https://cdn.discordapp.com/attachments/1234297369122832404/1240152736272744458/Ogsxr.exe?ex=664585bd&is=6644343d&hm=ab86f976d0139ed85f7d9db2329fe1dca0c9135ad507ed65702b0c38a838bc63&
162.159.129.233
 malicious
http://cajgtus.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54
187.170.192.109
 malicious
https://www.safeautomationbd.com/klok.exe
103.174.152.66
 malicious
http://185.154.13.143/feswad.exe
185.154.13.143
 malicious
https://word.office.comon
unknown
https://powerpoint.office.comcember
unknown
https://api.2ip.ua/geo.jsoniu
unknown
http://www.amazon.com/
unknown
https://deff.nelreports.net/api/report?cat=msn
unknown
https://excel.office.com
unknown
http://schemas.micro
unknown
http://www.twitter.com/
unknown
http://www.openssl.org/support/faq.html
unknown
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
unknown
http://cajgtus.com/test1/get.phpw
unknown
https://api.2ip.ua/geo.jsoni~
unknown
https://api.2ip.ua/geo.jsonq
unknown
https://api.2ip.ua/geo.jsonat
unknown
https://api.2ip.ua/geo.jsons
unknown
http://cajgtus.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54-D
unknown
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
unknown
https://api.2ip.ua/q
unknown
http://www.reddit.com/
unknown
https://api.2ip.ua/s
unknown
https://wns.windows.com/)s
unknown
http://www.autoitscript.com/autoit3/J
unknown
http://cajgtus.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54KS
unknown
https://transfer.adttemp.com.br/get/Dztc3/3edag44.exe
104.196.109.209
http://www.nytimes.com/
unknown
https://api.2ip.ua/
unknown
https://api.2ip.ua/gK
unknown
https://api.2ip.ua/geo.jsonW
unknown
https://api.2ip.ua/sK
unknown
https://api.2ip.ua/geo.jsonn~
unknown
https://api.2ip.ua/geo.jsondll7
unknown
https://powerpoint.office.comQkL
unknown
https://api.2ip.ua/geo.json
188.114.97.3
https://outlook.com
unknown
https://api.msn.com/)
unknown
https://api.2ip.ua/geo.json5
unknown
https://api.2ip.ua/geo.jsondll
unknown
https://api.2ip.ua/geo.json7
unknown
https://android.notify.windows.com/iOS
unknown
http://www.youtube.com/
unknown
https://api.2ip.ua/geo.jsonM
unknown
http://www.wikipedia.com/
unknown
https://api.msn.com/
unknown
http://www.live.com/
unknown
http://cajgtus.com/test1/get.php?pid=903E7F261711F85395E5CEFBF4173C54L
unknown
http://crl.v
unknown
https://api.2ip.ua/6
unknown
http://www.google.com/
unknown
There are 52 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
safeautomationbd.com
103.174.152.66
 malicious
sdfjhuz.com
189.195.132.134
 malicious
cajgtus.com
187.170.192.109
 malicious
nessotechbd.com
192.185.16.114
 malicious
cdn.discordapp.com
162.159.129.233
 malicious
trad-einmyus.com
158.160.165.129
 malicious
www.safeautomationbd.com
unknown
 malicious
157.123.68.40.in-addr.arpa
unknown
 malicious
171.39.242.20.in-addr.arpa
unknown
 malicious
api.msn.com
unknown
 malicious
transfer.adttemp.com.br
104.196.109.209
api.2ip.ua
188.114.97.3
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
91.92.253.69
unknown
Bulgaria
malicious
185.154.13.143
unknown
Ukraine
malicious
103.174.152.66
safeautomationbd.com
unknown
malicious
192.185.16.114
nessotechbd.com
United States
malicious
162.159.129.233
cdn.discordapp.com
United States
malicious
158.160.165.129
trad-einmyus.com
Venezuela
malicious
189.195.132.134
sdfjhuz.com
Mexico
malicious
187.170.192.109
cajgtus.com
Mexico
malicious
193.233.132.167
unknown
Russian Federation
malicious
188.114.97.3
api.2ip.ua
European Union
104.196.109.209
transfer.adttemp.com.br
United States
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000F0230
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\nysbaf\NccQngn\Ybpny\914917no-8p1p-4917-osqn-n5r2s0055n1q\33N3.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000110296
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\nysbaf\NccQngn\Ybpny\914917no-8p1p-4917-osqn-n5r2s0055n1q\33N3.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\clicker\key
primary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SysHelper
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion
SysHelper
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.WindowsStore_8wekyb3d8bbwe\ApplicationFrame\Microsoft.WindowsStore_8wekyb3d8bbwe!App
PreferredMinSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\StagingInfo\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}
DriveNumber
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
TotalBytes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
FreeBytes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Blank Disc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Can Close
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Media Type
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Imapi Media State
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
IsImapiDataBurnSupported
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
IsImapiEraseSupported
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Live FS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Disc Label
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Set
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\BackupReminder
BackupReminderToastCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DiskSpaceChecking
LastInstallTimeLowStorageNotify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense\Parameters\BackupReminder
LastTimeBackupReminderNotify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{ad6cc5d8-f1a9-4873-be33-91b2f05e9306}
Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{5d0fa9fb-e2e8-4263-a849-b22baad6d1d8}
Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}
Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{a33c736e-61ca-11ee-8c18-806e6f6e6963}
Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
TraySearchBoxVisible
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
TraySearchBoxVisible
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
InstalledWin32AppsRevision
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000001045A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010450
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010436
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010424
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010420
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010412
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000001040C
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000403FC
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000203F8
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000203EA
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000103E4
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000303CE
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000005032C
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000005030A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000302CA
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000008033E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000030322
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003031E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003031A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000030316
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000006030E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000004036A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000302B4
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000802D6
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003033A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000402D8
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000702C0
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000060398
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000004028E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000302D4
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000602CE
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000302D2
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000070362
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000201A0
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000500C8
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000030366
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
InstalledWin32AppsRevision
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
CheckSetting
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify
PastIconsStream
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify
IconStreams
There are 226 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
400000
remote allocation
page execute and read and write
 malicious
4A30000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
2E30000
direct allocation
page read and write
 malicious
4A00000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
2E51000
unclassified section
page read and write
 malicious
2E51000
unclassified section
page read and write
 malicious
CAC1000
unkown
page execute read
 malicious
4A00000
direct allocation
page execute and read and write
 malicious
49E0000
direct allocation
page execute and read and write
 malicious
4A40000
direct allocation
page execute and read and write
 malicious
2E30000
direct allocation
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
2E90000
unkown
page read and write
8676000
heap
page read and write
3040000
unkown
page read and write
2E7A000
heap
page read and write
8E4B000
stack
page read and write
655000
heap
page read and write
3200000
unkown
page read and write
D1E0000
trusted library allocation
page read and write
C5EE000
heap
page read and write
3220000
unkown
page read and write
F170000
heap
page read and write
2C88000
unkown
page read and write
4AC0000
unkown
page read and write
C4BF000
heap
page read and write
7DF456281000
trusted library allocation
page execute read
88D1000
heap
page read and write
3420000
direct allocation
page read and write
2E90000
unkown
page read and write
C029000
heap
page read and write
856B000
heap
page read and write
C082000
heap
page read and write
3420000
direct allocation
page read and write
C0A9000
heap
page read and write
83B5000
heap
page read and write
7FF5D764F000
unkown
page readonly
3040000
unkown
page read and write
3400000
unkown
page read and write
4EFA000
heap
page read and write
B373000
trusted library allocation
page read and write
8A70000
unkown
page read and write
D343000
trusted library allocation
page read and write
3420000
direct allocation
page read and write
89D0000
heap
page read and write
35A0000
heap
page read and write
7FF5D7799000
unkown
page readonly
88C5000
heap
page read and write
3050000
unkown
page read and write
5B5000
heap
page read and write
3420000
heap
page read and write
2FB0000
remote allocation
page read and write
B130000
remote allocation
page read and write
3050000
unkown
page read and write
9A80000
unkown
page read and write
40F000
unkown
page readonly
2EE1000
heap
page read and write
3040000
unkown
page read and write
C429000
heap
page read and write
9820000
unkown
page read and write
35D5000
unkown
page read and write
7FF5D771A000
unkown
page readonly
3040000
unkown
page read and write
3230000
unkown
page read and write
7DF4F2461000
unkown
page execute read
1B633580000
heap
page read and write
BF32000
heap
page read and write
88D1000
heap
page read and write
4C50000
heap
page read and write
2E90000
unkown
page read and write
401000
unkown
page execute read
7BAE000
heap
page read and write
C2B0000
heap
page read and write
F2EF000
heap
page read and write
89E3000
heap
page read and write
C09B000
heap
page read and write
7FF5D7376000
unkown
page readonly
C43D000
heap
page read and write
101BF000
stack
page read and write
89E7000
heap
page read and write
D40E000
stack
page read and write
3420000
direct allocation
page read and write
1170000
unkown
page read and write
8513000
heap
page read and write
CAE0000
trusted library allocation
page read and write
3050000
unkown
page read and write
8555000
heap
page read and write
10ABF000
unkown
page read and write
2FA7000
heap
page read and write
3040000
unkown
page read and write
B390000
heap
page read and write
8975000
heap
page read and write
7FF5D77C7000
unkown
page readonly
A9DB000
heap
page read and write
860E5DF000
stack
page read and write
C71E000
stack
page read and write
3220000
unkown
page read and write
AA33000
heap
page read and write
4E53000
heap
page read and write
212AB190000
heap
page read and write
3050000
unkown
page read and write
529000
remote allocation
page execute and read and write
1390000
heap
page read and write
3040000
unkown
page read and write
883D000
stack
page read and write
212AB3A0000
heap
page read and write
9820000
unkown
page read and write
7FF5D748C000
unkown
page readonly
3200000
unkown
page read and write
2E90000
unkown
page read and write
4962000
stack
page read and write
75FD000
unkown
page read and write
3420000
direct allocation
page read and write
3040000
unkown
page read and write
8557000
heap
page read and write
3200000
unkown
page read and write
30CA000
heap
page read and write
86E9000
heap
page read and write
400000
unkown
page readonly
8E50000
unkown
page read and write
4AA000
unkown
page read and write
7F2A000
stack
page read and write
3230000
unkown
page read and write
B0E000
stack
page read and write
89E3000
heap
page read and write
7FF5D71E6000
unkown
page readonly
8552000
heap
page read and write
2F3F000
stack
page read and write
1170000
unkown
page read and write
68E000
stack
page read and write
C084000
heap
page read and write
9820000
unkown
page read and write
8916000
heap
page read and write
2E90000
unkown
page read and write
2DC0000
heap
page read and write
86B4000
heap
page read and write
7FF5D7292000
unkown
page readonly
3420000
direct allocation
page read and write
7FF5D69BB000
unkown
page readonly
3040000
unkown
page read and write
4FB4000
heap
page read and write
3420000
direct allocation
page read and write
D020000
heap
page read and write
C0AC000
heap
page read and write
52B000
remote allocation
page execute and read and write
3230000
unkown
page read and write
A9D9000
heap
page read and write
4B7A000
stack
page read and write
C3F0000
heap
page read and write
3040000
unkown
page read and write
2E90000
unkown
page read and write
212AB3F0000
heap
page read and write
3420000
direct allocation
page read and write
3040000
unkown
page read and write
3230000
unkown
page read and write
400000
unkown
page readonly
854A000
heap
page read and write
7C0C000
heap
page read and write
2E90000
unkown
page read and write
BFAC000
heap
page read and write
D6DA000
stack
page read and write
7DF456241000
trusted library allocation
page execute read
650000
heap
page read and write
3040000
unkown
page read and write
7BE4000
heap
page read and write
104FB000
unkown
page read and write
7C26000
heap
page read and write
3420000
direct allocation
page read and write
7DF4F2491000
unkown
page execute read
8916000
heap
page read and write
2D04000
heap
page read and write
2A0F000
stack
page read and write
7B9F000
heap
page read and write
529000
remote allocation
page execute and read and write
7DF456261000
trusted library allocation
page execute read
9820000
unkown
page read and write
9AA8000
unkown
page read and write
850D000
heap
page read and write
8552000
heap
page read and write
7FF5D7482000
unkown
page readonly
1F0000
heap
page read and write
401000
unkown
page execute read
10474000
unkown
page read and write
D320000
trusted library allocation
page read and write
7BAE000
heap
page read and write
3420000
direct allocation
page read and write
40F000
unkown
page readonly
89F1000
heap
page read and write
C09C000
heap
page read and write
3420000
direct allocation
page read and write
3200000
unkown
page read and write
7BB5000
heap
page read and write
3240000
unkown
page read and write
2A68000
stack
page read and write
854A000
heap
page read and write
658000
heap
page read and write
C0BA000
stack
page read and write
853B000
stack
page read and write
4CC0000
heap
page read and write
6F5000
heap
page read and write
7FF5D75F9000
unkown
page readonly
2E90000
unkown
page read and write
3040000
unkown
page read and write
83FA5FE000
stack
page read and write
7FF5D77A4000
unkown
page readonly
3039000
stack
page read and write
7FF5D77F7000
unkown
page readonly
7C31000
unkown
page read and write
D220000
trusted library allocation
page read and write
2E90000
unkown
page read and write
3230000
unkown
page read and write
2B50000
trusted library allocation
page read and write
86FE000
heap
page read and write
7FF5D77DA000
unkown
page readonly
9820000
unkown
page read and write
66A000
heap
page read and write
B7EF000
stack
page read and write
84C9000
heap
page read and write
2E9E000
stack
page read and write
C150000
heap
page read and write
88C2000
heap
page read and write
C338000
heap
page read and write
1B633240000
heap
page read and write
2E90000
unkown
page read and write
8555000
heap
page read and write
2B70000
heap
page read and write
2E60000
remote allocation
page read and write
CAE0000
trusted library allocation
page read and write
9C000
stack
page read and write
2E90000
unkown
page read and write
3040000
unkown
page read and write
4D9B000
heap
page read and write
3170000
unkown
page read and write
670000
heap
page read and write
89DA000
heap
page read and write
C2F5000
heap
page read and write
35DC000
unkown
page read and write
7FF5D77E3000
unkown
page readonly
C0AC000
heap
page read and write
1900D610000
heap
page read and write
9EAC000
stack
page read and write
3230000
unkown
page read and write
3200000
unkown
page read and write
7FF5D75BF000
unkown
page readonly
3420000
direct allocation
page read and write
89D0000
heap
page read and write
7FF5D75F2000
unkown
page readonly
49FD000
unkown
page read and write
94AB000
stack
page read and write
3050000
unkown
page read and write
C44F000
stack
page read and write
2D09000
unkown
page readonly
7FF5D75A6000
unkown
page readonly
3050000
unkown
page read and write
7DF456291000
trusted library allocation
page execute read
83F2000
heap
page read and write
BA6D000
stack
page read and write
7FF5D776F000
unkown
page readonly
2F70000
heap
page read and write
3070000
unkown
page read and write
650000
heap
page read and write
2E90000
unkown
page read and write
A9FD000
unkown
page read and write
3040000
unkown
page read and write
2E90000
unkown
page read and write
8980000
unkown
page read and write
7DF456280000
trusted library allocation
page readonly
3230000
unkown
page read and write
8513000
heap
page read and write
3200000
unkown
page read and write
418000
unkown
page write copy
3040000
unkown
page read and write
4986000
unkown
page read and write
42C000
unkown
page read and write
9820000
unkown
page read and write
C033000
heap
page read and write
2D60000
heap
page read and write
7A7000
heap
page read and write
2F27000
heap
page read and write
8916000
heap
page read and write
1350000
unkown
page readonly
3040000
unkown
page read and write
89F1000
heap
page read and write
3050000
unkown
page read and write
6CE000
stack
page read and write
7B32000
heap
page read and write
3060000
unkown
page read and write
410000
unkown
page readonly
C2C6000
heap
page read and write
266E000
stack
page read and write
3040000
unkown
page read and write
7FF5D7230000
unkown
page readonly
7FF5D762F000
unkown
page readonly
288F000
stack
page read and write
319F000
stack
page read and write
779E000
unkown
page read and write
84C0000
unkown
page read and write
8980000
unkown
page read and write
7FF5D76D7000
unkown
page readonly
C5F0000
unkown
page read and write
8691000
heap
page read and write
6C7000
heap
page read and write
35CD000
unkown
page read and write
D270000
trusted library allocation
page read and write
3220000
unkown
page read and write
3220000
unkown
page read and write
7FF5D71D7000
unkown
page readonly
88E3000
heap
page read and write
4F8C000
heap
page read and write
3420000
direct allocation
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
C162000
heap
page read and write
9C37000
stack
page read and write
B47F000
stack
page read and write
8CF000
stack
page read and write
C053000
heap
page read and write
1170000
unkown
page read and write
3220000
unkown
page read and write
3420000
direct allocation
page read and write
89E3000
heap
page read and write
3220000
unkown
page read and write
7C26000
heap
page read and write
C32B000
heap
page read and write
88CB000
heap
page read and write
104F6000
unkown
page read and write
3040000
unkown
page read and write
7605000
unkown
page read and write
A273000
unkown
page read and write
855D000
heap
page read and write
9820000
unkown
page read and write
9EE0000
unkown
page read and write
9E2E000
stack
page read and write
9B2C000
unkown
page read and write
2F5F000
stack
page read and write
4F58000
heap
page read and write
7FF5D72C8000
unkown
page readonly
278E000
stack
page read and write
3420000
direct allocation
page read and write
2E8B000
heap
page execute and read and write
410000
unkown
page readonly
410000
unkown
page readonly
84BB000
stack
page read and write
C0C5000
heap
page read and write
2E5E000
stack
page read and write
8575000
heap
page read and write
2E90000
unkown
page read and write
1170000
unkown
page read and write
8774000
heap
page read and write
2E70000
heap
page read and write
418000
unkown
page write copy
85A5000
heap
page read and write
4E5B000
heap
page read and write
84C0000
unkown
page read and write
3050000
unkown
page read and write
3040000
unkown
page read and write
85FE000
heap
page read and write
795000
heap
page read and write
AA0C000
unkown
page read and write
7FF5D71AF000
unkown
page readonly
3220000
unkown
page read and write
86B5000
heap
page read and write
3040000
unkown
page read and write
A1AF000
stack
page read and write
89DA000
heap
page read and write
2E90000
unkown
page read and write
401000
unkown
page execute read
7A50000
heap
page read and write
3200000
unkown
page read and write
D313000
trusted library allocation
page read and write
3420000
direct allocation
page read and write
C081000
heap
page read and write
3220000
unkown
page read and write
8552000
heap
page read and write
1170000
unkown
page read and write
C162000
heap
page read and write
9820000
unkown
page read and write
529000
remote allocation
page execute and read and write
2FB1000
heap
page read and write
4FC2000
heap
page read and write
2FB0000
heap
page read and write
7B43000
heap
page read and write
8561000
heap
page read and write
1170000
unkown
page read and write
BD1A000
heap
page read and write
A3B6000
unkown
page read and write
2FB0000
remote allocation
page read and write
C09B000
heap
page read and write
3420000
direct allocation
page read and write
8557000
heap
page read and write
2FB0000
remote allocation
page read and write
2E90000
unkown
page read and write
7FF5D772C000
unkown
page readonly
8565000
heap
page read and write
3050000
unkown
page read and write
400000
unkown
page readonly
3230000
unkown
page read and write
7FF5D774C000
unkown
page readonly
D300000
trusted library allocation
page read and write
3420000
direct allocation
page read and write
3420000
direct allocation
page read and write
8A3B000
heap
page read and write
7FF5D744E000
unkown
page readonly
52B000
remote allocation
page execute and read and write
8944000
heap
page read and write
2FB1000
heap
page read and write
8B7C000
unkown
page read and write
9820000
unkown
page read and write
C35C000
heap
page read and write
3050000
unkown
page read and write
3220000
unkown
page read and write
4FB9000
heap
page read and write
9C000
stack
page read and write
3040000
unkown
page read and write
655000
heap
page read and write
C8E2000
unkown
page read and write
49FA000
unkown
page read and write
3050000
unkown
page read and write
83BD000
heap
page read and write
4FCA000
heap
page read and write
C425000
heap
page read and write
2BDE000
stack
page read and write
7B20000
unkown
page read and write
4DA3000
heap
page read and write
8A3B000
heap
page read and write
E841000
unkown
page read and write
3040000
unkown
page read and write
89F1000
heap
page read and write
2FAE000
stack
page read and write
854A000
heap
page read and write
3040000
unkown
page read and write
3050000
unkown
page read and write
9DF000
stack
page read and write
8DCB000
stack
page read and write
7BDB000
heap
page read and write
7BE6000
heap
page read and write
B4D0000
unkown
page readonly
2EB7000
heap
page execute and read and write
8A39000
heap
page read and write
748000
heap
page read and write
28AF000
stack
page read and write
7FF5D7705000
unkown
page readonly
1170000
unkown
page read and write
9AAA000
unkown
page read and write
7A54000
heap
page read and write
2F4A000
heap
page read and write
2D06000
unkown
page read and write
2E90000
unkown
page read and write
7FF5D7452000
unkown
page readonly
3050000
unkown
page read and write
3050000
unkown
page read and write
19C000
stack
page read and write
C2CC000
heap
page read and write
83B4000
heap
page read and write
1383000
heap
page read and write
4D9F000
heap
page read and write
C61D000
unkown
page read and write
400000
unkown
page readonly
86FE000
heap
page read and write
C081000
heap
page read and write
7FF5D7752000
unkown
page readonly
8916000
heap
page read and write
9820000
unkown
page read and write
2EA0000
heap
page read and write
417000
unkown
page write copy
88D1000
heap
page read and write
3230000
unkown
page read and write
AA4D000
heap
page read and write
2E90000
unkown
page read and write
2FA0000
heap
page read and write
7AD000
heap
page read and write
3420000
direct allocation
page read and write
5C0000
heap
page read and write
AA68000
heap
page read and write
7A7E000
heap
page read and write
F3F0000
heap
page read and write
BEA0000
unkown
page readonly
7AF000
heap
page read and write
493F000
stack
page read and write
89E7000
heap
page read and write
BB10000
heap
page read and write
30AF000
stack
page read and write
3100000
unkown
page read and write
2E90000
unkown
page read and write
797000
heap
page read and write
9EE0000
unkown
page read and write
7BCE000
heap
page read and write
3050000
unkown
page read and write
3230000
unkown
page read and write
C0AC000
heap
page read and write
410000
unkown
page readonly
2A6E000
stack
page read and write
7BB5000
heap
page read and write
7FF5D738E000
unkown
page readonly
7FF5D77CD000
unkown
page readonly
C162000
heap
page read and write
2E30000
direct allocation
page read and write
2D1E000
stack
page read and write
3040000
unkown
page read and write
C162000
heap
page read and write
2EB0000
heap
page read and write
4E42000
heap
page read and write
3040000
unkown
page read and write
3040000
unkown
page read and write
BF67000
heap
page read and write
8623000
heap
page read and write
8B3B000
stack
page read and write
4900000
heap
page read and write
3420000
direct allocation
page read and write
7DF4562A1000
trusted library allocation
page execute read
C611000
heap
page read and write
7BDA000
heap
page read and write
3200000
unkown
page read and write
A3EF000
stack
page read and write
3420000
direct allocation
page read and write
410000
unkown
page readonly
2EAE000
heap
page execute and read and write
3040000
unkown
page read and write
BF0000
heap
page read and write
35C9000
unkown
page read and write
889B000
heap
page read and write
89F1000
heap
page read and write
1B633540000
heap
page read and write
89E5000
heap
page read and write
3230000
unkown
page read and write
8944000
heap
page read and write
2F5F000
stack
page read and write
E450000
unkown
page read and write
580000
heap
page read and write
3040000
unkown
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
C09B000
heap
page read and write
2A6E000
stack
page read and write
3040000
unkown
page read and write
89E5000
heap
page read and write
4CA0000
heap
page read and write
212AB1E0000
heap
page read and write
7DF456271000
trusted library allocation
page execute read
4EEB000
heap
page read and write
7B00000
unkown
page readonly
2E90000
unkown
page read and write
7DF4561F0000
trusted library allocation
page readonly
C642000
unkown
page read and write
9EE0000
unkown
page read and write
61A000
heap
page read and write
2D70000
heap
page read and write
13A0000
unkown
page readonly
3230000
unkown
page read and write
89E7000
heap
page read and write
84C0000
unkown
page read and write
4FB7000
heap
page read and write
8774000
heap
page read and write
C0DE000
heap
page read and write
2FB1000
heap
page read and write
7BDB000
heap
page read and write
66F000
heap
page read and write
3220000
unkown
page read and write
D430000
trusted library allocation
page read and write
2E30000
direct allocation
page read and write
C029000
heap
page read and write
9AF9000
unkown
page read and write
3200000
unkown
page read and write
6F0000
heap
page read and write
83B9000
heap
page read and write
C1DC000
heap
page read and write
89DA000
heap
page read and write
D2FB000
stack
page read and write
7FF5CE343000
unkown
page readonly
7B42000
heap
page read and write
2EA1000
unkown
page read and write
3050000
unkown
page read and write
3050000
unkown
page read and write
30EE000
stack
page read and write
B96000
heap
page read and write
2E90000
unkown
page read and write
7FF5D748A000
unkown
page readonly
2B6E000
stack
page read and write
8916000
heap
page read and write
2E4E000
stack
page read and write
8548000
heap
page read and write
D4DB000
stack
page read and write
F2BA000
heap
page read and write
663000
heap
page read and write
89DA000
heap
page read and write
C137000
heap
page read and write
52B000
remote allocation
page execute and read and write
2D94000
heap
page read and write
4D60000
heap
page read and write
1170000
unkown
page read and write
C16F000
heap
page read and write
2FB0000
heap
page read and write
C081000
heap
page read and write
C022000
heap
page read and write
8521000
heap
page read and write
3050000
unkown
page read and write
7C0C000
heap
page read and write
BFB8000
stack
page read and write
19C000
stack
page read and write
85A5000
heap
page read and write
7FF5D72D3000
unkown
page readonly
B1BE000
stack
page read and write
7DC0000
unkown
page readonly
2B6D000
stack
page read and write
8548000
heap
page read and write
3050000
unkown
page read and write
A12F000
stack
page read and write
C57A000
heap
page read and write
89E7000
heap
page read and write
F34F000
unkown
page read and write
19C000
stack
page read and write
418000
unkown
page write copy
7FF5D71C8000
unkown
page readonly
1057B000
unkown
page read and write
7FF5D758D000
unkown
page readonly
3230000
unkown
page read and write
3050000
unkown
page read and write
7B22000
heap
page read and write
897E000
stack
page read and write
40F000
unkown
page readonly
9820000
unkown
page read and write
278F000
stack
page read and write
D300000
trusted library allocation
page read and write
3230000
unkown
page read and write
4A12000
unkown
page read and write
7FF5D71DA000
unkown
page readonly
3420000
direct allocation
page read and write
7FF5D770A000
unkown
page readonly
3040000
unkown
page read and write
3230000
unkown
page read and write
3070000
unkown
page read and write
3060000
unkown
page read and write
3050000
unkown
page read and write
BF79000
heap
page read and write
4970000
heap
page read and write
8975000
heap
page read and write
260F000
stack
page read and write
1170000
unkown
page read and write
3040000
unkown
page read and write
88DD000
heap
page read and write
869D000
heap
page read and write
264F000
stack
page read and write
410000
unkown
page readonly
88D1000
heap
page read and write
B9EE000
stack
page read and write
C65E000
unkown
page read and write
850F000
heap
page read and write
C0AC000
heap
page read and write
3050000
unkown
page read and write
8975000
heap
page read and write
3420000
direct allocation
page read and write
7FF5D7429000
unkown
page readonly
89DA000
heap
page read and write
8557000
heap
page read and write
83A8000
heap
page read and write
AA36000
heap
page read and write
3050000
unkown
page read and write
3040000
unkown
page read and write
C3FE000
heap
page read and write
401000
unkown
page execute read
2E90000
unkown
page read and write
9B41000
unkown
page read and write
7FF5D71E0000
unkown
page readonly
AA0A000
unkown
page read and write
3420000
direct allocation
page read and write
7FF5D7398000
unkown
page readonly
3050000
unkown
page read and write
2E90000
unkown
page read and write
4A00000
heap
page read and write
8623000
heap
page read and write
4E49000
heap
page read and write
84C0000
stack
page read and write
31FC000
stack
page read and write
1B6333D1000
heap
page read and write
8636000
heap
page read and write
3220000
unkown
page read and write
7FF5D752F000
unkown
page readonly
977E000
stack
page read and write
7FF5D77FD000
unkown
page readonly
B3B0000
trusted library allocation
page read and write
8E50000
unkown
page read and write
2A10000
heap
page read and write
2F3F000
stack
page read and write
A3C3000
unkown
page read and write
4C90000
heap
page read and write
7FF5D7455000
unkown
page readonly
89FE000
stack
page read and write
89D0000
heap
page read and write
7FF5D74A6000
unkown
page readonly
7FF5D732D000
unkown
page readonly
3220000
unkown
page read and write
83FA10C000
stack
page read and write
8F3A000
stack
page read and write
7B65000
heap
page read and write
8975000
heap
page read and write
8423000
heap
page read and write
89E7000
heap
page read and write
4970000
heap
page read and write
7FF5D743F000
unkown
page readonly
3040000
unkown
page read and write
3040000
unkown
page read and write
2EA5000
heap
page read and write
3230000
unkown
page read and write
2F7E000
stack
page read and write
3420000
direct allocation
page read and write
2CBE000
stack
page read and write
42C000
unkown
page read and write
109A1000
unkown
page read and write
3050000
unkown
page read and write
856D000
heap
page read and write
D1D0000
trusted library allocation
page read and write
3220000
unkown
page read and write
2C8B000
unkown
page readonly
3040000
unkown
page read and write
7FF5D781A000
unkown
page readonly
BFAC000
heap
page read and write
410000
unkown
page readonly
2E1E000
stack
page read and write
3040000
unkown
page read and write
933000
heap
page read and write
3220000
unkown
page read and write
AA07000
unkown
page read and write
C1A3000
heap
page read and write
4EEE000
heap
page read and write
C3CA000
heap
page read and write
A9F6000
heap
page read and write
3040000
unkown
page read and write
7FF5D751F000
unkown
page readonly
2DB0000
heap
page read and write
8944000
heap
page read and write
8A39000
heap
page read and write
868B000
heap
page read and write
1020000
heap
page read and write
C09C000
heap
page read and write
C4C8000
heap
page read and write
7FF5D76F5000
unkown
page readonly
494F000
stack
page read and write
7FF5D7336000
unkown
page readonly
670000
heap
page read and write
8944000
heap
page read and write
580000
heap
page read and write
3230000
unkown
page read and write
274F000
stack
page read and write
C2B4000
heap
page read and write
89E5000
heap
page read and write
8905000
heap
page read and write
3050000
unkown
page read and write
8CBB000
stack
page read and write
C1C9000
heap
page read and write
7FF5D7593000
unkown
page readonly
2E90000
unkown
page read and write
9D3D000
stack
page read and write
3420000
direct allocation
page read and write
8A3B000
heap
page read and write
26797B70000
heap
page read and write
C60A000
heap
page read and write
3050000
unkown
page read and write
84C0000
unkown
page read and write
2E3E000
stack
page read and write
3220000
unkown
page read and write
8D3E000
stack
page read and write
4FCD000
heap
page read and write
C162000
heap
page read and write
3220000
unkown
page read and write
8BB0000
trusted library allocation
page read and write
295F000
stack
page read and write
881B000
stack
page read and write
3420000
direct allocation
page read and write
3040000
unkown
page read and write
C11F000
heap
page read and write
4DED000
heap
page read and write
89E3000
heap
page read and write
3040000
unkown
page read and write
2C8B000
unkown
page readonly
BE49000
stack
page read and write
AAA9000
unkown
page read and write
89F1000
heap
page read and write
3040000
unkown
page read and write
B85A000
stack
page read and write
C082000
heap
page read and write
C441000
heap
page read and write
8584000
heap
page read and write
4AA000
unkown
page read and write
2F70000
remote allocation
page read and write
3040000
unkown
page read and write
8C39000
stack
page read and write
2E88000
heap
page read and write
410000
unkown
page readonly
108A7000
unkown
page read and write
102BB000
stack
page read and write
1B633320000
heap
page read and write
2D06000
unkown
page read and write
9780000
unkown
page read and write
3420000
direct allocation
page read and write
8780000
trusted library allocation
page read and write
C47F000
unkown
page read and write
2E90000
unkown
page read and write
1B6333E2000
heap
page read and write
5C0000
heap
page read and write
2FB0000
remote allocation
page read and write
7FF5D7284000
unkown
page readonly
9820000
unkown
page read and write
C41D000
heap
page read and write
212AB1F2000
heap
page read and write
400000
unkown
page readonly
8659000
heap
page read and write
410000
unkown
page readonly
C0A9000
heap
page read and write
3040000
unkown
page read and write
A9BA000
heap
page read and write
3220000
unkown
page read and write
4F5C000
heap
page read and write
838C000
heap
page read and write
4E58000
heap
page read and write
3220000
unkown
page read and write
7FF5D7691000
unkown
page readonly
C423000
heap
page read and write
7FF5D72DF000
unkown
page readonly
86B9000
heap
page read and write
7BAE000
heap
page read and write
C129000
heap
page read and write
290E000
stack
page read and write
D330000
trusted library allocation
page read and write
8E80000
unkown
page read and write
C472000
unkown
page read and write
1170000
unkown
page read and write
4C60000
heap
page read and write
C605000
unkown
page read and write
4AB0000
unkown
page read and write
3050000
unkown
page read and write
2F20000
heap
page read and write
2DEE000
stack
page read and write
3220000
unkown
page read and write
7FF5D75D6000
unkown
page readonly
7FF5D74FA000
unkown
page readonly
854A000
heap
page read and write
6A0000
heap
page read and write
C604000
heap
page read and write
8FD000
heap
page read and write
8975000
heap
page read and write
91F0000
unkown
page readonly
7B2000
heap
page read and write
A9B8000
heap
page read and write
2E20000
direct allocation
page execute and read and write
3050000
unkown
page read and write
400000
unkown
page readonly
C439000
heap
page read and write
B8D000
stack
page read and write
C3A1000
heap
page read and write
D200000
trusted library allocation
page read and write
B8DB000
stack
page read and write
A40E000
unkown
page read and write
C611000
heap
page read and write
866F000
heap
page read and write
8916000
heap
page read and write
7E58000
stack
page read and write
9820000
unkown
page read and write
7BF000
heap
page read and write
362D000
unkown
page read and write
8944000
heap
page read and write
2CAE000
stack
page read and write
AFBE000
stack
page read and write
35B3000
unkown
page read and write
7810000
unkown
page read and write
7FF5D7244000
unkown
page readonly
7BCE000
heap
page read and write
8A00000
unkown
page read and write
3420000
direct allocation
page read and write
C363000
heap
page read and write
8870000
unkown
page readonly
52B000
remote allocation
page execute and read and write
7C0C000
heap
page read and write
3420000
direct allocation
page read and write
9B000
stack
page read and write
3420000
direct allocation
page read and write
1C7C47D000
stack
page read and write
3240000
unkown
page read and write
9820000
unkown
page read and write
3050000
unkown
page read and write
3420000
direct allocation
page read and write
9820000
unkown
page read and write
C5F8000
unkown
page read and write
D270000
trusted library allocation
page read and write
9C000
stack
page read and write
3040000
unkown
page read and write
8423000
heap
page read and write
9820000
unkown
page read and write
A970000
heap
page read and write
2E90000
unkown
page read and write
8A39000
heap
page read and write
3240000
unkown
page read and write
83C6000
heap
page read and write
8557000
heap
page read and write
ADED000
stack
page read and write
A3AC000
unkown
page read and write
3220000
unkown
page read and write
98FD000
stack
page read and write
83C6000
heap
page read and write
880000
heap
page read and write
4E58000
heap
page read and write
7B2C000
heap
page read and write
9BA3000
unkown
page read and write
B77000
heap
page read and write
7DF4F2471000
unkown
page execute read
2C8B000
unkown
page readonly
103F4000
unkown
page read and write
3420000
direct allocation
page read and write
2C88000
unkown
page read and write
3040000
unkown
page read and write
F338000
unkown
page read and write
86CC000
heap
page read and write
8385000
heap
page read and write
C2CA000
heap
page read and write
3230000
unkown
page read and write
AE6E000
stack
page read and write
10534000
unkown
page read and write
3420000
direct allocation
page read and write
7FF5D66E3000
unkown
page readonly
3050000
unkown
page read and write
418000
unkown
page write copy
7440000
unkown
page read and write
C609000
unkown
page read and write
418000
unkown
page write copy
4AB000
unkown
page write copy
7FF5D7797000
unkown
page readonly
85A5000
heap
page read and write
8385000
heap
page read and write
1170000
unkown
page read and write
9820000
unkown
page read and write
3220000
unkown
page read and write
F32D000
unkown
page read and write
3040000
unkown
page read and write
89F1000
heap
page read and write
B4BF000
stack
page read and write
7B42000
heap
page read and write
400000
unkown
page execute and read and write
7FF5D7073000
unkown
page readonly
3220000
unkown
page read and write
8944000
heap
page read and write
8C3B000
stack
page read and write
3040000
unkown
page read and write
C575000
heap
page read and write
4A16000
unkown
page read and write
35C1000
unkown
page read and write
655000
heap
page read and write
3230000
unkown
page read and write
3040000
unkown
page read and write
2D09000
unkown
page readonly
3420000
direct allocation
page read and write
B4FB000
stack
page read and write
3050000
unkown
page read and write
84C0000
unkown
page read and write
A251000
unkown
page read and write
1170000
unkown
page read and write
85A5000
heap
page read and write
3420000
direct allocation
page read and write
8916000
heap
page read and write
418000
unkown
page write copy
3420000
direct allocation
page read and write
A237000
unkown
page read and write
89E5000
heap
page read and write
C421000
heap
page read and write
5330000
unkown
page write copy
C033000
heap
page read and write
3050000
unkown
page read and write
C615000
unkown
page read and write
33F0000
unkown
page read and write
8975000
heap
page read and write
C09B000
heap
page read and write
2DF0000
heap
page read and write
3150000
heap
page read and write
40B000
unkown
page execute read
3040000
unkown
page read and write
7DF4F2480000
unkown
page readonly
35B0000
unkown
page read and write
3420000
direct allocation
page read and write
B130000
remote allocation
page read and write
2E90000
unkown
page read and write
8A3B000
heap
page read and write
1170000
unkown
page read and write
850D000
heap
page read and write
7FF5D723F000
unkown
page readonly
7DF456251000
trusted library allocation
page execute read
4DDA000
heap
page read and write
8E80000
unkown
page read and write
F3F2000
heap
page read and write
619000
heap
page read and write
3220000
unkown
page read and write
3230000
unkown
page read and write
C8E8000
unkown
page read and write
9A84000
unkown
page read and write
2E90000
unkown
page read and write
3200000
unkown
page read and write
C31D000
heap
page read and write
F321000
unkown
page read and write
C891000
unkown
page read and write
7A1000
heap
page read and write
3040000
unkown
page read and write
B950000
unkown
page readonly
7FF5D72D0000
unkown
page readonly
8774000
heap
page read and write
3220000
unkown
page read and write
B130000
remote allocation
page read and write
2ECB000
heap
page execute and read and write
C084000
heap
page read and write
4CA0000
heap
page read and write
35D1000
unkown
page read and write
4F53000
heap
page read and write
193000
stack
page read and write
2E90000
unkown
page read and write
C7CB000
unkown
page read and write
3420000
direct allocation
page read and write
C049000
heap
page read and write
3270000
unkown
page read and write
3220000
unkown
page read and write
83C3000
heap
page read and write
3220000
unkown
page read and write
C133000
heap
page read and write
2E90000
heap
page read and write
866F000
heap
page read and write
8944000
heap
page read and write
2E90000
unkown
page read and write
2EC0000
unkown
page readonly
4E5E000
heap
page read and write
7FF5D775C000
unkown
page readonly
A313000
unkown
page read and write
3050000
unkown
page read and write
3050000
unkown
page read and write
3420000
direct allocation
page read and write
410000
unkown
page readonly
3420000
direct allocation
page read and write
9780000
unkown
page read and write
40F000
unkown
page readonly
3240000
unkown
page read and write
8676000
heap
page read and write
3040000
unkown
page read and write
2E20000
direct allocation
page execute and read and write
1F0000
heap
page read and write
9780000
unkown
page read and write
8380000
heap
page read and write
690000
heap
page read and write
4BD0000
heap
page read and write
4AA0000
unkown
page read and write
85FE000
heap
page read and write
C621000
unkown
page read and write
B370000
trusted library allocation
page read and write
42C000
unkown
page read and write
C413000
heap
page read and write
1900D6F0000
heap
page read and write
3040000
unkown
page read and write
8555000
heap
page read and write
8A3B000
heap
page read and write
86F6000
heap
page read and write
2F40000
heap
page read and write
1B6333A0000
heap
page read and write
7FF5D77B6000
unkown
page readonly
3240000
unkown
page read and write
7C0C000
heap
page read and write
410000
unkown
page readonly
3220000
unkown
page read and write
410000
unkown
page readonly
7FF5D7462000
unkown
page readonly
418000
unkown
page write copy
AA40000
unkown
page read and write
C0DE000
heap
page read and write
3453000
stack
page read and write
7BF8000
heap
page read and write
1170000
unkown
page read and write
AA8F000
heap
page read and write
3040000
unkown
page read and write
2E90000
unkown
page read and write
7A56000
heap
page read and write
2D09000
unkown
page readonly
7FF5D71BF000
unkown
page readonly
7FF5D7558000
unkown
page readonly
4C20000
direct allocation
page read and write
3040000
unkown
page read and write
3200000
unkown
page read and write
3220000
unkown
page read and write
3040000
unkown
page read and write
2E90000
unkown
page read and write
3070000
unkown
page read and write
7FF5D75AF000
unkown
page readonly
3220000
unkown
page read and write
3220000
unkown
page read and write
3050000
unkown
page read and write
7FF5D7438000
unkown
page readonly
3140000
unkown
page read and write
7FF5D723C000
unkown
page readonly
2CEE000
stack
page read and write
7BE7000
heap
page read and write
3040000
unkown
page read and write
BF7C000
heap
page read and write
3050000
unkown
page read and write
3220000
unkown
page read and write
306A000
heap
page read and write
8841000
heap
page read and write
C12B000
heap
page read and write
9A72000
unkown
page read and write
3040000
unkown
page read and write
8975000
heap
page read and write
8916000
heap
page read and write
7BDA000
heap
page read and write
A416000
unkown
page read and write
C16D000
heap
page read and write
7693000
unkown
page read and write
9EE0000
unkown
page read and write
7C2D000
heap
page read and write
88B4000
heap
page read and write
3220000
unkown
page read and write
7FF5D766E000
unkown
page readonly
4E44000
heap
page read and write
2A10000
heap
page read and write
C81C000
unkown
page read and write
2BAE000
stack
page read and write
7611000
unkown
page read and write
3040000
unkown
page read and write
3050000
unkown
page read and write
2FB1000
heap
page read and write
A11A000
stack
page read and write
C0B1000
heap
page read and write
1F0000
heap
page read and write
19C000
stack
page read and write
C09B000
heap
page read and write
3230000
unkown
page read and write
85E4000
heap
page read and write
3040000
unkown
page read and write
2C88000
unkown
page read and write
3160000
unkown
page read and write
88D4000
heap
page read and write
3230000
unkown
page read and write
8917000
heap
page read and write
2CEE000
stack
page read and write
7A8000
heap
page read and write
C09B000
heap
page read and write
7FF5D72CE000
unkown
page readonly
2D06000
unkown
page read and write
3240000
unkown
page read and write
3031000
unkown
page read and write
3520000
unkown
page readonly
3050000
unkown
page read and write
760D000
unkown
page read and write
7FF5D75E9000
unkown
page readonly
3050000
unkown
page read and write
7C26000
heap
page read and write
2F1E000
stack
page read and write
C4FE000
heap
page read and write
1170000
unkown
page read and write
2EBA000
heap
page read and write
3240000
unkown
page read and write
2CC1000
heap
page read and write
88D7000
heap
page read and write
89D0000
heap
page read and write
52B000
remote allocation
page execute and read and write
9820000
unkown
page read and write
8423000
heap
page read and write
7FF5D76CD000
unkown
page readonly
89E3000
heap
page read and write
7FF5D7425000
unkown
page readonly
C400000
heap
page read and write
888000
heap
page read and write
49FF000
stack
page read and write
C143000
heap
page read and write
8699000
heap
page read and write
83AC000
heap
page read and write
3050000
unkown
page read and write
D1E0000
trusted library allocation
page read and write
89DA000
heap
page read and write
2E80000
heap
page read and write
7C07000
heap
page read and write
8584000
heap
page read and write
3040000
unkown
page read and write
A286000
unkown
page read and write
3040000
unkown
page read and write
4FCD000
heap
page read and write
9820000
unkown
page read and write
7AB0000
unkown
page read and write
C022000
heap
page read and write
89DA000
heap
page read and write
1F0000
heap
page read and write
84C0000
unkown
page read and write
96FE000
stack
page read and write
3050000
unkown
page read and write
84C0000
unkown
page read and write
3420000
direct allocation
page read and write
3040000
unkown
page read and write
CB10000
heap
page read and write
2CFE000
stack
page read and write
31EF000
stack
page read and write
2E90000
unkown
page read and write
400000
unkown
page readonly
7B2C000
heap
page read and write
7FF5D760E000
unkown
page readonly
48BF000
stack
page read and write
C12D000
heap
page read and write
2E90000
unkown
page read and write
C0A9000
heap
page read and write
400000
unkown
page readonly
7DF456290000
trusted library allocation
page readonly
84C0000
unkown
page read and write
D410000
trusted library allocation
page read and write
10572000
unkown
page read and write
E00000
unkown
page readonly
8A3B000
heap
page read and write
C3D0000
heap
page read and write
7FF5D7488000
unkown
page readonly
C0C0000
heap
page read and write
3040000
unkown
page read and write
2C8B000
unkown
page readonly
2BAE000
stack
page read and write
3420000
direct allocation
page read and write
83A6000
heap
page read and write
C2A0000
heap
page read and write
30BE000
stack
page read and write
2E1E000
stack
page read and write
35F4000
unkown
page read and write
3200000
unkown
page read and write
89E7000
heap
page read and write
89E7000
heap
page read and write
3040000
unkown
page read and write
2FB0000
remote allocation
page read and write
3420000
direct allocation
page read and write
529000
remote allocation
page execute and read and write
4C70000
heap
page read and write
2E90000
unkown
page read and write
7FF5D7648000
unkown
page readonly
C0A9000
heap
page read and write
3220000
unkown
page read and write
7BB5000
heap
page read and write
9820000
unkown
page read and write
3200000
unkown
page read and write
4F56000
heap
page read and write
7DF4561D0000
trusted library allocation
page readonly
2FB7000
stack
page read and write
8584000
heap
page read and write
89F1000
heap
page read and write
275F000
stack
page read and write
C0BF000
heap
page read and write
7FF5D779E000
unkown
page readonly
2E90000
unkown
page read and write
7FF5D706E000
unkown
page readonly
7FF5D75DF000
unkown
page readonly
86F6000
heap
page read and write
212AB3C0000
heap
page read and write
4E5E000
heap
page read and write
C4DC000
unkown
page read and write
7AC0000
heap
page read and write
86D7000
heap
page read and write
AA16000
heap
page read and write
C0FF000
heap
page read and write
7DF4561E0000
trusted library allocation
page readonly
2A5F000
stack
page read and write
410000
unkown
page readonly
C447000
heap
page read and write
30AF000
stack
page read and write
88CE000
heap
page read and write
3290000
unkown
page read and write
8565000
heap
page read and write
868B000
heap
page read and write
2CA0000
heap
page read and write
A2B5000
unkown
page read and write
7D50000
trusted library allocation
page read and write
7FF5D7589000
unkown
page readonly
8584000
heap
page read and write
2E90000
unkown
page read and write
2D06000
unkown
page read and write
99B0000
unkown
page read and write
3040000
unkown
page read and write
401000
unkown
page execute read
7C46000
heap
page read and write
C131000
heap
page read and write
9AB2000
unkown
page read and write
3220000
unkown
page read and write
3070000
unkown
page read and write
3420000
direct allocation
page read and write
2E90000
unkown
page read and write
276F000
stack
page read and write
7FF5D7591000
unkown
page readonly
4FC2000
heap
page read and write
9C000
stack
page read and write
3060000
unkown
page read and write
86F6000
heap
page read and write
2E90000
unkown
page read and write
7FF5D77C2000
unkown
page readonly
3220000
unkown
page read and write
C141000
heap
page read and write
8A39000
heap
page read and write
4AC0000
heap
page read and write
401000
unkown
page execute read
7AC0000
unkown
page read and write
C162000
heap
page read and write
C450000
unkown
page read and write
410000
unkown
page readonly
3489000
stack
page read and write
86A2000
heap
page read and write
D03B000
heap
page read and write
3200000
unkown
page read and write
BE90000
unkown
page read and write
B0E0000
unkown
page readonly
417000
unkown
page write copy
7FF5D716B000
unkown
page readonly
8A3B000
heap
page read and write
89D0000
heap
page read and write
7BFD000
heap
page read and write
AA04000
unkown
page read and write
19C000
stack
page read and write
3220000
unkown
page read and write
3040000
unkown
page read and write
2E90000
unkown
page read and write
C033000
heap
page read and write
3050000
unkown
page read and write
2F9F000
stack
page read and write
3050000
unkown
page read and write
3420000
direct allocation
page read and write
3230000
unkown
page read and write
89E5000
heap
page read and write
A233000
unkown
page read and write
C084000
heap
page read and write
88D1000
heap
page read and write
3420000
direct allocation
page read and write
2E90000
unkown
page read and write
A0F000
stack
page read and write
4AB000
unkown
page write copy
1170000
unkown
page read and write
607000
heap
page read and write
88CA000
heap
page read and write
7FF5D7391000
unkown
page readonly
C171000
heap
page read and write
3240000
unkown
page read and write
8548000
heap
page read and write
109A1000
unkown
page read and write
4FCA000
heap
page read and write
4A71000
unkown
page read and write
7FF5D7385000
unkown
page readonly
3420000
direct allocation
page read and write
3050000
unkown
page read and write
5C8000
heap
page read and write
C187000
heap
page read and write
7C38000
heap
page read and write
7FF5D77EB000
unkown
page readonly
84C0000
unkown
page read and write
9820000
unkown
page read and write
ABE000
stack
page read and write
89F000
stack
page read and write
88AC000
heap
page read and write
3220000
unkown
page read and write
86CC000
heap
page read and write
A384000
unkown
page read and write
9A90000
unkown
page read and write
BB0E000
stack
page read and write
7AE000
heap
page read and write
57E000
stack
page read and write
3420000
direct allocation
page read and write
AA66000
heap
page read and write
3040000
unkown
page read and write
C96B000
unkown
page read and write
1170000
unkown
page read and write
3220000
unkown
page read and write
3050000
unkown
page read and write
1900D760000
heap
page read and write
3420000
direct allocation
page read and write
3220000
unkown
page read and write
89E7000
heap
page read and write
C29E000
heap
page read and write
3200000
unkown
page read and write
3220000
unkown
page read and write
3040000
unkown
page read and write
8916000
heap
page read and write
89E3000
heap
page read and write
8FF000
stack
page read and write
3420000
direct allocation
page read and write
CB03000
trusted library allocation
page read and write
9820000
unkown
page read and write
A9DF000
unkown
page read and write
2CAF000
stack
page read and write
90BC000
stack
page read and write
89E3000
heap
page read and write
529000
remote allocation
page execute and read and write
C084000
heap
page read and write
7FF5D6AB6000
unkown
page readonly
400000
unkown
page readonly
4E4F000
heap
page read and write
362A000
unkown
page read and write
3420000
direct allocation
page read and write
9B000
stack
page read and write
3230000
unkown
page read and write
855F000
heap
page read and write
1170000
unkown
page read and write
4FB9000
heap
page read and write
335B000
stack
page read and write
9BA7000
unkown
page read and write
8565000
heap
page read and write
BD12000
heap
page read and write
3240000
unkown
page read and write
7C0C000
heap
page read and write
3040000
unkown
page read and write
3220000
unkown
page read and write
252E000
stack
page read and write
3220000
unkown
page read and write
2D60000
heap
page read and write
7B2C000
heap
page read and write
89DA000
heap
page read and write
418000
unkown
page write copy
A391000
unkown
page read and write
7FF5D7639000
unkown
page readonly
8565000
heap
page read and write
1B633580000
heap
page read and write
7B32000
heap
page read and write
89E5000
heap
page read and write
3050000
unkown
page read and write
BAE8000
stack
page read and write
89F1000
heap
page read and write
2E90000
unkown
page read and write
A02E000
stack
page read and write
E750000
unkown
page read and write
4FA7000
heap
page read and write
7FF5D717C000
unkown
page readonly
7BAE000
heap
page read and write
7FF5D7703000
unkown
page readonly
3220000
unkown
page read and write
3230000
unkown
page read and write
99B5000
unkown
page read and write
85BE000
stack
page read and write
7BE6000
heap
page read and write
2D5E000
stack
page read and write
7B42000
heap
page read and write
84B6000
heap
page read and write
838A000
heap
page read and write
2DBE000
stack
page read and write
7FF5D7485000
unkown
page readonly
3240000
unkown
page read and write
4D87000
heap
page read and write
8B40000
unkown
page readonly
C42B000
heap
page read and write
760B000
unkown
page read and write
BF3E000
stack
page read and write
1F0000
heap
page read and write
C0FF000
heap
page read and write
2FB0000
remote allocation
page read and write
B0ED000
stack
page read and write
3070000
unkown
page read and write
C4C6000
unkown
page read and write
3420000
direct allocation
page read and write
9A8E000
unkown
page read and write
89E7000
heap
page read and write
B70000
heap
page read and write
7DF456221000
trusted library allocation
page execute read
83F2000
heap
page read and write
2E90000
unkown
page read and write
3050000
unkown
page read and write
2E90000
unkown
page read and write
C46F000
unkown
page read and write
3230000
unkown
page read and write
C99E000
stack
page read and write
8E80000
unkown
page read and write
7FF5D7215000
unkown
page readonly
7D60000
trusted library allocation
page read and write
889A000
heap
page read and write
8567000
heap
page read and write
A9CD000
heap
page read and write
C180000
heap
page read and write
85FE000
heap
page read and write
3050000
unkown
page read and write
3240000
unkown
page read and write
3420000
direct allocation
page read and write
7DF456250000
trusted library allocation
page readonly
401000
unkown
page execute read
1250000
unkown
page read and write
89D0000
heap
page read and write
7C0C000
heap
page read and write
7FF5D7722000
unkown
page readonly
3230000
unkown
page read and write
3230000
unkown
page read and write
7FF5D7641000
unkown
page readonly
85FE000
heap
page read and write
7B2C000
heap
page read and write
7FF5D6ABD000
unkown
page readonly
1731000
unkown
page readonly
8423000
heap
page read and write
C0B1000
heap
page read and write
401000
unkown
page execute read
3220000
unkown
page read and write
19C000
stack
page read and write
9EE0000
unkown
page read and write
86D6000
heap
page read and write
3050000
unkown
page read and write
1270000
unkown
page read and write
C3AF000
heap
page read and write
28CF000
stack
page read and write
264E000
stack
page read and write
7FF5D75D9000
unkown
page readonly
8944000
heap
page read and write
C5FD000
unkown
page read and write
9CBE000
stack
page read and write
83C6000
heap
page read and write
2F5F000
stack
page read and write
BF44000
heap
page read and write
3420000
direct allocation
page read and write
860E55D000
stack
page read and write
8565000
heap
page read and write
9B0B000
unkown
page read and write
417000
unkown
page write copy
8980000
unkown
page read and write
85E4000
heap
page read and write
85E4000
heap
page read and write
7D70000
trusted library allocation
page read and write
4E5E000
heap
page read and write
3420000
direct allocation
page read and write
2D5E000
stack
page read and write
88D5000
heap
page read and write
8E50000
stack
page read and write
3040000
unkown
page read and write
2E60000
heap
page read and write
9A92000
unkown
page read and write
2DD0000
heap
page read and write
31B0000
heap
page read and write
3050000
unkown
page read and write
2E90000
unkown
page read and write
C7C6000
unkown
page read and write
7DF4561F1000
trusted library allocation
page execute read
3220000
unkown
page read and write
86AA000
heap
page read and write
3230000
unkown
page read and write
2E90000
unkown
page read and write
7FF5D747F000
unkown
page readonly
C139000
heap
page read and write
673000
heap
page read and write
8871000
heap
page read and write
7DF456270000
trusted library allocation
page readonly
3070000
unkown
page read and write
C40F000
heap
page read and write
99C0000
unkown
page read and write
7FF5D7272000
unkown
page readonly
D1F3000
trusted library allocation
page read and write
401000
unkown
page execute read
7E60000
unkown
page read and write
3220000
unkown
page read and write
2DFD000
stack
page read and write
400000
unkown
page readonly
66A000
heap
page read and write
2FB0000
remote allocation
page read and write
315F000
stack
page read and write
92B0000
heap
page read and write
F285000
heap
page read and write
88B0000
heap
page read and write
2E90000
unkown
page read and write
C2B6000
heap
page read and write
B66A000
stack
page read and write
2E70000
heap
page read and write
1170000
unkown
page read and write
3230000
unkown
page read and write
7FF5D76E8000
unkown
page readonly
7DF4561E1000
trusted library allocation
page execute read
7FF5D74F2000
unkown
page readonly
C09B000
heap
page read and write
7FF5D7808000
unkown
page readonly
12B0000
unkown
page read and write
C029000
heap
page read and write
418000
unkown
page write copy
C573000
heap
page read and write
C24E000
stack
page read and write
3220000
unkown
page read and write
86AA000
heap
page read and write
89F1000
heap
page read and write
6D7000
heap
page read and write
4DA1000
heap
page read and write
418000
unkown
page write copy
C022000
heap
page read and write
C40A000
heap
page read and write
BEB3000
heap
page read and write
3420000
direct allocation
page read and write
B8EC000
stack
page read and write
C43B000
heap
page read and write
197000
stack
page read and write
BBE8000
stack
page read and write
2F7D000
heap
page read and write
A3AA000
unkown
page read and write
7BAE000
heap
page read and write
C3C2000
heap
page read and write
1170000
unkown
page read and write
2CB8000
heap
page read and write
3220000
unkown
page read and write
7FF5D777A000
unkown
page readonly
7FF5D76C8000
unkown
page readonly
B86D000
stack
page read and write
1170000
unkown
page read and write
C16D000
heap
page read and write
C0A5000
heap
page read and write
262F000
stack
page read and write
2DEE000
stack
page read and write
8916000
heap
page read and write
7FF5D76AF000
unkown
page readonly
C435000
heap
page read and write
2E90000
unkown
page read and write
7FF5D7075000
unkown
page readonly
C162000
heap
page read and write
2E2E000
stack
page read and write
AA29000
heap
page read and write
9ABD000
unkown
page read and write
8565000
heap
page read and write
1395000
heap
page read and write
5479000
unkown
page read and write
3420000
direct allocation
page read and write
2D09000
unkown
page readonly
D1D3000
trusted library allocation
page read and write
2E50000
heap
page read and write
A0A9000
stack
page read and write
8513000
heap
page read and write
2D09000
unkown
page readonly
3420000
direct allocation
page read and write
C60F000
heap
page read and write
2D09000
unkown
page readonly
2F43000
heap
page read and write
7FF5D7700000
unkown
page readonly
C050000
heap
page read and write
8A39000
heap
page read and write
4FAC000
heap
page read and write
3220000
unkown
page read and write
7FF5CE33D000
unkown
page readonly
57E000
stack
page read and write
1F0000
heap
page read and write
2FB0000
remote allocation
page read and write
32D9000
stack
page read and write
3220000
unkown
page read and write
C14D000
heap
page read and write
3240000
unkown
page read and write
3220000
unkown
page read and write
C0AC000
heap
page read and write
8692000
heap
page read and write
8565000
heap
page read and write
A9E9000
unkown
page read and write
75F8000
unkown
page read and write
3220000
unkown
page read and write
A9A0000
unkown
page read and write
3120000
unkown
page read and write
9A6A000
unkown
page read and write
1023F000
stack
page read and write
855B000
heap
page read and write
3060000
unkown
page read and write
2F70000
remote allocation
page read and write
C573000
heap
page read and write
1170000
unkown
page read and write
8552000
heap
page read and write
89DA000
heap
page read and write
2D09000
unkown
page readonly
4F7B000
heap
page read and write
9A50000
heap
page readonly
2CAF000
stack
page read and write
3420000
direct allocation
page read and write
1170000
unkown
page read and write
2DD0000
heap
page read and write
89D0000
heap
page read and write
35B5000
unkown
page read and write
3050000
unkown
page read and write
8A39000
heap
page read and write
2E90000
unkown
page read and write
F332000
unkown
page read and write
66F000
heap
page read and write
2D09000
unkown
page readonly
3240000
unkown
page read and write
4FAC000
heap
page read and write
690000
heap
page read and write
C09C000
heap
page read and write
4980000
heap
page read and write
89DA000
heap
page read and write
3200000
unkown
page read and write
1B633590000
heap
page read and write
1170000
unkown
page read and write
C386000
heap
page read and write
708000
heap
page read and write
3040000
unkown
page read and write
4D10000
heap
page read and write
C309000
heap
page read and write
B370000
trusted library allocation
page read and write
8BB0000
trusted library allocation
page read and write
C09B000
heap
page read and write
C177000
heap
page read and write
40B000
unkown
page execute read
C0FF000
heap
page read and write
3420000
direct allocation
page read and write
400000
unkown
page readonly
10589000
unkown
page read and write
7C2D000
heap
page read and write
2DBE000
stack
page read and write
83FA4FF000
unkown
page read and write
BE67000
heap
page read and write
B96C000
stack
page read and write
7BE4000
heap
page read and write
8555000
heap
page read and write
8862000
heap
page read and write
7FF5D75B3000
unkown
page readonly
3220000
unkown
page read and write
2E90000
unkown
page read and write
3040000
unkown
page read and write
2E40000
unclassified section
page read and write
1F0000
heap
page read and write
2E60000
remote allocation
page read and write
212AB1BB000
heap
page read and write
8F6000
heap
page read and write
85E000
stack
page read and write
C61B000
unkown
page read and write
3230000
unkown
page read and write
2FB0000
heap
page read and write
1900DA50000
heap
page read and write
1900D767000
heap
page read and write
418000
unkown
page write copy
7AE000
heap
page read and write
F3FA000
heap
page read and write
C60F000
heap
page read and write
C16D000
heap
page read and write
4E58000
heap
page read and write
3420000
direct allocation
page read and write
3220000
unkown
page read and write
2E90000
unkown
page read and write
3050000
unkown
page read and write
2E90000
unkown
page read and write
9820000
unkown
page read and write
8360000
unkown
page read and write
9579000
stack
page read and write
278F000
stack
page read and write
212AB510000
heap
page read and write
494A000
heap
page execute and read and write
8898000
heap
page read and write
DD0000
heap
page read and write
C03C000
heap
page read and write
2CDF000
stack
page read and write
BEF8000
heap
page read and write
3040000
unkown
page read and write
3200000
unkown
page read and write
9EEF7EC000
stack
page read and write
1F0000
heap
page read and write
26797EA5000
heap
page read and write
7631000
unkown
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
2E60000
remote allocation
page read and write
7435000
stack
page read and write
65B000
heap
page read and write
7FF5D77F0000
unkown
page readonly
7FF5D7065000
unkown
page readonly
89F1000
heap
page read and write
7C3D000
heap
page read and write
84C0000
unkown
page read and write
306F000
stack
page read and write
86AA000
heap
page read and write
7FF5D745B000
unkown
page readonly
57E000
stack
page read and write
84C0000
unkown
page read and write
107A1000
unkown
page read and write
D1F0000
trusted library allocation
page read and write
C0C8000
heap
page read and write
89D0000
heap
page read and write
7637000
unkown
page read and write
7B45000
heap
page read and write
3050000
unkown
page read and write
2E90000
unkown
page read and write
7C80000
unkown
page read and write
7FF5D7523000
unkown
page readonly
8C7000
heap
page read and write
CF5000
stack
page read and write
7FF5D710B000
unkown
page readonly
3420000
direct allocation
page read and write
2FB0000
heap
page read and write
9A94000
unkown
page read and write
7C4C000
heap
page read and write
3420000
direct allocation
page read and write
89E5000
heap
page read and write
88FD000
heap
page read and write
C16D000
heap
page read and write
3420000
direct allocation
page read and write
3240000
unkown
page read and write
7FF5D77DD000
unkown
page readonly
8944000
heap
page read and write
A2D7000
unkown
page read and write
3420000
direct allocation
page read and write
4980000
unkown
page read and write
7C2D000
heap
page read and write
1000000
heap
page read and write
26797C50000
heap
page read and write
C17E000
heap
page read and write
12D0000
unkown
page readonly
3200000
unkown
page read and write
66C000
heap
page read and write
3230000
unkown
page read and write
2BBE000
stack
page read and write
1B6333AB000
heap
page read and write
30B1000
heap
page read and write
3290000
unkown
page read and write
3040000
unkown
page read and write
3626000
unkown
page read and write
254E000
stack
page read and write
8E2000
heap
page read and write
7460000
unkown
page read and write
9FF000
stack
page read and write
7B80000
unkown
page readonly
3220000
unkown
page read and write
84C0000
unkown
page read and write
8584000
heap
page read and write
C7BE000
unkown
page read and write
819A000
stack
page read and write
76F8000
unkown
page read and write
6D0000
heap
page read and write
8975000
heap
page read and write
2E90000
unkown
page read and write
7B1C000
heap
page read and write
212AB1B0000
heap
page read and write
2D09000
unkown
page readonly
2D20000
heap
page read and write
7FF5D71A6000
unkown
page readonly
8A39000
heap
page read and write
3456000
stack
page read and write
4F5A000
heap
page read and write
7DF456241000
trusted library allocation
page execute read
2A6E000
stack
page read and write
31BA000
stack
page read and write
4E52000
heap
page read and write
3220000
unkown
page read and write
C119000
heap
page read and write
308E000
stack
page read and write
19E000
stack
page read and write
BD10000
heap
page read and write
3230000
unkown
page read and write
3220000
unkown
page read and write
A36E000
stack
page read and write
3040000
unkown
page read and write
3290000
unkown
page read and write
7FF5D7394000
unkown
page readonly
7FF5D6A4B000
unkown
page readonly
2E90000
unkown
page read and write
85A5000
heap
page read and write
3420000
direct allocation
page read and write
B3D0000
trusted library allocation
page read and write
7DD0000
heap
page read and write
2EE5000
heap
page read and write
3230000
unkown
page read and write
AA2D000
heap
page read and write
3050000
unkown
page read and write
3040000
unkown
page read and write
9820000
unkown
page read and write
2FC7000
heap
page execute and read and write
349C000
stack
page read and write
2DD4000
heap
page read and write
8A3B000
heap
page read and write
3230000
unkown
page read and write
7FF5D7740000
unkown
page readonly
84C9000
heap
page read and write
1170000
unkown
page read and write
3240000
unkown
page read and write
C14B000
heap
page read and write
4950000
heap
page read and write
BFFE000
heap
page read and write
808A000
stack
page read and write
2F78000
heap
page read and write
B03B000
stack
page read and write
9AA0000
unkown
page read and write
3420000
direct allocation
page read and write
7609000
unkown
page read and write
7BB5000
heap
page read and write
7A0000
heap
page read and write
4AA000
unkown
page read and write
3420000
direct allocation
page read and write
89DA000
heap
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
768C000
unkown
page read and write
3420000
direct allocation
page read and write
3420000
direct allocation
page read and write
7DF4F2481000
unkown
page execute read
C411000
heap
page read and write
3230000
unkown
page read and write
89D0000
heap
page read and write
35D3000
unkown
page read and write
3420000
direct allocation
page read and write
8636000
heap
page read and write
85E4000
heap
page read and write
49BB000
unkown
page read and write
49FF000
stack
page read and write
9C000
stack
page read and write
C0C2000
heap
page read and write
700000
heap
page read and write
75E0000
unkown
page read and write
4EF0000
heap
page read and write
BB9B000
stack
page read and write
74A000
heap
page read and write
3230000
unkown
page read and write
4B31000
heap
page read and write
2EB0000
heap
page read and write
C081000
heap
page read and write
2B48000
stack
page read and write
D240000
trusted library allocation
page read and write
3230000
unkown
page read and write
AA47000
heap
page read and write
1170000
unkown
page read and write
8557000
heap
page read and write
C0CF000
heap
page read and write
7B2000
heap
page read and write
32FA000
stack
page read and write
197000
stack
page read and write
2F8C000
heap
page read and write
1900DA55000
heap
page read and write
1F0000
heap
page read and write
C60A000
heap
page read and write
3220000
unkown
page read and write
7618000
unkown
page read and write
8557000
heap
page read and write
B3A0000
trusted library allocation
page read and write
7FF5D71EA000
unkown
page readonly
AA8B000
heap
page read and write
AA93000
unkown
page read and write
8699000
heap
page read and write
7DF4561D1000
trusted library allocation
page execute read
8A3B000
heap
page read and write
9AAC000
unkown
page read and write
DCE000
stack
page read and write
8A39000
heap
page read and write
49A8000
unkown
page read and write
8636000
heap
page read and write
3220000
unkown
page read and write
1F0000
heap
page read and write
C16D000
heap
page read and write
4FC0000
heap
page read and write
7DF456210000
trusted library allocation
page readonly
1B6333E1000
heap
page read and write
7B32000
heap
page read and write
C3B7000
heap
page read and write
D350000
trusted library allocation
page read and write
7686000
unkown
page read and write
7B45000
heap
page read and write
C496000
unkown
page read and write
8548000
heap
page read and write
400000
unkown
page readonly
6F7000
heap
page read and write
3420000
direct allocation
page read and write
4FB4000
heap
page read and write
BF93000
heap
page read and write
C437000
heap
page read and write
B380000
trusted library allocation
page read and write
7FF5D77E0000
unkown
page readonly
655000
heap
page read and write
9A8C000
unkown
page read and write
C082000
heap
page read and write
3040000
unkown
page read and write
C2D2000
heap
page read and write
40F000
unkown
page readonly
D220000
trusted library allocation
page read and write
7FF5D720A000
unkown
page readonly
C377000
heap
page read and write
2A6E000
stack
page read and write
7B60000
unkown
page readonly
9820000
unkown
page read and write
2EB0000
unkown
page read and write
3040000
unkown
page read and write
418000
unkown
page write copy
8ECC000
stack
page read and write
2E90000
unkown
page read and write
66F000
heap
page read and write
19E000
stack
page read and write
3220000
unkown
page read and write
86A2000
heap
page read and write
2F9E000
stack
page read and write
7B81000
heap
page read and write
8916000
heap
page read and write
7FF5D7784000
unkown
page readonly
7FF5D7694000
unkown
page readonly
4E5B000
heap
page read and write
B3A3000
trusted library allocation
page read and write
7D3E000
stack
page read and write
4D8A000
heap
page read and write
3220000
unkown
page read and write
3040000
unkown
page read and write
40B000
unkown
page execute read
B70000
heap
page read and write
2F7F000
heap
page read and write
D7EF000
stack
page read and write
3050000
unkown
page read and write
C1E6000
heap
page read and write
F0C000
heap
page read and write
83C6000
heap
page read and write
7691000
unkown
page read and write
7FF5D7077000
unkown
page readonly
9820000
unkown
page read and write
7E2000
heap
page read and write
A408000
unkown
page read and write
2E90000
unkown
page read and write
7FF5D7837000
unkown
page readonly
9820000
unkown
page read and write
35CF000
unkown
page read and write
7DF456261000
trusted library allocation
page execute read
3240000
unkown
page read and write
C0AC000
heap
page read and write
2FF9000
stack
page read and write
3050000
unkown
page read and write
2FA0000
heap
page read and write
BDE000
stack
page read and write
C78A000
unkown
page read and write
264F000
stack
page read and write
8975000
heap
page read and write
104B3000
unkown
page read and write
89E5000
heap
page read and write
3040000
unkown
page read and write
C908000
unkown
page read and write
7FF5D769E000
unkown
page readonly
7FF5D7262000
unkown
page readonly
C00B000
heap
page read and write
7A63000
heap
page read and write
4A40000
unkown
page read and write
2C8B000
unkown
page readonly
8916000
heap
page read and write
3450000
trusted library allocation
page read and write
9DEE000
stack
page read and write
3250000
unkown
page read and write
3050000
unkown
page read and write
3040000
unkown
page read and write
2FB0000
remote allocation
page read and write
2CEE000
stack
page read and write
2D09000
unkown
page readonly
2F96000
heap
page read and write
3040000
unkown
page read and write
4951000
heap
page read and write
7FF5D778A000
unkown
page readonly
3050000
unkown
page read and write
C084000
heap
page read and write
3420000
direct allocation
page read and write
86CC000
heap
page read and write
2D09000
unkown
page readonly
C3A4000
heap
page read and write
3050000
unkown
page read and write
9679000
stack
page read and write
C8BC000
unkown
page read and write
7FF5D74B8000
unkown
page readonly
3230000
unkown
page read and write
7CB0000
unkown
page readonly
33B0000
unkown
page readonly
2E90000
unkown
page read and write
1170000
unkown
page read and write
7FF5D728E000
unkown
page readonly
3050000
unkown
page read and write
3040000
unkown
page read and write
3050000
unkown
page read and write
2D09000
unkown
page readonly
708000
heap
page read and write
89D0000
heap
page read and write
7FF5D7257000
unkown
page readonly
1103000
heap
page read and write
2E40000
direct allocation
page read and write
89E7000
heap
page read and write
88D4000
heap
page read and write
C3C8000
heap
page read and write
7FF5D72E9000
unkown
page readonly
3110000
unkown
page readonly
850D000
heap
page read and write
26797EA0000
heap
page read and write
8880000
unkown
page readonly
89DA000
heap
page read and write
7E7000
heap
page read and write
C419000
heap
page read and write
2CB0000
heap
page read and write
C48A000
heap
page read and write
7BDB000
heap
page read and write
8A39000
heap
page read and write
7FF5D705D000
unkown
page readonly
28CF000
stack
page read and write
7FF5D71CC000
unkown
page readonly
3040000
unkown
page read and write
4E34000
heap
page read and write
D55E000
stack
page read and write
3420000
direct allocation
page read and write
F13000
heap
page read and write
7FF5D74C3000
unkown
page readonly
A3B9000
unkown
page read and write
89F1000
heap
page read and write
D340000
trusted library allocation
page read and write
400000
unkown
page execute and read and write
3050000
unkown
page read and write
7FF5D7289000
unkown
page readonly
3220000
unkown
page read and write
7654000
unkown
page read and write
2D09000
unkown
page readonly
769A000
unkown
page read and write
A7F000
stack
page read and write
2E90000
unkown
page read and write
2DDE000
stack
page read and write
3420000
direct allocation
page read and write
8687000
heap
page read and write
86D7000
heap
page read and write
193000
stack
page read and write
7FF5D768B000
unkown
page readonly
F24F000
heap
page read and write
EF8000
heap
page read and write
BF81000
heap
page read and write
84C0000
unkown
page read and write
400000
unkown
page readonly
C460000
unkown
page read and write
7FF5D720F000
unkown
page readonly
7C38000
heap
page read and write
3040000
unkown
page read and write
3040000
unkown
page read and write
2E90000
unkown
page read and write
7FF5D7795000
unkown
page readonly
401000
unkown
page execute read
3040000
unkown
page read and write
2E90000
unkown
page read and write
3220000
unkown
page read and write
890B000
heap
page read and write
88D1000
heap
page read and write
C539000
heap
page read and write
7FF5D72FB000
unkown
page readonly
89E3000
heap
page read and write
C081000
heap
page read and write
4EDB000
heap
page read and write
5B0000
heap
page read and write
7DF4F24A1000
unkown
page execute read
7FF5D7507000
unkown
page readonly
7DF456231000
trusted library allocation
page execute read
A21C000
stack
page read and write
C0AC000
heap
page read and write
7FF5D7458000
unkown
page readonly
3420000
direct allocation
page read and write
84C0000
unkown
page read and write
400000
unkown
page readonly
884E000
heap
page read and write
3230000
unkown
page read and write
8FA000
heap
page read and write
D5D8000
stack
page read and write
2BAE000
stack
page read and write
3040000
unkown
page read and write
400000
unkown
page readonly
4AD0000
heap
page read and write
7BAE000
heap
page read and write
1170000
unkown
page read and write
7FF5D7534000
unkown
page readonly
C09B000
heap
page read and write
C56E000
heap
page read and write
7FF5D7442000
unkown
page readonly
3230000
unkown
page read and write
6C0000
heap
page read and write
48D0000
direct allocation
page read and write
3230000
unkown
page read and write
7AA0000
unkown
page read and write
197000
stack
page read and write
89E3000
heap
page read and write
88D1000
heap
page read and write
7BB5000
heap
page read and write
35FA000
unkown
page read and write
7FF5D76DA000
unkown
page readonly
C3C0000
heap
page read and write
3050000
unkown
page read and write
7DF4F2460000
unkown
page readonly
8A39000
heap
page read and write
3260000
unkown
page read and write
3200000
unkown
page read and write
19E000
stack
page read and write
89E7000
heap
page read and write
A264000
unkown
page read and write
4DF5000
heap
page read and write
401000
unkown
page execute read
8510000
heap
page read and write
E7B3000
unkown
page read and write
8CB8000
stack
page read and write
2E90000
unkown
page read and write
B373000
trusted library allocation
page read and write
3040000
unkown
page read and write
3050000
unkown
page read and write
C084000
heap
page read and write
C5F4000
unkown
page read and write
7BB5000
heap
page read and write
306E000
heap
page read and write
8A46000
unkown
page read and write
1170000
unkown
page read and write
8548000
heap
page read and write
9B000
stack
page read and write
3040000
unkown
page read and write
C625000
unkown
page read and write
2A10000
heap
page read and write
3230000
unkown
page read and write
86F6000
heap
page read and write
C571000
heap
page read and write
7FF5D749B000
unkown
page readonly
7FF5D72BD000
unkown
page readonly
2F67000
heap
page read and write
1F0000
heap
page read and write
EB5000
stack
page read and write
2FAA000
heap
page read and write
B90000
heap
page read and write
29FF000
stack
page read and write
7FF5D75CB000
unkown
page readonly
C575000
heap
page read and write
695000
heap
page read and write
C0AC000
heap
page read and write
3420000
direct allocation
page read and write
9820000
unkown
page read and write
7AF1000
unkown
page read and write
2A10000
heap
page read and write
3040000
unkown
page read and write
401000
unkown
page execute read
C800000
unkown
page read and write
1900D710000
heap
page read and write
9A96000
unkown
page read and write
97FF000
stack
page read and write
3220000
unkown
page read and write
2EDF000
stack
page read and write
3050000
unkown
page read and write
85A5000
heap
page read and write
3050000
unkown
page read and write
4AA000
unkown
page read and write
C147000
heap
page read and write
2E90000
unkown
page read and write
BC6B000
stack
page read and write
A39F000
unkown
page read and write
C022000
heap
page read and write
9820000
unkown
page read and write
86B4000
heap
page read and write
A19D000
stack
page read and write
8944000
heap
page read and write
3050000
unkown
page read and write
9820000
unkown
page read and write
C163000
heap
page read and write
212AB380000
heap
page read and write
7FF5D75EE000
unkown
page readonly
C145000
heap
page read and write
1F0000
heap
page read and write
1170000
unkown
page read and write
7FF5D729E000
unkown
page readonly
761E000
unkown
page read and write
5463000
unkown
page read and write
2B9D000
stack
page read and write
3240000
unkown
page read and write
8DE000
stack
page read and write
89D0000
heap
page read and write
7BE3000
heap
page read and write
3220000
unkown
page read and write
2D90000
heap
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
7C90000
unkown
page read and write
3230000
unkown
page read and write
4FC0000
heap
page read and write
3050000
unkown
page read and write
89E3000
heap
page read and write
8A39000
heap
page read and write
1000000
heap
page read and write
C121000
heap
page read and write
2D09000
unkown
page readonly
8513000
heap
page read and write
359C000
stack
page read and write
C415000
heap
page read and write
9B000
stack
page read and write
2FBD000
heap
page read and write
854A000
heap
page read and write
89DA000
heap
page read and write
C162000
heap
page read and write
3136000
stack
page read and write
26797C98000
heap
page read and write
3040000
unkown
page read and write
697000
heap
page read and write
3040000
unkown
page read and write
7FF5D7792000
unkown
page readonly
3040000
unkown
page read and write
3040000
unkown
page read and write
250E000
stack
page read and write
C4C6000
heap
page read and write
3220000
unkown
page read and write
1160000
unkown
page read and write
89E5000
heap
page read and write
2F1F000
stack
page read and write
66F000
heap
page read and write
A23A000
unkown
page read and write
7AAB000
heap
page read and write
7B32000
heap
page read and write
C405000
heap
page read and write
1240000
heap
page read and write
3040000
unkown
page read and write
3050000
unkown
page read and write
D310000
trusted library allocation
page read and write
8975000
heap
page read and write
BEED000
heap
page read and write
AA4B000
heap
page read and write
2FA7000
heap
page read and write
2F7B000
heap
page read and write
3040000
unkown
page read and write
9AC3000
unkown
page read and write
9820000
unkown
page read and write
4A44000
unkown
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
D19B000
stack
page read and write
417000
unkown
page write copy
197000
stack
page read and write
3040000
unkown
page read and write
8944000
heap
page read and write
C669000
unkown
page read and write
C100000
heap
page read and write
9E9D000
stack
page read and write
89DA000
heap
page read and write
7FF5D7682000
unkown
page readonly
89E3000
heap
page read and write
8A39000
heap
page read and write
3040000
unkown
page read and write
CB00000
trusted library allocation
page read and write
8A39000
heap
page read and write
9D67000
unkown
page read and write
8636000
heap
page read and write
C11B000
heap
page read and write
85E4000
heap
page read and write
AA82000
unkown
page read and write
C698000
stack
page read and write
C433000
heap
page read and write
212AB1E0000
heap
page read and write
89D0000
heap
page read and write
8A3B000
heap
page read and write
3420000
direct allocation
page read and write
7FF5D71EF000
unkown
page readonly
86D0000
unkown
page readonly
30B0000
heap
page read and write
2E5E000
stack
page read and write
89E5000
heap
page read and write
D423000
trusted library allocation
page read and write
4F9A000
heap
page read and write
7B45000
heap
page read and write
400000
unkown
page readonly
3040000
unkown
page read and write
C11D000
heap
page read and write
3200000
unkown
page read and write
3040000
unkown
page read and write
400000
unkown
page readonly
7DF456201000
trusted library allocation
page execute read
E7B5000
unkown
page read and write
3230000
unkown
page read and write
C42F000
heap
page read and write
3050000
unkown
page read and write
B35E000
stack
page read and write
4C03000
stack
page read and write
8552000
heap
page read and write
86CC000
heap
page read and write
8866000
heap
page read and write
3040000
unkown
page read and write
3420000
direct allocation
page read and write
7FF5D7407000
unkown
page readonly
8975000
heap
page read and write
C102000
heap
page read and write
C16D000
heap
page read and write
C56E000
heap
page read and write
85FE000
heap
page read and write
49F8000
stack
page read and write
290E000
stack
page read and write
3230000
unkown
page read and write
89D0000
heap
page read and write
7FF5D77B9000
unkown
page readonly
2E8E000
stack
page read and write
3200000
unkown
page read and write
89E5000
heap
page read and write
8A3B000
heap
page read and write
4DB6000
heap
page read and write
A28D000
unkown
page read and write
77DB000
unkown
page read and write
2D06000
unkown
page read and write
3040000
unkown
page read and write
9820000
unkown
page read and write
C4BD000
unkown
page read and write
9A98000
unkown
page read and write
C13B000
heap
page read and write
3050000
unkown
page read and write
8552000
heap
page read and write
D40000
heap
page read and write
8868000
heap
page read and write
3230000
unkown
page read and write
671000
heap
page read and write
2E90000
unkown
page read and write
C653000
unkown
page read and write
3050000
unkown
page read and write
7FF5D774A000
unkown
page readonly
3220000
unkown
page read and write
3060000
heap
page read and write
3420000
direct allocation
page read and write
3040000
unkown
page read and write
7FF5D76D5000
unkown
page readonly
51A000
remote allocation
page execute and read and write
3420000
direct allocation
page read and write
85FE000
heap
page read and write
C417000
heap
page read and write
3220000
unkown
page read and write
A220000
unkown
page read and write
B259000
stack
page read and write
3240000
unkown
page read and write
401000
unkown
page execute read
4BA0000
heap
page read and write
3420000
direct allocation
page read and write
3630000
unkown
page readonly
4E5E000
heap
page read and write
D659000
stack
page read and write
193000
stack
page read and write
107A1000
unkown
page read and write
9B000
stack
page read and write
4F63000
heap
page read and write
9ADB000
unkown
page read and write
84C0000
unkown
page read and write
BE70000
unkown
page readonly
1B633550000
heap
page read and write
3220000
unkown
page read and write
86B4000
heap
page read and write
AA92000
heap
page read and write
942D000
stack
page read and write
B980000
unkown
page readonly
8975000
heap
page read and write
7FF5D7764000
unkown
page readonly
7B81000
heap
page read and write
89E5000
heap
page read and write
83A4000
heap
page read and write
C033000
heap
page read and write
19C000
stack
page read and write
8A3B000
heap
page read and write
7B1C000
heap
page read and write
C029000
heap
page read and write
30FB000
stack
page read and write
7FF5D7404000
unkown
page readonly
C2C3000
heap
page read and write
8975000
heap
page read and write
112F000
unkown
page read and write
8513000
heap
page read and write
8555000
heap
page read and write
3040000
unkown
page read and write
9820000
unkown
page read and write
7FF5D7236000
unkown
page readonly
53E1000
unkown
page read and write
7F70000
trusted library section
page readonly
8840000
heap
page read and write
3420000
direct allocation
page read and write
6D5000
heap
page read and write
8F49000
stack
page read and write
3220000
unkown
page read and write
3040000
unkown
page read and write
1360000
unkown
page readonly
C394000
heap
page read and write
B330000
unkown
page read and write
3050000
unkown
page read and write
AFAE000
stack
page read and write
C431000
heap
page read and write
86A2000
heap
page read and write
2D60000
heap
page read and write
C604000
heap
page read and write
7FF5D7760000
unkown
page readonly
49C2000
unkown
page read and write
7FF5D77E9000
unkown
page readonly
9A76000
unkown
page read and write
7A8000
heap
page read and write
B20000
heap
page read and write
84C0000
unkown
page read and write
B559000
stack
page read and write
401000
unkown
page execute read
7FF5D71C4000
unkown
page readonly
86D7000
heap
page read and write
86AC000
heap
page read and write
48C0000
direct allocation
page execute and read and write
E10000
unkown
page readonly
89D0000
heap
page read and write
418000
unkown
page write copy
C035000
stack
page read and write
3420000
direct allocation
page read and write
3050000
unkown
page read and write
B3A0000
trusted library allocation
page read and write
8A3C000
heap
page read and write
8552000
heap
page read and write
618000
heap
page read and write
C084000
heap
page read and write
61A000
heap
page read and write
8557000
heap
page read and write
3040000
unkown
page read and write
7BDA000
heap
page read and write
B0BD000
stack
page read and write
D420000
trusted library allocation
page read and write
89F1000
heap
page read and write
3200000
unkown
page read and write
8548000
heap
page read and write
3040000
unkown
page read and write
8FD000
heap
page read and write
4E3A000
heap
page read and write
2E1E000
stack
page read and write
9780000
unkown
page read and write
285F000
stack
page read and write
D353000
trusted library allocation
page read and write
8890000
unkown
page readonly
3220000
unkown
page read and write
1B633590000
heap
page read and write
1033E000
stack
page read and write
7A8000
heap
page read and write
B7DF000
stack
page read and write
1B6333E1000
heap
page read and write
BDC0000
unkown
page read and write
2E90000
unkown
page read and write
3220000
unkown
page read and write
7FF5D7546000
unkown
page readonly
3040000
unkown
page read and write
C302000
heap
page read and write
19C000
stack
page read and write
2E90000
unkown
page read and write
89E5000
heap
page read and write
7FF5D75B8000
unkown
page readonly
8555000
heap
page read and write
854A000
heap
page read and write
3040000
unkown
page read and write
3240000
unkown
page read and write
89E7000
heap
page read and write
4AB000
unkown
page write copy
4FB7000
heap
page read and write
7FF5D72BF000
unkown
page readonly
8944000
heap
page read and write
7C3D000
heap
page read and write
3050000
unkown
page read and write
C205000
heap
page read and write
C36B000
heap
page read and write
7B78000
heap
page read and write
F16F000
stack
page read and write
85E4000
heap
page read and write
66A000
heap
page read and write
C313000
heap
page read and write
9820000
unkown
page read and write
C0DE000
heap
page read and write
C022000
heap
page read and write
AE1D000
stack
page read and write
3420000
direct allocation
page read and write
8F0000
heap
page read and write
2E90000
unkown
page read and write
9820000
unkown
page read and write
2E5E000
stack
page read and write
4E13000
heap
page read and write
3230000
unkown
page read and write
7FF5D6BE4000
unkown
page readonly
BF9C000
heap
page read and write
2E90000
unkown
page read and write
193000
stack
page read and write
8980000
unkown
page read and write
7FF5D66E8000
unkown
page readonly
7FF5D7309000
unkown
page readonly
BE20000
heap
page read and write
8E50000
unkown
page read and write
3420000
direct allocation
page read and write
193000
stack
page read and write
2E90000
unkown
page read and write
7B10000
unkown
page read and write
8944000
heap
page read and write
5C8000
heap
page read and write
3050000
unkown
page read and write
9820000
unkown
page read and write
3230000
unkown
page read and write
7FF5D760B000
unkown
page readonly
86E0000
unkown
page readonly
700000
heap
page read and write
A33F000
unkown
page read and write
C617000
unkown
page read and write
BD00000
unkown
page read and write
C16D000
heap
page read and write
AA30000
heap
page read and write
268E000
stack
page read and write
C09B000
heap
page read and write
81E000
stack
page read and write
F2F0000
unkown
page read and write
3040000
unkown
page read and write
4E23000
heap
page read and write
F1DC000
heap
page read and write
580000
heap
page read and write
7BBD000
heap
page read and write
4FD0000
trusted library allocation
page read and write
1281000
unkown
page readonly
3420000
direct allocation
page read and write
89E5000
heap
page read and write
3040000
unkown
page read and write
BB6D000
stack
page read and write
400000
unkown
page execute and read and write
D1E0000
trusted library allocation
page read and write
2E90000
unkown
page read and write
3070000
unkown
page read and write
3050000
unkown
page read and write
3240000
unkown
page read and write
F336000
unkown
page read and write
8944000
heap
page read and write
C571000
heap
page read and write
2EBE000
heap
page read and write
30B0000
heap
page read and write
3220000
unkown
page read and write
1170000
unkown
page read and write
7FF5D6BEF000
unkown
page readonly
88D1000
heap
page read and write
3040000
unkown
page read and write
8555000
heap
page read and write
B6EB000
stack
page read and write
4B00000
unkown
page read and write
3230000
unkown
page read and write
89E7000
heap
page read and write
401000
unkown
page execute read
2E90000
unkown
page read and write
8584000
heap
page read and write
C41F000
heap
page read and write
B4D000
stack
page read and write
30B0000
heap
page read and write
B720000
trusted library allocation
page read and write
10434000
unkown
page read and write
2D09000
unkown
page readonly
923C000
stack
page read and write
3040000
unkown
page read and write
4E23000
heap
page read and write
BD9A000
stack
page read and write
4C10000
direct allocation
page read and write
3220000
unkown
page read and write
3040000
unkown
page read and write
3500000
stack
page read and write
C2AC000
heap
page read and write
C3B3000
heap
page read and write
33D5000
stack
page read and write
C663000
unkown
page read and write
4ED0000
heap
page read and write
4D0E000
stack
page read and write
C5FA000
unkown
page read and write
6C5000
heap
page read and write
2E90000
unkown
page read and write
89E7000
heap
page read and write
C123000
heap
page read and write
C483000
unkown
page read and write
2A9D000
stack
page read and write
338B000
stack
page read and write
EF0000
heap
page read and write
85FE000
heap
page read and write
28FE000
stack
page read and write
3070000
unkown
page read and write
418000
unkown
page write copy
1F0000
heap
page read and write
3230000
unkown
page read and write
B360000
trusted library allocation
page read and write
7FF5D75F6000
unkown
page readonly
3230000
unkown
page read and write
A2A2000
unkown
page read and write
7BAF000
heap
page read and write
4E58000
heap
page read and write
7FF5D776D000
unkown
page readonly
3220000
unkown
page read and write
1170000
unkown
page read and write
89E7000
heap
page read and write
C149000
heap
page read and write
674000
heap
page read and write
790000
heap
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
2A0F000
stack
page read and write
3230000
unkown
page read and write
2FBF000
stack
page read and write
89E3000
heap
page read and write
4D66000
heap
page read and write
66A000
heap
page read and write
3230000
unkown
page read and write
BE18000
stack
page read and write
C1F2000
heap
page read and write
9EB0000
unkown
page readonly
3040000
unkown
page read and write
AA78000
heap
page read and write
8A39000
heap
page read and write
3040000
unkown
page read and write
3230000
unkown
page read and write
2DAE000
stack
page read and write
3040000
unkown
page read and write
7FF5D75FF000
unkown
page readonly
8ABA000
stack
page read and write
3420000
direct allocation
page read and write
30CE000
stack
page read and write
860E87F000
stack
page read and write
3530000
unkown
page read and write
33C0000
unkown
page read and write
401000
unkown
page execute read
89E3000
heap
page read and write
4E5B000
heap
page read and write
C16D000
heap
page read and write
8636000
heap
page read and write
9820000
unkown
page read and write
88B9000
heap
page read and write
2E90000
unkown
page read and write
2E7E000
heap
page read and write
7FF5D77A8000
unkown
page readonly
3050000
unkown
page read and write
418000
unkown
page write copy
85E4000
heap
page read and write
2B73000
heap
page read and write
4E5B000
heap
page read and write
B02F000
stack
page read and write
268E000
stack
page read and write
7DBC000
stack
page read and write
4A0E000
unkown
page read and write
997C000
stack
page read and write
8FD9000
stack
page read and write
410000
unkown
page readonly
1B633340000
heap
page read and write
4981000
heap
page read and write
3220000
unkown
page read and write
9AB4000
unkown
page read and write
7FF5D719C000
unkown
page readonly
2F2E000
heap
page execute and read and write
2E9A000
heap
page read and write
5B7000
heap
page read and write
B3C0000
trusted library allocation
page read and write
4A90000
unkown
page read and write
3230000
unkown
page read and write
C427000
heap
page read and write
3260000
unkown
page read and write
7FF5D7396000
unkown
page readonly
2E1E000
stack
page read and write
88C2000
heap
page read and write
3040000
unkown
page read and write
2B6D000
stack
page read and write
3220000
unkown
page read and write
9279000
stack
page read and write
35BD000
unkown
page read and write
7BE4000
heap
page read and write
89D0000
heap
page read and write
C16D000
heap
page read and write
7FF5D7604000
unkown
page readonly
86D7000
heap
page read and write
2E90000
unkown
page read and write
7DF456211000
trusted library allocation
page execute read
B2DB000
stack
page read and write
417000
unkown
page write copy
197000
stack
page read and write
4FA9000
heap
page read and write
7FF5D71F9000
unkown
page readonly
3040000
unkown
page read and write
3040000
unkown
page read and write
27CE000
stack
page read and write
3420000
direct allocation
page read and write
BF83000
heap
page read and write
8510000
heap
page read and write
310E000
stack
page read and write
3040000
unkown
page read and write
9FAF000
stack
page read and write
8548000
heap
page read and write
7DF456230000
trusted library allocation
page readonly
2E90000
unkown
page read and write
4B30000
heap
page read and write
3220000
unkown
page read and write
AA01000
unkown
page read and write
9B000
stack
page read and write
C62D000
unkown
page read and write
2E90000
unkown
page read and write
850D000
heap
page read and write
8774000
heap
page read and write
3040000
unkown
page read and write
4A3F000
stack
page read and write
C5EE000
heap
page read and write
2F60000
heap
page read and write
26797C90000
heap
page read and write
7C70000
unkown
page readonly
7FF5D6BDB000
unkown
page readonly
7DF000
stack
page read and write
3040000
unkown
page read and write
4AB000
unkown
page write copy
3200000
unkown
page read and write
3050000
unkown
page read and write
86AC000
heap
page read and write
864F000
heap
page read and write
89F1000
heap
page read and write
3040000
unkown
page read and write
C09B000
heap
page read and write
3220000
unkown
page read and write
30B0000
heap
page read and write
3420000
direct allocation
page read and write
7FF5D72D7000
unkown
page readonly
104A0000
unkown
page read and write
B220000
unkown
page read and write
4995000
heap
page execute and read and write
861D000
heap
page read and write
861D000
heap
page read and write
2E90000
unkown
page read and write
D240000
trusted library allocation
page read and write
3040000
unkown
page read and write
AA62000
heap
page read and write
2E40000
unclassified section
page read and write
CAE0000
trusted library allocation
page read and write
28FE000
stack
page read and write
8513000
heap
page read and write
212AB1E0000
heap
page read and write
2D00000
heap
page read and write
9A9E000
unkown
page read and write
A298000
stack
page read and write
3220000
unkown
page read and write
CAA0000
heap
page read and write
4C8E000
stack
page read and write
8975000
heap
page read and write
3040000
unkown
page read and write
9EE0000
unkown
page read and write
A9ED000
heap
page read and write
3420000
direct allocation
page read and write
FF0000
unkown
page readonly
7FF5D75C1000
unkown
page readonly
3040000
unkown
page read and write
A9AF000
heap
page read and write
C1CC000
stack
page read and write
3220000
unkown
page read and write
8584000
heap
page read and write
4AA000
unkown
page read and write
7FF5D7745000
unkown
page readonly
2C8B000
unkown
page readonly
3420000
direct allocation
page read and write
7FF5D7280000
unkown
page readonly
7C8000
heap
page read and write
C0DE000
heap
page read and write
3050000
unkown
page read and write
2E90000
unkown
page read and write
2F70000
remote allocation
page read and write
77A2000
unkown
page read and write
C806000
unkown
page read and write
8636000
heap
page read and write
3050000
unkown
page read and write
2F84000
heap
page read and write
3280000
unkown
page read and write
9C000
stack
page read and write
85A5000
heap
page read and write
C43F000
heap
page read and write
C44D000
heap
page read and write
89E5000
heap
page read and write
401000
unkown
page execute read
401000
unkown
page execute read
D360000
trusted library allocation
page read and write
7DF456231000
trusted library allocation
page execute read
C48B000
unkown
page read and write
1170000
unkown
page read and write
2B6D000
stack
page read and write
89F1000
heap
page read and write
C17E000
heap
page read and write
7FF5D7820000
unkown
page readonly
1380000
heap
page read and write
3420000
direct allocation
page read and write
C73E000
unkown
page read and write
C354000
heap
page read and write
9820000
unkown
page read and write
BEE8000
heap
page read and write
C12F000
heap
page read and write
C127000
heap
page read and write
8A3B000
heap
page read and write
86FE000
heap
page read and write
95FB000
stack
page read and write
3230000
unkown
page read and write
8A3B000
heap
page read and write
3050000
unkown
page read and write
3160000
heap
page read and write
417000
unkown
page write copy
26797C70000
heap
page read and write
7FF5D7360000
unkown
page readonly
8A39000
heap
page read and write
E7B5000
unkown
page read and write
3050000
unkown
page read and write
3220000
unkown
page read and write
7FF5D73F5000
unkown
page readonly
35C3000
unkown
page read and write
D869000
stack
page read and write
843F000
stack
page read and write
84C0000
unkown
page read and write
94F4000
unkown
page read and write
7FF5D765F000
unkown
page readonly
8975000
heap
page read and write
8423000
heap
page read and write
89E3000
heap
page read and write
9820000
unkown
page read and write
3050000
unkown
page read and write
3040000
unkown
page read and write
7FF5D770F000
unkown
page readonly
C2E3000
heap
page read and write
7FF5D7450000
unkown
page readonly
40F000
unkown
page readonly
8636000
heap
page read and write
49D6000
unkown
page read and write
618000
heap
page read and write
8EBB000
stack
page read and write
3230000
unkown
page read and write
86FE000
heap
page read and write
AEEB000
stack
page read and write
3050000
unkown
page read and write
4AB000
unkown
page write copy
3420000
direct allocation
page read and write
1170000
unkown
page read and write
3420000
direct allocation
page read and write
7FF5D7267000
unkown
page readonly
7FF5D7643000
unkown
page readonly
BE23000
heap
page read and write
7DF4F2470000
unkown
page readonly
C0FF000
heap
page read and write
8E80000
unkown
page read and write
490F000
stack
page read and write
3220000
unkown
page read and write
89E3000
heap
page read and write
2E90000
unkown
page read and write
1340000
unkown
page read and write
35E4000
unkown
page read and write
1245000
heap
page read and write
9820000
unkown
page read and write
8513000
heap
page read and write
7A52000
heap
page read and write
7FF5D77D2000
unkown
page readonly
4E2F000
heap
page read and write
609000
heap
page read and write
2E90000
unkown
page read and write
2E30000
heap
page read and write
3050000
unkown
page read and write
BFF5000
heap
page read and write
2E90000
unkown
page read and write
4F4B000
heap
page read and write
3200000
unkown
page read and write
7AE0000
unkown
page read and write
A39C000
unkown
page read and write
760F000
unkown
page read and write
27AE000
stack
page read and write
64E000
stack
page read and write
88D1000
heap
page read and write
8944000
heap
page read and write
89DA000
heap
page read and write
29FF000
stack
page read and write
D8EC000
stack
page read and write
BCEB000
stack
page read and write
C40D000
heap
page read and write
2E90000
unkown
page read and write
2E90000
unkown
page read and write
2E7A000
heap
page read and write
3420000
direct allocation
page read and write
400000
unkown
page readonly
9B000
stack
page read and write
3240000
unkown
page read and write
3050000
unkown
page read and write
3040000
unkown
page read and write
1170000
unkown
page read and write
2E7E000
heap
page read and write
854A000
heap
page read and write
7989000
stack
page read and write
8563000
heap
page read and write
3420000
direct allocation
page read and write
C084000
heap
page read and write
2E00000
heap
page read and write
2E90000
unkown
page read and write
9820000
unkown
page read and write
89F1000
heap
page read and write
84C0000
unkown
page read and write
C9A7000
unkown
page read and write
27CE000
stack
page read and write
7FF5D7202000
unkown
page readonly
3040000
unkown
page read and write
7FF5D783B000
unkown
page readonly
C42D000
heap
page read and write
8D3F000
stack
page read and write
90E000
stack
page read and write
8A3B000
heap
page read and write
BB0000
heap
page read and write
7FF5D7669000
unkown
page readonly
3040000
unkown
page read and write
66F000
heap
page read and write
There are 2940 hidden memdumps, click here to show them.