IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\$WinREAgent\Scratch\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\$WinREAgent\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\EGIJEBGDAFHI\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\EGIJEBGDAFHI\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\EGIJEBGDAFHI\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\EGIJEBGDAFHI\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build2.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build3.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\build2[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\build3[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\sqls[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\E609.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\VirtualStore\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\rujtcgu
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\rujtcgu:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\Desktop\AIXACVYBSB\XZXHAVGRAG.pdf
data
dropped
 malicious
C:\Users\user\Desktop\DTBZGIOOSO\ONBQCLYSPU.xlsx
data
dropped
 malicious
C:\Users\user\Desktop\XZXHAVGRAG\UMMBDNEQBN.xlsx
data
dropped
 malicious
C:\Users\user\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\EGIJEBGDAFHI\AFBKKF
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\EGIJEBGDAFHI\BGHJEB
SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\EGIJEBGDAFHI\BKECBA
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 4
dropped
C:\ProgramData\EGIJEBGDAFHI\DAKFCG
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\EGIJEBGDAFHI\DAKFCG-shm
data
dropped
C:\ProgramData\EGIJEBGDAFHI\DHCBAE
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\EGIJEBGDAFHI\EHJDGH
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\EGIJEBGDAFHI\EHJDGH-shm
data
dropped
C:\ProgramData\EGIJEBGDAFHI\GIJECG
ASCII text, with very long lines (1809), with CRLF line terminators
dropped
C:\ProgramData\EGIJEBGDAFHI\HJJECB
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
dropped
C:\ProgramData\EGIJEBGDAFHI\IDBFHC
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\EGIJEBGDAFHI\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\EGIJEBGDAFHI\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Explorer.EXE_c21224191a167f50d0fc77956927dc29a8d71181_f78a65ed_3ca0ac9a-e644-40b7-b1d7-4546d8e03559\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC4DF.tmp.dmp
Mini DuMP crash report, 17 streams, CheckSum 0x00000004, Sat May 25 19:30:33 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCBE5.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERCC34.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\SystemID\PersonalID.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\.curlrc
data
dropped
C:\Users\user\.curlrc.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\LOG.old
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log.vepi (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\LOG.old
data
modified
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\LOG.old.vepi (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x000000000000002d.db
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x000000000000002e.db
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\76561199689717899[1].htm
HTML document, Unicode text, UTF-8 text, with very long lines (3063), with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\geo[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\get[1].htm
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\get[2].htm
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\geo[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\Windows[2].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\C002.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\C01.bat
ASCII text, with no line terminators
modified
C:\Users\user\AppData\Local\bowsakkdestx.txt
JSON data
dropped
C:\Users\user\Desktop\AIXACVYBSB.docx
data
dropped
C:\Users\user\Desktop\AIXACVYBSB.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\AIXACVYBSB.docx
data
modified
C:\Users\user\Desktop\AIXACVYBSB\AIXACVYBSB.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\DTBZGIOOSO.xlsx
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\DTBZGIOOSO.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\ONBQCLYSPU.jpg
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\ONBQCLYSPU.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\UMMBDNEQBN.mp3
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\UMMBDNEQBN.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\VLZDGUKUTZ.png
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\VLZDGUKUTZ.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\AIXACVYBSB\XZXHAVGRAG.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\BPMLNOBVSB.mp3
data
dropped
C:\Users\user\Desktop\BPMLNOBVSB.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO.docx
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO.xlsx
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\DTBZGIOOSO.docx
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\DTBZGIOOSO.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\HTAGVDFUIE.jpg
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\HTAGVDFUIE.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\LTKMYBSEYZ.png
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\LTKMYBSEYZ.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\ONBQCLYSPU.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\UMMBDNEQBN.pdf
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\UMMBDNEQBN.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\WUTJSCBCFX.mp3
data
dropped
C:\Users\user\Desktop\DTBZGIOOSO\WUTJSCBCFX.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\DVWHKMNFNN.pdf
data
dropped
C:\Users\user\Desktop\DVWHKMNFNN.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\HTAGVDFUIE.jpg
data
dropped
C:\Users\user\Desktop\HTAGVDFUIE.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\JSDNGYCOWY.png
data
dropped
C:\Users\user\Desktop\JSDNGYCOWY.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\LTKMYBSEYZ.png
data
dropped
C:\Users\user\Desktop\LTKMYBSEYZ.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\ONBQCLYSPU.jpg
data
dropped
C:\Users\user\Desktop\ONBQCLYSPU.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\ONBQCLYSPU.xlsx
data
dropped
C:\Users\user\Desktop\ONBQCLYSPU.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\UMMBDNEQBN.mp3
data
dropped
C:\Users\user\Desktop\UMMBDNEQBN.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\UMMBDNEQBN.pdf
data
dropped
C:\Users\user\Desktop\UMMBDNEQBN.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\UMMBDNEQBN.xlsx
data
dropped
C:\Users\user\Desktop\UMMBDNEQBN.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\VLZDGUKUTZ.png
data
dropped
C:\Users\user\Desktop\VLZDGUKUTZ.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\WUTJSCBCFX.jpg
data
dropped
C:\Users\user\Desktop\WUTJSCBCFX.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\WUTJSCBCFX.mp3
data
dropped
C:\Users\user\Desktop\WUTJSCBCFX.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG.docx
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG.docx.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG.pdf
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\BPMLNOBVSB.mp3
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\BPMLNOBVSB.mp3.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\DVWHKMNFNN.pdf
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\DVWHKMNFNN.pdf.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\JSDNGYCOWY.png
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\JSDNGYCOWY.png.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\UMMBDNEQBN.xlsx.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\WUTJSCBCFX.jpg
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\WUTJSCBCFX.jpg.vepi (copy)
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\XZXHAVGRAG.docx
data
dropped
C:\Users\user\Desktop\XZXHAVGRAG\XZXHAVGRAG.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB.docx
data
dropped
C:\Users\user\Documents\AIXACVYBSB.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB\AIXACVYBSB.docx
data
dropped
C:\Users\user\Documents\AIXACVYBSB\AIXACVYBSB.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB\DTBZGIOOSO.xlsx
data
dropped
C:\Users\user\Documents\AIXACVYBSB\DTBZGIOOSO.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB\ONBQCLYSPU.jpg
data
dropped
C:\Users\user\Documents\AIXACVYBSB\ONBQCLYSPU.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB\UMMBDNEQBN.mp3
data
dropped
C:\Users\user\Documents\AIXACVYBSB\UMMBDNEQBN.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB\VLZDGUKUTZ.png
data
dropped
C:\Users\user\Documents\AIXACVYBSB\VLZDGUKUTZ.png.vepi (copy)
data
dropped
C:\Users\user\Documents\AIXACVYBSB\XZXHAVGRAG.pdf
data
dropped
C:\Users\user\Documents\AIXACVYBSB\XZXHAVGRAG.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\BPMLNOBVSB.mp3
data
dropped
C:\Users\user\Documents\BPMLNOBVSB.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO.docx
data
dropped
C:\Users\user\Documents\DTBZGIOOSO.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO.xlsx
data
dropped
C:\Users\user\Documents\DTBZGIOOSO.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\DTBZGIOOSO.docx
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\DTBZGIOOSO.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\HTAGVDFUIE.jpg
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\HTAGVDFUIE.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\LTKMYBSEYZ.png
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\LTKMYBSEYZ.png.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\ONBQCLYSPU.xlsx
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\ONBQCLYSPU.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\UMMBDNEQBN.pdf
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\UMMBDNEQBN.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\WUTJSCBCFX.mp3
data
dropped
C:\Users\user\Documents\DTBZGIOOSO\WUTJSCBCFX.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\DVWHKMNFNN.pdf
data
dropped
C:\Users\user\Documents\DVWHKMNFNN.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\HTAGVDFUIE.jpg
data
dropped
C:\Users\user\Documents\HTAGVDFUIE.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\JSDNGYCOWY.png
data
dropped
C:\Users\user\Documents\JSDNGYCOWY.png.vepi (copy)
data
dropped
C:\Users\user\Documents\LTKMYBSEYZ.png
data
dropped
C:\Users\user\Documents\LTKMYBSEYZ.png.vepi (copy)
data
dropped
C:\Users\user\Documents\ONBQCLYSPU.jpg
data
dropped
C:\Users\user\Documents\ONBQCLYSPU.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\ONBQCLYSPU.xlsx
data
dropped
C:\Users\user\Documents\ONBQCLYSPU.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\UMMBDNEQBN.mp3
data
dropped
C:\Users\user\Documents\UMMBDNEQBN.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\UMMBDNEQBN.pdf
data
dropped
C:\Users\user\Documents\UMMBDNEQBN.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\UMMBDNEQBN.xlsx
data
dropped
C:\Users\user\Documents\UMMBDNEQBN.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\VLZDGUKUTZ.png
data
dropped
C:\Users\user\Documents\VLZDGUKUTZ.png.vepi (copy)
data
dropped
C:\Users\user\Documents\WUTJSCBCFX.jpg
data
dropped
C:\Users\user\Documents\WUTJSCBCFX.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\WUTJSCBCFX.mp3
data
dropped
C:\Users\user\Documents\WUTJSCBCFX.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG.docx
data
dropped
C:\Users\user\Documents\XZXHAVGRAG.docx.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG.pdf
data
dropped
C:\Users\user\Documents\XZXHAVGRAG.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\BPMLNOBVSB.mp3
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\BPMLNOBVSB.mp3.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\DVWHKMNFNN.pdf
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\DVWHKMNFNN.pdf.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\JSDNGYCOWY.png
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\JSDNGYCOWY.png.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\UMMBDNEQBN.xlsx
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\UMMBDNEQBN.xlsx.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\WUTJSCBCFX.jpg
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\WUTJSCBCFX.jpg.vepi (copy)
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\XZXHAVGRAG.docx
data
dropped
C:\Users\user\Documents\XZXHAVGRAG\XZXHAVGRAG.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\AIXACVYBSB.docx
data
dropped
C:\Users\user\Downloads\AIXACVYBSB.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\BPMLNOBVSB.mp3
data
dropped
C:\Users\user\Downloads\BPMLNOBVSB.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\DTBZGIOOSO.docx
data
dropped
C:\Users\user\Downloads\DTBZGIOOSO.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\DTBZGIOOSO.xlsx
data
dropped
C:\Users\user\Downloads\DTBZGIOOSO.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\DVWHKMNFNN.pdf
data
dropped
C:\Users\user\Downloads\DVWHKMNFNN.pdf.vepi (copy)
data
dropped
C:\Users\user\Downloads\HTAGVDFUIE.jpg
data
dropped
C:\Users\user\Downloads\HTAGVDFUIE.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\JSDNGYCOWY.png
data
dropped
C:\Users\user\Downloads\JSDNGYCOWY.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\LTKMYBSEYZ.png
data
dropped
C:\Users\user\Downloads\LTKMYBSEYZ.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\ONBQCLYSPU.jpg
data
dropped
C:\Users\user\Downloads\ONBQCLYSPU.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\ONBQCLYSPU.xlsx
data
dropped
C:\Users\user\Downloads\ONBQCLYSPU.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\UMMBDNEQBN.mp3
data
dropped
C:\Users\user\Downloads\UMMBDNEQBN.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\UMMBDNEQBN.pdf
data
dropped
C:\Users\user\Downloads\UMMBDNEQBN.pdf.vepi (copy)
data
dropped
C:\Users\user\Downloads\UMMBDNEQBN.xlsx
data
dropped
C:\Users\user\Downloads\UMMBDNEQBN.xlsx.vepi (copy)
data
dropped
C:\Users\user\Downloads\VLZDGUKUTZ.png
data
dropped
C:\Users\user\Downloads\VLZDGUKUTZ.png.vepi (copy)
data
dropped
C:\Users\user\Downloads\WUTJSCBCFX.jpg
data
dropped
C:\Users\user\Downloads\WUTJSCBCFX.jpg.vepi (copy)
data
dropped
C:\Users\user\Downloads\WUTJSCBCFX.mp3
data
dropped
C:\Users\user\Downloads\WUTJSCBCFX.mp3.vepi (copy)
data
dropped
C:\Users\user\Downloads\XZXHAVGRAG.docx
data
dropped
C:\Users\user\Downloads\XZXHAVGRAG.docx.vepi (copy)
data
dropped
C:\Users\user\Downloads\XZXHAVGRAG.pdf
data
dropped
C:\Users\user\Downloads\XZXHAVGRAG.pdf.vepi (copy)
data
dropped
C:\Users\user\Favorites\Amazon.url
data
dropped
C:\Users\user\Favorites\Amazon.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Bing.url
data
dropped
C:\Users\user\Favorites\Bing.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Facebook.url
data
dropped
C:\Users\user\Favorites\Facebook.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Google.url
data
dropped
C:\Users\user\Favorites\Google.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Live.url
data
dropped
C:\Users\user\Favorites\Live.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\NYTimes.url
data
dropped
C:\Users\user\Favorites\NYTimes.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Reddit.url
data
dropped
C:\Users\user\Favorites\Reddit.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Twitter.url
data
dropped
C:\Users\user\Favorites\Twitter.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Wikipedia.url
data
dropped
C:\Users\user\Favorites\Wikipedia.url.vepi (copy)
data
dropped
C:\Users\user\Favorites\Youtube.url
data
dropped
C:\Users\user\Favorites\Youtube.url.vepi (copy)
data
dropped
C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1002}-.searchconnector-ms
data
dropped
C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1002}-.searchconnector-ms.vepi (copy)
data
dropped
There are 267 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\rujtcgu
C:\Users\user\AppData\Roaming\rujtcgu
 malicious
C:\Windows\System32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\C002.bat" "
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Windows\System32\reg.exe
reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
 malicious
C:\Users\user\AppData\Local\Temp\E609.exe
C:\Users\user\AppData\Local\Temp\E609.exe
 malicious
C:\Users\user\AppData\Local\Temp\E609.exe
C:\Users\user\AppData\Local\Temp\E609.exe
 malicious
C:\Users\user\AppData\Local\Temp\E609.exe
"C:\Users\user\AppData\Local\Temp\E609.exe" --Admin IsNotAutoStart IsNotTask
 malicious
C:\Users\user\AppData\Local\Temp\E609.exe
"C:\Users\user\AppData\Local\Temp\E609.exe" --Admin IsNotAutoStart IsNotTask
 malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe --Task
 malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe --Task
 malicious
C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build2.exe
"C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build2.exe"
malicious
C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build2.exe
"C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build2.exe"
malicious
C:\Windows\System32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\C01.bat" "
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Windows\System32\reg.exe
reg add "HKEY_CURRENT_USER\Software\clicker\key" /v primary /t REG_DWORD /d 1
 malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
"C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build3.exe
"C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build3.exe"
malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
"C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build3.exe
"C:\Users\user\AppData\Local\100ceb86-6cb1-4744-a649-0782dee5c50c\build3.exe"
malicious
C:\Windows\SysWOW64\schtasks.exe
/C /create /F /sc minute /mo 1 /tn "Azure-Update-Task" /tr "C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe"
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
"C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe" --AutoStart
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
 malicious
C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe
"C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230\E609.exe" --AutoStart
 malicious
C:\Users\user\AppData\Roaming\rujtcgu
C:\Users\user\AppData\Roaming\rujtcgu
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
 malicious
C:\Windows\SysWOW64\schtasks.exe
/C /create /F /sc minute /mo 1 /tn "Azure-Update-Task" /tr "C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe"
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Windows\explorer.exe
explorer.exe
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Users\user\AppData\Local\1ce9cac5-3da6-4cd9-96d9-c6269c309230" /deny *S-1-1-0:(OI)(CI)(DE,DC)
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2580 -s 10876
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /c timeout /t 10 & rd /s /q "C:\ProgramData\EGIJEBGDAFHI" & exit
There are 25 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://trade-inmyus.com/index.php
malicious
https://api.2ip.ua/geo.json.
unknown
 malicious
https://steamcommunity.com/profiles/76561199689717899
104.102.42.29
 malicious
http://91.92.253.69/wek.exe
91.92.253.69
 malicious
http://cajgtus.com/test1/get.php?pid=F8AFCDC4E800A3319FFB343E83099637
213.172.74.157
 malicious
https://aka.ms/odirmr
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://65.109.242.59/softokn3.dllqd
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
unknown
https://api.msn.com:443/v1/news/Feed/Windows?
unknown
https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
unknown
https://www.gstatic.cn/recaptcha/
unknown
https://65.109.242.59/freebl3.dll5d-
unknown
https://api.2ip.ua/geo.json)
unknown
https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=engli
unknown
https://65.109.242.59/freebl3.dll/d
unknown
https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
unknown
https://powerpoint.office.comen
unknown
http://www.valvesoftware.com/legal.htm
unknown
https://www.youtube.com
unknown
https://65.109.242.59/Z
unknown
https://65.109.242.59/nss3.dll
65.109.242.59
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
unknown
http://cajgtus.com/files/1/build3.exe?
unknown
https://65.109.242.59/d
unknown
https://assets.msn.com/weathermapdata/1/static/finance/crypto/
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://65.109.242.59/f
unknown
https://65.109.242.59/j
unknown
https://65.109.242.59/i
unknown
https://s.ytimg.com;
unknown
https://api.2ip.ua/au
unknown
https://t.me/copterwin
unknown
http://www.reddit.com/
unknown
https://65.109.242.59/s
unknown
https://65.109.242.59/r
unknown
http://cajgtus.com/test1/get.phpenh
unknown
https://api.2ip.ua/geo.json-Agent:
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
unknown
https://wns.windows.com/L
unknown
https://65.109.242.59/:
unknown
https://api.2ip.ua/geo.jsonY
unknown
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
unknown
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
unknown
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
unknown
https://api.2ip.ua/geo.jsonR
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js
unknown
https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://steamcommunity.com/profiles/76561199689717899(J$-
unknown
https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
unknown
https://65.109.242.59/I
unknown
http://sdfjhuz.com/dl/build2.exe$run
unknown
https://www.ecosia.org/newtab/
unknown
https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
unknown
https://65.109.242.59/freebl3.dll
65.109.242.59
https://lv.queniujq.cn
unknown
https://www.youtube.com/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
unknown
https://www.rd.com/list/polite-habits-campers-dislike/
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
unknown
https://65.109.242.59/tography
unknown
https://www.google.com/recaptcha/
unknown
https://api.msn.com:443/v1/news/Feed/Windows?R
unknown
https://checkout.steampowered.com/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
unknown
https://65.109.242.59/.
unknown
https://outlook.com_
unknown
https://api.2ip.ua/geo.jsonJ
unknown
https://www.msn.com/en-us/news/crime/fingerprints-on-ransom-n
unknown
https://65.109.242.59DHIE
unknown
https://api.2ip.ua/geo.jsonG
unknown
https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
unknown
https://65.109.242.59/softokn3.dll3e
unknown
https://65.109.242.59/mozglue.dll
65.109.242.59
https://65.109.242.59/vcruntime140.dll
65.109.242.59
https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
unknown
https://help.steampowered.com/en/
unknown
http://www.amazon.com/
unknown
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
unknown
http://schemas.micro
unknown
http://www.twitter.com/
unknown
https://recaptcha.net/recaptcha/;
unknown
https://65.109.242.59/vcruntime140.dll65.109.242.59
unknown
http://www.openssl.org/support/faq.html
unknown
https://steamcommunity.com/$ix-
unknown
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
unknown
https://api.2ip.ua/geo.jsonje
unknown
https://broadcast.st.dl.eccdnx.com
unknown
https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
unknown
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
unknown
https://api.2ip.ua/geo.jsonq
unknown
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
unknown
https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
unknown
https://steamcommunity.com/workshop/
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
safeautomationbd.com
103.174.152.66
 malicious
sdfjhuz.com
189.163.126.89
 malicious
cajgtus.com
213.172.74.157
 malicious
steamcommunity.com
104.102.42.29
 malicious
nessotechbd.com
192.185.16.114
 malicious
cdn.discordapp.com
162.159.134.233
 malicious
trad-einmyus.com
158.160.165.129
 malicious
www.safeautomationbd.com
unknown
 malicious
api.msn.com
unknown
 malicious
transfer.adttemp.com.br
104.196.109.209
api.2ip.ua
188.114.96.3
There are 1 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
189.163.126.89
sdfjhuz.com
Mexico
malicious
103.174.152.66
safeautomationbd.com
unknown
malicious
104.102.42.29
steamcommunity.com
United States
malicious
193.233.132.167
unknown
Russian Federation
malicious
91.92.253.69
unknown
Bulgaria
malicious
185.154.13.143
unknown
Ukraine
malicious
213.172.74.157
cajgtus.com
Azerbaijan
malicious
192.185.16.114
nessotechbd.com
United States
malicious
158.160.165.129
trad-einmyus.com
Venezuela
malicious
162.159.134.233
cdn.discordapp.com
United States
malicious
65.109.242.59
unknown
United States
188.114.96.3
api.2ip.ua
European Union
104.196.109.209
transfer.adttemp.com.br
United States
There are 3 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{5985FC23-2588-4D9A-B38B-7E7AFFAB3155} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000080018
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\wbarf\NccQngn\Ybpny\1pr9pnp5-3qn6-4pq9-96q9-p6269p309230\R609.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000050452
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\wbarf\NccQngn\Ybpny\1pr9pnp5-3qn6-4pq9-96q9-p6269p309230\R609.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\clicker\key
primary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SysHelper
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion
SysHelper
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {000214EF-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.WindowsStore_8wekyb3d8bbwe\ApplicationFrame\Microsoft.WindowsStore_8wekyb3d8bbwe!App
PreferredMinSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\StagingInfo\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}
DriveNumber
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
TotalBytes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
FreeBytes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Blank Disc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Can Close
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Media Type
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Imapi Media State
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
IsImapiDataBurnSupported
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
IsImapiEraseSupported
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Live FS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Disc Label
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\Current Media
Set
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{ad6cc5d8-f1a9-4873-be33-91b2f05e9306}
Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{5d0fa9fb-e2e8-4263-a849-b22baad6d1d8}
Generation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
TraySearchBoxVisible
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
SearchboxWidthOld
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
SearchboxWidth
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
TraySearchBoxVisible
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
SearchboxWidthOld
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
SearchboxWidth
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
InstalledWin32AppsRevision
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020448
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010446
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000001044A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020430
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000010426
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000004040A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000103F6
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000103F2
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000203BE
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
InstalledWin32AppsRevision
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
CheckSetting
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify
PastIconsStream
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify
IconStreams
There are 204 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2D90000
direct allocation
page execute and read and write
 malicious
8A0000
direct allocation
page execute and read and write
 malicious
2EF0000
direct allocation
page read and write
 malicious
4A80000
direct allocation
page execute and read and write
 malicious
2E30000
direct allocation
page read and write
 malicious
2E71000
unclassified section
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
4A70000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
4A70000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
49E0000
direct allocation
page execute and read and write
 malicious
48F1000
unclassified section
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
48F1000
unclassified section
page read and write
 malicious
48D0000
direct allocation
page read and write
 malicious
4A10000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
970000
direct allocation
page execute and read and write
 malicious
9CE000
heap
page read and write
7FF5ED279000
unkown
page readonly
8FB000
heap
page read and write
4BC0000
heap
page read and write
1CA07820000
heap
page read and write
31B0000
direct allocation
page read and write
913000
heap
page read and write
CF76000
heap
page read and write
CF63000
heap
page read and write
4B93000
unkown
page read and write
A99000
heap
page read and write
416000
unkown
page write copy
401000
unkown
page execute read
9C80000
unkown
page read and write
9C80000
unkown
page read and write
7B80000
unkown
page read and write
7DF460AF1000
trusted library allocation
page execute read
E0EC000
stack
page read and write
8E1C000
heap
page read and write
3047000
heap
page read and write
7FF5ED337000
unkown
page readonly
13A0000
unkown
page read and write
7DA0000
unkown
page read and write
E3EB000
stack
page read and write
49CF000
stack
page read and write
9C80000
unkown
page read and write
D06C000
heap
page read and write
33D0000
unkown
page read and write
4C9A000
unkown
page read and write
478000
heap
page read and write
8F3C000
heap
page read and write
7FF5ED695000
unkown
page readonly
7DF4F3041000
unkown
page execute read
7D90000
unkown
page read and write
4E77000
heap
page read and write
A9A2000
heap
page read and write
7852000
unkown
page read and write
31B0000
direct allocation
page read and write
7DB0000
unkown
page read and write
9560000
unkown
page read and write
8FA000
heap
page read and write
AA90000
unkown
page read and write
8F8000
heap
page read and write
CA63000
unkown
page read and write
9840000
direct allocation
page read and write
9660000
unkown
page read and write
1828D4A0000
heap
page read and write
7B0000
heap
page read and write
33D0000
unkown
page read and write
7DA0000
unkown
page read and write
720000
heap
page read and write
401000
unkown
page execute read
91E000
heap
page read and write
7F2E000
stack
page read and write
2E5E000
stack
page read and write
5181000
heap
page read and write
9840000
direct allocation
page read and write
7D00000
unkown
page readonly
8FA5000
heap
page read and write
1230000
unkown
page read and write
2B6E000
stack
page read and write
13A0000
unkown
page read and write
24F0000
heap
page read and write
924000
heap
page read and write
2EF84FB000
stack
page read and write
9001000
heap
page read and write
2CBF000
stack
page read and write
33D0000
unkown
page read and write
D083000
heap
page read and write
8FB0000
heap
page read and write
ED97000
stack
page read and write
3130000
heap
page read and write
90D1000
heap
page read and write
13A0000
unkown
page read and write
7DB0000
unkown
page read and write
8F87000
heap
page read and write
11B0000
unkown
page read and write
D09F000
heap
page read and write
401000
unkown
page execute read
8F4F000
heap
page read and write
8AD000
heap
page read and write
4EDF000
heap
page read and write
9840000
direct allocation
page read and write
7FF5ED793000
unkown
page readonly
7FF5ED43A000
unkown
page readonly
7FF5ED5C1000
unkown
page readonly
3460000
unkown
page read and write
32C0000
heap
page read and write
C7AD000
stack
page read and write
5240000
heap
page read and write
A98D000
heap
page read and write
3160000
unkown
page read and write
9CE0000
unkown
page read and write
2E30D000
stack
page read and write
4D54000
heap
page read and write
13A0000
unkown
page read and write
4D42000
heap
page read and write
7953000
unkown
page read and write
4E47000
heap
page read and write
9840000
direct allocation
page read and write
2A10000
heap
page read and write
8F89000
heap
page read and write
40B000
unkown
page execute read
4D4E000
heap
page read and write
3570000
direct allocation
page read and write
7FF5ED77C000
unkown
page readonly
7F8000
heap
page read and write
8BD000
heap
page read and write
13A0000
unkown
page read and write
1468E000
stack
page read and write
9D64000
unkown
page read and write
33D0000
unkown
page read and write
8F89000
heap
page read and write
7867000
unkown
page read and write
3160000
unkown
page read and write
697000
heap
page read and write
7FF5ED74A000
unkown
page readonly
529000
remote allocation
page execute and read and write
A323000
unkown
page read and write
312F000
stack
page read and write
900000
heap
page read and write
266F000
stack
page read and write
D004000
heap
page read and write
400000
unkown
page readonly
C6C1000
unkown
page read and write
10CAF000
unkown
page read and write
8E39000
heap
page read and write
9840000
direct allocation
page read and write
13A0000
unkown
page read and write
4EDA000
heap
page read and write
13A0000
unkown
page read and write
33D0000
unkown
page read and write
F4D3000
unkown
page read and write
B4F0000
unkown
page read and write
2240000
heap
page read and write
9C80000
unkown
page read and write
13A0000
unkown
page read and write
13A0000
unkown
page read and write
908D000
heap
page read and write
13A0000
unkown
page read and write
A807000
heap
page read and write
13A0000
unkown
page read and write
194000
stack
page read and write
B4F0000
unkown
page read and write
13A0000
unkown
page read and write
4E80000
heap
page read and write
A98D000
heap
page read and write
13A0000
unkown
page read and write
8F74000
heap
page read and write
292E000
stack
page read and write
B6A0000
heap
page read and write
785D000
unkown
page read and write
6C8DE000
unkown
page read and write
9C80000
unkown
page read and write
3570000
direct allocation
page read and write
51A2000
heap
page read and write
D0F4000
heap
page read and write
4E38000
heap
page read and write
9C80000
unkown
page read and write
A9BB000
heap
page read and write
7847000
unkown
page read and write
B4F0000
unkown
page read and write
8F68000
heap
page read and write
5193000
heap
page read and write
7869000
unkown
page read and write
2DFF000
stack
page read and write
8F87000
heap
page read and write
D6F0000
trusted library allocation
page read and write
2FCF000
stack
page read and write
37BD000
unkown
page read and write
310E000
heap
page read and write
52B000
remote allocation
page execute and read and write
90F8000
heap
page read and write
2E2E000
stack
page read and write
13A0000
unkown
page read and write
11B0000
unkown
page read and write
8F9000
heap
page read and write
829000
heap
page read and write
33D0000
unkown
page read and write
8EA8000
heap
page read and write
8F8000
heap
page read and write
9C80000
unkown
page read and write
CC0B000
stack
page read and write
797D000
unkown
page read and write
30E3000
heap
page read and write
401000
unkown
page execute read
524D000
heap
page read and write
3756000
unkown
page read and write
4990000
heap
page read and write
9840000
direct allocation
page read and write
31B0000
direct allocation
page read and write
7FF5ED939000
unkown
page readonly
9840000
direct allocation
page read and write
42D000
unkown
page read and write
D179000
heap
page read and write
2FB0000
remote allocation
page read and write
13A0000
unkown
page read and write
8FA3000
heap
page read and write
8F8000
heap
page read and write
418000
unkown
page write copy
680000
heap
page read and write
706000
heap
page read and write
1828D3B0000
heap
page read and write
7FF5ED9FF000
unkown
page readonly
2DDE000
stack
page read and write
4FD000
stack
page read and write
309F000
stack
page read and write
418000
unkown
page write copy
7FF5ED7C4000
unkown
page readonly
7FF5ED4EF000
unkown
page readonly
2E60000
heap
page read and write
D125000
heap
page read and write
9090000
heap
page read and write
90E000
stack
page read and write
30D0000
heap
page read and write
A9B4000
heap
page read and write
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
8EA8000
heap
page read and write
2E61000
heap
page read and write
7E4000
heap
page read and write
B4F0000
unkown
page read and write
EA9D000
stack
page read and write
31B0000
direct allocation
page read and write
3389000
stack
page read and write
320A000
stack
page read and write
4E80000
heap
page read and write
9871000
unkown
page read and write
8FA000
heap
page read and write
796000
heap
page read and write
31B0000
direct allocation
page read and write
11B0000
unkown
page read and write
30E0000
heap
page read and write
2EDF000
stack
page read and write
8CE000
heap
page read and write
7DA0000
unkown
page read and write
7FF5ED451000
unkown
page readonly
D183000
heap
page read and write
30B0000
heap
page read and write
2DFE000
stack
page read and write
1B4FB000
heap
page read and write
3460000
unkown
page read and write
56D9000
unkown
page read and write
D083000
heap
page read and write
BA0000
heap
page read and write
8FA000
heap
page read and write
33D0000
unkown
page read and write
C5A0000
unkown
page read and write
941000
heap
page read and write
1E220000
heap
page read and write
8ED000
heap
page read and write
A87C000
heap
page read and write
900D000
heap
page read and write
B4F0000
unkown
page read and write
2B6D000
stack
page read and write
418000
unkown
page write copy
9C80000
unkown
page read and write
9001000
heap
page read and write
7FF5ED39E000
unkown
page readonly
B4F0000
unkown
page read and write
1CA07B25000
heap
page read and write
2E71000
heap
page read and write
8F78000
heap
page read and write
51C9000
heap
page read and write
E79D000
stack
page read and write
83F000
heap
page read and write
6CACE000
unkown
page read and write
7DD9000
stack
page read and write
B4F0000
unkown
page read and write
9C80000
unkown
page read and write
3260000
heap
page read and write
33D0000
unkown
page read and write
1CEFD4B2000
heap
page read and write
B4F0000
unkown
page read and write
2D08000
unkown
page readonly
4E42000
heap
page read and write
7D90000
unkown
page read and write
8B1000
heap
page read and write
9560000
unkown
page read and write
13A0000
unkown
page read and write
D066000
heap
page read and write
8C00000
remote allocation
page read and write
9C80000
unkown
page read and write
7FF5ED426000
unkown
page readonly
13A0000
unkown
page read and write
8F6C000
heap
page read and write
3160000
unkown
page read and write
FCE8000
unkown
page read and write
C57F000
unkown
page read and write
79D000
heap
page read and write
6CACF000
unkown
page write copy
460000
heap
page read and write
C561000
unkown
page read and write
90C0000
heap
page read and write
8F8000
heap
page read and write
18FF0000
remote allocation
page read and write
4E3C000
heap
page read and write
B4F0000
unkown
page read and write
30B0000
heap
page read and write
8E7000
heap
page read and write
193000
stack
page read and write
C08A000
stack
page read and write
D780000
trusted library allocation
page read and write
410000
unkown
page readonly
4D54000
heap
page read and write
1DDBD000
direct allocation
page execute read
279F000
stack
page read and write
8F99000
heap
page read and write
401000
unkown
page execute read
4D52000
heap
page read and write
1F0000
heap
page read and write
400000
unkown
page readonly
31B0000
direct allocation
page read and write
1F0000
heap
page read and write
8A7000
heap
page read and write
32A0000
unkown
page read and write
33D0000
unkown
page read and write
418000
unkown
page write copy
4B00000
heap
page read and write
13A0000
unkown
page read and write
9CE0000
unkown
page read and write
8F5F000
heap
page read and write
7D90000
unkown
page read and write
2D8E000
stack
page read and write
13A0000
unkown
page read and write
9C80000
unkown
page read and write
515F000
heap
page read and write
8EAA000
heap
page read and write
7F2B000
stack
page read and write
3570000
direct allocation
page read and write
13A0000
unkown
page read and write
A8D5000
heap
page read and write
E4EE000
stack
page read and write
8F8000
heap
page read and write
916000
heap
page read and write
1490000
unkown
page read and write
7DB0000
unkown
page read and write
7CD0000
unkown
page read and write
2D90000
heap
page read and write
7DA0000
unkown
page read and write
CFF5000
heap
page read and write
8EE000
heap
page read and write
4D36000
heap
page read and write
9B000
stack
page read and write
4E70000
heap
page read and write
51C2000
heap
page read and write
2DF0000
heap
page read and write
7FF5ED2A4000
unkown
page readonly
33D0000
unkown
page read and write
8C00000
remote allocation
page read and write
278E000
stack
page read and write
61FD37B000
stack
page read and write
7FF5ED40D000
unkown
page readonly
8D47000
heap
page read and write
2B7D000
stack
page read and write
557000
heap
page read and write
4E62000
heap
page read and write
8EE7000
heap
page read and write
2E8E000
stack
page read and write
2D20000
heap
page read and write
8BC000
heap
page read and write
B4F0000
unkown
page read and write
8EA1000
heap
page read and write
BDC0000
unkown
page readonly
7DF4F3051000
unkown
page execute read
A8D5000
heap
page read and write
9B000
stack
page read and write
2B6D000
stack
page read and write
33D0000
unkown
page read and write
3700000
unkown
page read and write
7FF5EDA76000
unkown
page readonly
7E9000
unkown
page readonly
916000
heap
page read and write
A8D5000
heap
page read and write
7FF5ED602000
unkown
page readonly
438000
unkown
page write copy
4A00000
heap
page read and write
A841000
heap
page read and write
4E77000
heap
page read and write
438000
unkown
page write copy
8F83000
heap
page read and write
2FB1000
heap
page read and write
328F000
stack
page read and write
A81B000
heap
page read and write
F7B4000
unkown
page read and write
11B0000
unkown
page read and write
7DA0000
unkown
page read and write
A9B4000
heap
page read and write
1828D572000
heap
page read and write
1828D660000
heap
page read and write
ABA000
heap
page read and write
4C10000
heap
page read and write
4BDC000
unkown
page read and write
7FF5ED5EB000
unkown
page readonly
B7AC000
stack
page read and write
1730000
heap
page read and write
2FB1000
heap
page read and write
13A0000
unkown
page read and write
767000
heap
page read and write
76C0000
unkown
page read and write
3460000
unkown
page read and write
B140000
unkown
page readonly
11B0000
unkown
page read and write
9875000
unkown
page read and write
9550000
unkown
page readonly
31B0000
direct allocation
page read and write
9087000
heap
page read and write
8F83000
heap
page read and write
904A000
heap
page read and write
8F78000
heap
page read and write
B4F0000
unkown
page read and write
8D51000
heap
page read and write
8E7D000
heap
page read and write
A7E7000
heap
page read and write
A9AB000
heap
page read and write
2BBE000
stack
page read and write
7FF5ED6DB000
unkown
page readonly
9126000
heap
page read and write
33D0000
unkown
page read and write
986F000
unkown
page read and write
8F85000
heap
page read and write
8EB4000
heap
page read and write
A98D000
heap
page read and write
A997000
heap
page read and write
401000
unkown
page execute read
7FF5ED1D6000
unkown
page readonly
28DF000
stack
page read and write
7D90000
unkown
page read and write
DD6D000
stack
page read and write
8740000
unkown
page read and write
B4F0000
unkown
page read and write
B07000
heap
page read and write
4F05000
heap
page read and write
DE0000
unkown
page readonly
A816000
heap
page read and write
886000
heap
page read and write
502F000
stack
page read and write
400000
unkown
page readonly
32A0000
unkown
page read and write
D6F0000
trusted library allocation
page read and write
7FF5ED625000
unkown
page readonly
7FF5ED996000
unkown
page readonly
1220000
unkown
page readonly
9062000
heap
page read and write
9840000
direct allocation
page read and write
31B0000
direct allocation
page read and write
91D000
heap
page read and write
5245000
heap
page read and write
2EEE000
stack
page read and write
1DE13000
heap
page read and write
7FF5ED7F1000
unkown
page readonly
AADB000
unkown
page read and write
892000
heap
page read and write
7977000
unkown
page read and write
1470000
heap
page read and write
FD03000
unkown
page read and write
13A0000
unkown
page read and write
A9AB000
heap
page read and write
8F89000
heap
page read and write
4E34000
heap
page read and write
7FF5ED810000
unkown
page readonly
90AD000
heap
page read and write
51BB000
heap
page read and write
3570000
direct allocation
page read and write
7FF5EDA69000
unkown
page readonly
7FF5ED980000
unkown
page readonly
1380000
heap
page read and write
13A0000
unkown
page read and write
B4F0000
unkown
page read and write
9CE0000
unkown
page read and write
4D61000
heap
page read and write
50B0000
trusted library allocation
page read and write
4E42000
heap
page read and write
1F0000
heap
page read and write
FA37000
unkown
page read and write
A9BB000
heap
page read and write
8A7000
heap
page read and write
8F9000
heap
page read and write
C503000
unkown
page read and write
A433000
unkown
page read and write
4F06000
heap
page read and write
987F000
unkown
page read and write
C8AE000
stack
page read and write
787000
heap
page read and write
A7E7000
heap
page read and write
4EFC000
heap
page read and write
1F0000
heap
page read and write
5D5000
heap
page read and write
8FB000
heap
page read and write
1240000
heap
page read and write
9139000
stack
page read and write
9840000
direct allocation
page read and write
31B0000
direct allocation
page read and write
C5AA000
unkown
page read and write
4E80000
heap
page read and write
530A000
trusted library section
page read and write
51B9000
heap
page read and write
51B9000
heap
page read and write
90F2000
heap
page read and write
7A34000
unkown
page read and write
19C000
stack
page read and write
31B0000
direct allocation
page read and write
7D90000
unkown
page read and write
33D0000
unkown
page read and write
A8A5000
heap
page read and write
401000
unkown
page execute read
7D90000
unkown
page read and write
14B0000
unkown
page readonly
11B0000
unkown
page read and write
90D3000
heap
page read and write
A9B4000
heap
page read and write
A9A2000
heap
page read and write
401000
unkown
page execute read
8BF0000
unkown
page readonly
9C80000
unkown
page read and write
A820000
heap
page read and write
7DD0000
unkown
page read and write
B4F0000
unkown
page read and write
7FF5ED9AE000
unkown
page readonly
2CBD000
stack
page read and write
4E77000
heap
page read and write
418000
unkown
page write copy
11B0000
unkown
page read and write
A82A000
heap
page read and write
32A0000
unkown
page read and write
33D0000
unkown
page read and write
7FF5EDA47000
unkown
page readonly
D8CF000
stack
page read and write
31B0000
direct allocation
page read and write
2CFE000
stack
page read and write
3160000
unkown
page read and write
494A000
heap
page execute and read and write
89A0000
unkown
page read and write
D17E000
heap
page read and write
4E6E000
heap
page read and write
197000
stack
page read and write
9840000
direct allocation
page read and write
F4D5000
unkown
page read and write
410000
heap
page read and write
A7E8000
heap
page read and write
E69E000
stack
page read and write
E59C000
stack
page read and write
A8AB000
heap
page read and write
418000
unkown
page write copy
4E57000
heap
page read and write
3160000
unkown
page read and write
1F0000
heap
page read and write
7FF5ED4BB000
unkown
page readonly
9CE0000
unkown
page read and write
4E62000
heap
page read and write
9C80000
unkown
page read and write
7D90000
unkown
page read and write
2E2E000
stack
page read and write
19D000
stack
page read and write
8210000
unkown
page read and write
8FE000
heap
page read and write
C9CE000
stack
page read and write
CE4D000
heap
page read and write
33D0000
unkown
page read and write
9840000
direct allocation
page read and write
13A0000
unkown
page read and write
7CF000
heap
page read and write
8F9000
heap
page read and write
8FA000
heap
page read and write
7DA0000
unkown
page read and write
7FF5ED853000
unkown
page readonly
4E80000
heap
page read and write
8E46000
heap
page read and write
909D000
heap
page read and write
51BC000
heap
page read and write
13A0000
unkown
page read and write
51A9000
heap
page read and write
7DB0000
unkown
page read and write
F772000
unkown
page read and write
2780000
heap
page read and write
D038000
heap
page read and write
7FF5ED928000
unkown
page readonly
5266000
heap
page read and write
E1EE000
stack
page read and write
590000
heap
page read and write
9C80000
unkown
page read and write
529000
remote allocation
page execute and read and write
8EDC000
heap
page read and write
4BE3000
unkown
page read and write
13A0000
unkown
page read and write
310E000
stack
page read and write
3160000
unkown
page read and write
4D80000
heap
page read and write
8E26000
heap
page read and write
D099000
heap
page read and write
301F000
stack
page read and write
7DA0000
unkown
page read and write
4E77000
heap
page read and write
9840000
direct allocation
page read and write
7D90000
unkown
page read and write
7DA0000
unkown
page read and write
8A9000
heap
page read and write
7D90000
unkown
page read and write
2E5E000
stack
page read and write
7D90000
unkown
page read and write
7FF5ED505000
unkown
page readonly
7D90000
unkown
page read and write
B4F0000
unkown
page read and write
BBAC000
stack
page read and write
1735000
heap
page read and write
9B000
stack
page read and write
19C000
stack
page read and write
435000
unkown
page execute read
9560000
unkown
page read and write
525C000
heap
page read and write
7DA0000
unkown
page read and write
8FBC000
heap
page read and write
8F8F000
heap
page read and write
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
A4A1000
unkown
page read and write
13A1000
unkown
page read and write
790000
heap
page read and write
906E000
stack
page read and write
B4F0000
unkown
page read and write
7FF5EDA11000
unkown
page readonly
7DA0000
unkown
page read and write
8740000
stack
page read and write
7C90000
unkown
page read and write
3160000
unkown
page read and write
33D0000
unkown
page read and write
A816000
heap
page read and write
B4F0000
unkown
page read and write
9093000
heap
page read and write
A9B4000
heap
page read and write
7CE0000
unkown
page read and write
C8E1000
unkown
page read and write
401000
unkown
page execute read
A81F000
heap
page read and write
400000
unkown
page readonly
410000
unkown
page readonly
8DC000
heap
page execute and read and write
8D31000
heap
page read and write
11B0000
unkown
page read and write
A88F000
heap
page read and write
1DDC8000
direct allocation
page readonly
C82D000
stack
page read and write
7FF5EDA31000
unkown
page readonly
33D0000
unkown
page read and write
1340000
heap
page read and write
3210000
unkown
page read and write
1E1FC000
heap
page read and write
33D0000
unkown
page read and write
7D90000
unkown
page read and write
B08D000
stack
page read and write
30BB000
heap
page read and write
771000
heap
page read and write
2E38000
heap
page read and write
18FF0000
remote allocation
page read and write
33C0000
unkown
page read and write
7FF5ED87D000
unkown
page readonly
9840000
direct allocation
page read and write
3250000
unkown
page read and write
4D46000
heap
page read and write
30CD000
heap
page read and write
B48E000
stack
page read and write
3160000
unkown
page read and write
401000
unkown
page execute read
2D08000
unkown
page readonly
CC10000
unkown
page readonly
3570000
direct allocation
page read and write
684E000
stack
page read and write
7EB000
heap
page read and write
33D0000
unkown
page read and write
32A0000
unkown
page read and write
B4F0000
unkown
page read and write
90F8000
heap
page read and write
B4F0000
unkown
page read and write
3797000
unkown
page read and write
A820000
heap
page read and write
7FF5ED818000
unkown
page readonly
2C89000
unkown
page readonly
447000
unkown
page read and write
7FF5ED59E000
unkown
page readonly
7D90000
unkown
page read and write
11B0000
unkown
page read and write
9B000
stack
page read and write
2E5F000
stack
page read and write
7FF5ED349000
unkown
page readonly
4ED0000
heap
page read and write
9C80000
unkown
page read and write
400000
unkown
page execute and read and write
7FF5ED93B000
unkown
page readonly
540000
heap
page read and write
A81B000
heap
page read and write
A32A000
unkown
page read and write
4C20000
direct allocation
page read and write
BAA000
heap
page read and write
8A1000
heap
page read and write
FCD1000
unkown
page read and write
2A20000
heap
page read and write
AA0000
heap
page read and write
30ED000
heap
page read and write
401000
unkown
page execute read
4D4E000
heap
page read and write
4BA000
heap
page read and write
C6F4000
unkown
page read and write
9560000
unkown
page read and write
49E4000
heap
page execute and read and write
33D0000
unkown
page read and write
13A0000
unkown
page read and write
7E9000
unkown
page readonly
31B0000
direct allocation
page read and write
9815000
unkown
page read and write
7FF5D1CCD000
unkown
page readonly
56C3000
unkown
page read and write
4B60000
heap
page read and write
8DF1000
heap
page read and write
8EDC000
heap
page read and write
7D8000
heap
page read and write
7C80000
unkown
page read and write
30B0000
heap
page read and write
1CA07B20000
heap
page read and write
90AD000
heap
page read and write
78A0000
unkown
page read and write
2D08000
unkown
page readonly
9840000
direct allocation
page read and write
B4F0000
unkown
page read and write
11B0000
unkown
page read and write
A391000
unkown
page read and write
AA5F000
stack
page read and write
31B0000
direct allocation
page read and write
8C0000
heap
page read and write
8E1C000
heap
page read and write
2D08000
unkown
page readonly
CF63000
heap
page read and write
13A0000
unkown
page read and write
529000
remote allocation
page execute and read and write
7FF5ED4B0000
unkown
page readonly
9560000
unkown
page read and write
B4F0000
unkown
page read and write
2ED3000
heap
page read and write
4E77000
heap
page read and write
7FF5ED449000
unkown
page readonly
19B3E5E0000
heap
page read and write
4D36000
heap
page read and write
7FF5ED814000
unkown
page readonly
E5EC000
stack
page read and write
A64000
heap
page read and write
A7E1000
heap
page read and write
9CE0000
unkown
page read and write
B4F0000
unkown
page read and write
2C8C000
unkown
page readonly
4EDF000
heap
page read and write
9B000
stack
page read and write
9798000
unkown
page read and write
8860000
unkown
page read and write
1E1F4000
heap
page read and write
4E69000
heap
page read and write
2FB0000
heap
page read and write
CACC000
stack
page read and write
90F8000
heap
page read and write
B4F0000
unkown
page read and write
BDAF000
stack
page read and write
7FF5ED534000
unkown
page readonly
30DE000
heap
page read and write
32A0000
unkown
page read and write
9F0000
heap
page read and write
7F50000
unkown
page read and write
1E204000
heap
page read and write
32A0000
unkown
page read and write
9CE0000
unkown
page read and write
37D2000
unkown
page read and write
725000
heap
page read and write
8C0000
heap
page read and write
418000
unkown
page write copy
2DC0000
heap
page read and write
7D1000
heap
page read and write
7FF5ED9D6000
unkown
page readonly
4E05000
heap
page read and write
4D54000
heap
page read and write
7FF5ED41C000
unkown
page readonly
8E6D000
heap
page read and write
7DA0000
unkown
page read and write
C811000
unkown
page read and write
FCFF000
unkown
page read and write
4E46000
heap
page read and write
7FF5ED8B4000
unkown
page readonly
1DAB1000
heap
page read and write
909D000
heap
page read and write
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
7FF5ED779000
unkown
page readonly
A81D000
heap
page read and write
48E0000
unclassified section
page read and write
19C000
stack
page read and write
4D10000
heap
page read and write
7DA0000
unkown
page read and write
345E000
stack
page read and write
8F80000
heap
page read and write
A880000
heap
page read and write
2CDE000
stack
page read and write
7DA0000
unkown
page read and write
4D86000
heap
page read and write
91B9000
stack
page read and write
E16C000
stack
page read and write
A9AB000
heap
page read and write
37A8000
unkown
page read and write
2EB0000
direct allocation
page read and write
13A0000
unkown
page read and write
8AD000
heap
page read and write
4E3D000
heap
page read and write
4E77000
heap
page read and write
C4A0000
unkown
page read and write
3160000
unkown
page read and write
923E000
stack
page read and write
7FF5ED476000
unkown
page readonly
75E000
heap
page read and write
13A0000
unkown
page read and write
4D94000
heap
page read and write
CB88000
stack
page read and write
83F000
heap
page read and write
2FB1000
heap
page read and write
3795000
unkown
page read and write
4D42000
heap
page read and write
3539000
stack
page read and write
1DA40000
trusted library allocation
page read and write
D0CE000
heap
page read and write
7DD0000
unkown
page read and write
78C000
heap
page read and write
4E34000
heap
page read and write
9C000
stack
page read and write
A981000
heap
page read and write
B5AE000
stack
page read and write
553000
remote allocation
page execute and read and write
8AC000
heap
page read and write
A83D000
heap
page read and write
9C000
stack
page read and write
A865000
heap
page read and write
37D2000
stack
page read and write
7FF5ED864000
unkown
page readonly
438000
unkown
page write copy
89F000
heap
page read and write
401000
unkown
page execute read
90F2000
heap
page read and write
886000
heap
page read and write
400000
unkown
page readonly
A884000
heap
page read and write
C512000
unkown
page read and write
2D6E000
stack
page read and write
13A0000
unkown
page read and write
33D0000
unkown
page read and write
9893000
unkown
page read and write
CF17000
heap
page read and write
1F0000
heap
page read and write
33D0000
unkown
page read and write
79FB000
unkown
page read and write
8B8000
heap
page read and write
19C000
stack
page read and write
B4F0000
unkown
page read and write
D0F4000
heap
page read and write
8F89000
heap
page read and write
90E000
stack
page read and write
9840000
direct allocation
page read and write
33D0000
unkown
page read and write
7FF5EDA14000
unkown
page readonly
2BBE000
stack
page read and write
9840000
direct allocation
page read and write
1902E000
stack
page read and write
D1A3000
heap
page read and write
8EA8000
heap
page read and write
90F2000
heap
page read and write
F560000
unkown
page read and write
90CA000
heap
page read and write
401000
unkown
page execute read
9C80000
unkown
page read and write
90F8000
heap
page read and write
2D08000
unkown
page readonly
25CB08D000
stack
page read and write
3920000
heap
page read and write
8720000
unkown
page readonly
8F85000
heap
page read and write
785F000
unkown
page read and write
9C80000
unkown
page read and write
4BA000
heap
page read and write
4D3B000
heap
page read and write
9560000
unkown
page read and write
8F3000
heap
page read and write
6C8000
heap
page read and write
7FF5ED735000
unkown
page readonly
7D90000
unkown
page read and write
400000
unkown
page readonly
9104000
heap
page read and write
33D0000
unkown
page read and write
8EB9000
heap
page read and write
A9A6000
heap
page read and write
9840000
direct allocation
page read and write
9840000
direct allocation
page read and write
8EBB000
heap
page read and write
9840000
direct allocation
page read and write
5193000
heap
page read and write
7D90000
unkown
page read and write
4E67000
heap
page read and write
7D90000
unkown
page read and write
3460000
unkown
page read and write
7FF5ED73D000
unkown
page readonly
418000
unkown
page write copy
B4F0000
unkown
page read and write
7FF5ED714000
unkown
page readonly
7D90000
unkown
page read and write
400000
unkown
page readonly
3460000
unkown
page read and write
9C80000
unkown
page read and write
11B0000
unkown
page read and write
AAD1000
unkown
page read and write
B4F0000
unkown
page read and write
D0C7000
heap
page read and write
2B6D000
stack
page read and write
7D90000
unkown
page read and write
D790000
trusted library allocation
page read and write
7FF5ED265000
unkown
page readonly
7DB0000
unkown
page read and write
8FE5000
heap
page read and write
4D61000
heap
page read and write
7CA0000
unkown
page read and write
1B48B000
heap
page read and write
11B0000
unkown
page read and write
13A0000
unkown
page read and write
2E30000
heap
page read and write
9885000
unkown
page read and write
B4F0000
unkown
page read and write
CB1C000
unkown
page read and write
33D0000
unkown
page read and write
33D0000
unkown
page read and write
B190000
unkown
page read and write
97C3000
unkown
page read and write
FDC0000
heap
page read and write
33D0000
unkown
page read and write
F7F4000
unkown
page read and write
9C80000
unkown
page read and write
4BC9000
unkown
page read and write
B4F0000
unkown
page read and write
7FF5ED507000
unkown
page readonly
19C000
stack
page read and write
B4F0000
unkown
page read and write
32A0000
unkown
page read and write
4D52000
heap
page read and write
63F000
remote allocation
page execute and read and write
48CF000
stack
page read and write
B8AB000
stack
page read and write
9C80000
unkown
page read and write
A9AB000
heap
page read and write
8EE8000
heap
page read and write
4D86000
heap
page read and write
1510000
unkown
page readonly
9840000
direct allocation
page read and write
AB0000
heap
page read and write
795000
heap
page read and write
7D90000
unkown
page read and write
1CEFD670000
heap
page read and write
2E30000
heap
page read and write
903000
heap
page read and write
F87B000
unkown
page read and write
4D3B000
heap
page read and write
8DF8000
heap
page read and write
4B10000
heap
page read and write
2EF0000
heap
page read and write
410000
unkown
page readonly
89C0000
unkown
page read and write
7DF4F3031000
unkown
page execute read
810000
heap
page read and write
1DDBF000
direct allocation
page readonly
13A0000
unkown
page read and write
32A0000
unkown
page read and write
52B000
remote allocation
page execute and read and write
13A0000
unkown
page read and write
1CEFD680000
heap
page read and write
5F0000
heap
page read and write
D0CE000
heap
page read and write
7FF5ED4E8000
unkown
page readonly
A98D000
heap
page read and write
8FBC000
heap
page read and write
9C000
stack
page read and write
7FF5ED5A8000
unkown
page readonly
B4F0000
unkown
page read and write
8C8F000
stack
page read and write
1CEFD4B2000
heap
page read and write
60B000
remote allocation
page execute and read and write
D07E000
heap
page read and write
13A0000
unkown
page read and write
3570000
direct allocation
page read and write
7D90000
unkown
page read and write
D1B2000
heap
page read and write
8EA3000
heap
page read and write
8E46000
heap
page read and write
33D0000
unkown
page read and write
9C80000
unkown
page read and write
401000
unkown
page execute read
8EF8000
unkown
page read and write
4E80000
heap
page read and write
FDC2000
heap
page read and write
A4AB000
unkown
page read and write
9048000
heap
page read and write
7DA0000
unkown
page read and write
A9A6000
heap
page read and write
FDCA000
heap
page read and write
4EDF000
heap
page read and write
7DA0000
unkown
page read and write
9929000
unkown
page read and write
2E2E000
stack
page read and write
D0C8000
heap
page read and write
97AD000
unkown
page read and write
D185000
heap
page read and write
A9B4000
heap
page read and write
7FF5ED915000
unkown
page readonly
2DBA000
heap
page read and write
90D1000
heap
page read and write
9CE0000
unkown
page read and write
76E000
stack
page read and write
13A0000
unkown
page read and write
7FF5ED847000
unkown
page readonly
19D000
stack
page read and write
C846000
unkown
page read and write
51C9000
heap
page read and write
E89F000
stack
page read and write
193000
stack
page read and write
2D06000
unkown
page read and write
7FF5ED4A1000
unkown
page readonly
A984000
heap
page read and write
33D0000
unkown
page read and write
B4F0000
unkown
page read and write
A364000
unkown
page read and write
1B480000
heap
page read and write
7FF5ED9C8000
unkown
page readonly
8DAD000
heap
page read and write
D06B000
heap
page read and write
4D94000
heap
page read and write
8C0000
heap
page read and write
4CD0000
heap
page read and write
3460000
unkown
page read and write
CF23000
heap
page read and write
7D90000
unkown
page read and write
1CEFD640000
heap
page read and write
13A0000
unkown
page read and write
BD98000
stack
page read and write
B4F0000
unkown
page read and write
D17E000
heap
page read and write
7DA0000
unkown
page read and write
33D0000
unkown
page read and write
1828D530000
heap
page read and write
D177000
heap
page read and write
33D0000
unkown
page read and write
7DF4F3050000
unkown
page readonly
7FF5ED52F000
unkown
page readonly
32A0000
unkown
page read and write
916000
heap
page read and write
9C80000
unkown
page read and write
7E7000
heap
page read and write
10D0000
heap
page read and write
7E70000
unkown
page read and write
97D4000
unkown
page read and write
8F68000
heap
page read and write
33D0000
unkown
page read and write
8E5000
heap
page read and write
1CEFD440000
heap
page read and write
A49E000
unkown
page read and write
400000
unkown
page readonly
8FB000
heap
page read and write
7FF5ED872000
unkown
page readonly
8F8B000
heap
page read and write
9C80000
unkown
page read and write
7DB0000
unkown
page read and write
7E9000
unkown
page readonly
8F3000
heap
page read and write
D005000
heap
page read and write
909000
heap
page read and write
9C80000
unkown
page read and write
8BC000
heap
page read and write
B4F0000
unkown
page read and write
8FB000
heap
page read and write
5D7000
heap
page read and write
1F0000
heap
page read and write
95DC000
stack
page read and write
9840000
direct allocation
page read and write
A81D000
heap
page read and write
A21E000
stack
page read and write
400000
unkown
page readonly
8A5000
heap
page read and write
49DC000
heap
page execute and read and write
9093000
heap
page read and write
9001000
heap
page read and write
965C000
stack
page read and write
7FF5ED3EA000
unkown
page readonly
4B90000
unkown
page read and write
695000
heap
page read and write
11B0000
unkown
page read and write
4D86000
heap
page read and write
193000
stack
page read and write
1828D562000
heap
page read and write
4D4E000
heap
page read and write
9840000
direct allocation
page read and write
8EF000
heap
page read and write
5254000
heap
page read and write
1CEFD3F0000
heap
page read and write
CDD3000
heap
page read and write
13A0000
unkown
page read and write
3160000
unkown
page read and write
90D0000
heap
page read and write
1E4CC000
stack
page read and write
51C9000
heap
page read and write
A7E4000
heap
page read and write
B4F0000
unkown
page read and write
978E000
unkown
page read and write
33D0000
unkown
page read and write
7FF5EDA38000
unkown
page readonly
193000
stack
page read and write
4D5A000
heap
page read and write
A44E000
stack
page read and write
327A000
stack
page read and write
400000
unkown
page readonly
9B000
stack
page read and write
30B0000
heap
page read and write
2D94000
heap
page read and write
A4AE000
unkown
page read and write
4E86000
heap
page read and write
4940000
heap
page read and write
F931000
unkown
page read and write
7FF5ED1CB000
unkown
page readonly
9B000
stack
page read and write
400000
unkown
page readonly
7D60000
unkown
page read and write
8F68000
heap
page read and write
9840000
direct allocation
page read and write
379E000
unkown
page read and write
904A000
heap
page read and write
982D000
unkown
page read and write
CF23000
heap
page read and write
4E86000
heap
page read and write
410000
unkown
page readonly
8B0000
heap
page read and write
4D58000
heap
page read and write
A981000
heap
page read and write
9F1E000
stack
page read and write
B4F0000
unkown
page read and write
77F000
heap
page read and write
7FF5ED55F000
unkown
page readonly
9840000
direct allocation
page read and write
33C0000
unkown
page read and write
3160000
unkown
page read and write
A98D000
heap
page read and write
7FF5ED7E0000
unkown
page readonly
514C000
heap
page read and write
33D0000
unkown
page read and write
3497000
stack
page read and write
8D51000
heap
page read and write
7695000
stack
page read and write
3570000
direct allocation
page read and write
9840000
direct allocation
page read and write
90F8000
heap
page read and write
D07E000
heap
page read and write
8F8D000
heap
page read and write
400000
unkown
page readonly
903000
heap
page read and write
410000
unkown
page readonly
410000
unkown
page readonly
8FA000
heap
page read and write
9C80000
unkown
page read and write
A878000
heap
page read and write
896B000
stack
page read and write
7FF5ED7CF000
unkown
page readonly
A828000
heap
page read and write
8B9000
heap
page read and write
26DF000
stack
page read and write
A4B8000
unkown
page read and write
9C000
stack
page read and write
7DA0000
unkown
page read and write
1F0000
heap
page read and write
7D90000
unkown
page read and write
572000
remote allocation
page execute and read and write
76F000
stack
page read and write
B4F0000
unkown
page read and write
2BAE000
stack
page read and write
7FF5ED1CF000
unkown
page readonly
9104000
heap
page read and write
331E000
stack
page read and write
3160000
unkown
page read and write
32A0000
unkown
page read and write
7DD0000
unkown
page read and write
2D08000
unkown
page readonly
2DBE000
heap
page read and write
9C80000
unkown
page read and write
A984000
heap
page read and write
A81B000
heap
page read and write
C52C000
unkown
page read and write
580000
heap
page read and write
9840000
direct allocation
page read and write
2C86000
unkown
page read and write
A1E000
stack
page read and write
9080000
heap
page read and write
904A000
heap
page read and write
AB7000
heap
page read and write
B4F0000
unkown
page read and write
4D42000
heap
page read and write
2DB0000
heap
page read and write
400000
unkown
page readonly
2E40000
unclassified section
page read and write
2C8C000
unkown
page readonly
31B0000
direct allocation
page read and write
810000
heap
page read and write
9840000
direct allocation
page read and write
30E8000
heap
page read and write
934000
heap
page read and write
2CAE000
stack
page read and write
7D60000
unkown
page read and write
1CEFD3D0000
heap
page read and write
31B0000
direct allocation
page read and write
33D0000
unkown
page read and write
2DFA000
heap
page read and write
8EBB000
heap
page read and write
3570000
direct allocation
page read and write
900D000
heap
page read and write
DDEA000
stack
page read and write
635000
heap
page read and write
9C80000
unkown
page read and write
32A0000
unkown
page read and write
7FF5ED8C1000
unkown
page readonly
597000
heap
page read and write
20146000
heap
page read and write
B4F0000
unkown
page read and write
C6E3000
unkown
page read and write
8B8000
heap
page read and write
A9B6000
heap
page read and write
7FF5ED65C000
unkown
page readonly
3460000
unkown
page read and write
33D0000
unkown
page read and write
8FB0000
heap
page read and write
A7E4000
heap
page read and write
7FF5ED692000
unkown
page readonly
A9B6000
heap
page read and write
4D67000
heap
page read and write
7FF5ED519000
unkown
page readonly
51A000
remote allocation
page execute and read and write
400000
unkown
page readonly
5CF000
heap
page read and write
31B0000
direct allocation
page read and write
13A0000
unkown
page read and write
30E3000
heap
page read and write
8EE3000
heap
page read and write
1DDFF000
direct allocation
page readonly
13A0000
unkown
page read and write
400000
unkown
page execute and read and write
7FF5ED697000
unkown
page readonly
4EDD000
heap
page read and write
A9BB000
heap
page read and write
812000
heap
page read and write
2A6E000
stack
page read and write
4D42000
heap
page read and write
64E000
stack
page read and write
7FF5ED986000
unkown
page readonly
1CEFD4B1000
heap
page read and write
49DF000
stack
page read and write
90D3000
heap
page read and write
7D90000
unkown
page read and write
A9AB000
heap
page read and write
F01E000
stack
page read and write
80AD000
stack
page read and write
6CAD0000
unkown
page read and write
9010000
heap
page read and write
BDD0000
unkown
page readonly
13A0000
unkown
page read and write
288F000
stack
page read and write
401000
unkown
page execute read
1E73C000
heap
page read and write
B4F0000
unkown
page read and write
2E8E000
stack
page read and write
410000
unkown
page readonly
470000
heap
page read and write
7D90000
unkown
page read and write
600000
heap
page read and write
8F8000
heap
page read and write
6C0000
heap
page read and write
D04B000
heap
page read and write
5260000
heap
page read and write
438000
unkown
page write copy
90A000
heap
page read and write
13A0000
unkown
page read and write
9C80000
unkown
page read and write
97A9000
unkown
page read and write
A7F6000
heap
page read and write
59A000
heap
page read and write
519C000
heap
page read and write
A37D000
unkown
page read and write
8E4000
heap
page read and write
1CA078F0000
heap
page read and write
4EDF000
heap
page read and write
7FF5EDA2A000
unkown
page readonly
1E202000
heap
page read and write
900F000
heap
page read and write
33D0000
unkown
page read and write
8EAA000
heap
page read and write
2D20000
remote allocation
page read and write
9C80000
unkown
page read and write
8DFA000
heap
page read and write
33D0000
unkown
page read and write
D06B000
heap
page read and write
8FA000
heap
page read and write
410000
unkown
page readonly
A50B000
unkown
page read and write
32A0000
unkown
page read and write
CE5E000
heap
page read and write
7D90000
unkown
page read and write
83E000
stack
page read and write
1F0000
heap
page read and write
4D5A000
heap
page read and write
2D70000
heap
page read and write
A8A5000
heap
page read and write
2D93000
heap
page read and write
D90E000
stack
page read and write
3570000
direct allocation
page read and write
8A7000
heap
page read and write
2FB0000
remote allocation
page read and write
13A0000
unkown
page read and write
193000
stack
page read and write
7FF5ED586000
unkown
page readonly
4D80000
heap
page read and write
19C000
stack
page read and write
28AF000
stack
page read and write
90D0000
heap
page read and write
7FF5ED3A7000
unkown
page readonly
90D3000
heap
page read and write
33D0000
unkown
page read and write
11B0000
unkown
page read and write
33D0000
unkown
page read and write
2FB0000
heap
page read and write
31B0000
direct allocation
page read and write
4EC0000
heap
page read and write
1DAB0000
heap
page read and write
A37B000
unkown
page read and write
C544000
unkown
page read and write
197000
stack
page read and write
B4F0000
unkown
page read and write
753000
heap
page read and write
435000
unkown
page execute read
B4F0000
unkown
page read and write
2F71000
heap
page read and write
CD5A000
stack
page read and write
2D08000
unkown
page readonly
C330000
heap
page read and write
7FF5ED97A000
unkown
page readonly
5EE000
stack
page read and write
2C8C000
unkown
page readonly
400000
unkown
page readonly
7DF460AF0000
trusted library allocation
page readonly
4E46000
heap
page read and write
3151000
unkown
page read and write
9840000
direct allocation
page read and write
9840000
direct allocation
page read and write
28EF000
stack
page read and write
2E5E000
stack
page read and write
B4F0000
unkown
page read and write
4AB0000
heap
page read and write
D06C000
heap
page read and write
90D3000
heap
page read and write
2A6E000
stack
page read and write
D6C3000
trusted library allocation
page read and write
5CF000
heap
page read and write
D112000
heap
page read and write
51B9000
heap
page read and write
401000
unkown
page execute read
400000
unkown
page readonly
770000
heap
page read and write
A81F000
heap
page read and write
529000
remote allocation
page execute and read and write
13A0000
unkown
page read and write
7F0000
heap
page read and write
410000
unkown
page readonly
522C000
heap
page read and write
8F80000
heap
page read and write
435000
unkown
page execute read
10B91000
unkown
page read and write
432000
unkown
page read and write
4D36000
heap
page read and write
7E50000
unkown
page readonly
1828D630000
heap
page read and write
4D80000
heap
page read and write
8E46000
heap
page read and write
1DA0B000
stack
page read and write
D114000
heap
page read and write
302F000
stack
page read and write
1E160000
trusted library allocation
page read and write
7FF5EDA53000
unkown
page readonly
4AA000
unkown
page read and write
8E46000
heap
page read and write
3250000
unkown
page read and write
7DF4F3040000
unkown
page readonly
913000
heap
page read and write
8F80000
heap
page read and write
9840000
direct allocation
page read and write
6C8CD000
unkown
page readonly
7D90000
unkown
page read and write
25FF000
stack
page read and write
8C0000
heap
page read and write
D172000
heap
page read and write
8FF000
heap
page read and write
A19F000
stack
page read and write
B4F0000
unkown
page read and write
560000
heap
page read and write
9560000
unkown
page read and write
8EC6000
unkown
page read and write
2DD0000
heap
page read and write
31B0000
direct allocation
page read and write
9560000
unkown
page read and write
89A000
heap
page read and write
401000
unkown
page execute read
D63A000
stack
page read and write
9C000
stack
page read and write
B4F0000
unkown
page read and write
4E3E000
heap
page read and write
605000
heap
page read and write
D182000
heap
page read and write
7FF5ED8E2000
unkown
page readonly
4EC6000
heap
page read and write
27AE000
stack
page read and write
977A000
unkown
page read and write
33D0000
unkown
page read and write
A981000
heap
page read and write
27EF000
stack
page read and write
D111000
heap
page read and write
98A8000
unkown
page read and write
33D0000
unkown
page read and write
310A000
heap
page read and write
E2EE000
stack
page read and write
CF1C000
heap
page read and write
8D88000
heap
page read and write
7E4000
heap
page read and write
7DD000
heap
page read and write
2FB1000
heap
page read and write
8BD000
heap
page read and write
784A000
unkown
page read and write
494F000
stack
page read and write
30B1000
heap
page read and write
2E5E000
stack
page read and write
8AB000
heap
page read and write
3290000
unkown
page read and write
A327000
unkown
page read and write
7FF5ED445000
unkown
page readonly
13A0000
unkown
page read and write
9C80000
unkown
page read and write
8F68000
heap
page read and write
F789000
unkown
page read and write
33D0000
unkown
page read and write
121FF000
stack
page read and write
764000
heap
page read and write
3160000
unkown
page read and write
2F30000
heap
page read and write
9840000
direct allocation
page read and write
13A5000
unkown
page read and write
435000
unkown
page execute read
8FB000
heap
page read and write
7FF5ED9D9000
unkown
page readonly
7D90000
unkown
page read and write
B4F0000
unkown
page read and write
92D000
heap
page read and write
9C000
stack
page read and write
9C80000
unkown
page read and write
3100000
heap
page read and write
818E000
stack
page read and write
11B0000
unkown
page read and write
32A0000
unkown
page read and write
7FF5ED3D0000
unkown
page readonly
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
83F000
heap
page read and write
1F0000
heap
page read and write
9560000
unkown
page read and write
7F50000
unkown
page read and write
3390000
trusted library allocation
page read and write
52FA000
trusted library section
page read and write
83D000
heap
page read and write
51C0000
heap
page read and write
6CAD5000
unkown
page readonly
3460000
unkown
page read and write
C557000
unkown
page read and write
A9B6000
heap
page read and write
9CE0000
unkown
page read and write
2CE0000
heap
page read and write
31B0000
direct allocation
page read and write
CFBC000
heap
page read and write
1B484000
heap
page read and write
19C000
stack
page read and write
7FF5ED4C2000
unkown
page readonly
7FF5ED3F3000
unkown
page readonly
40F000
unkown
page readonly
8F8000
heap
page read and write
1F0000
heap
page read and write
8108000
stack
page read and write
33C0000
unkown
page read and write
5B4000
heap
page read and write
8F8000
heap
page read and write
CF58000
heap
page read and write
90A000
heap
page read and write
401000
unkown
page execute read
8BC000
heap
page read and write
7865000
unkown
page read and write
4E46000
heap
page read and write
A981000
heap
page read and write
A9A6000
heap
page read and write
7FF5ED3DA000
unkown
page readonly
4C7A000
unkown
page read and write
9877000
unkown
page read and write
7D53000
unkown
page read and write
D0F4000
heap
page read and write
8A1000
heap
page read and write
95F000
stack
page read and write
7900000
unkown
page read and write
1E1FC000
heap
page read and write
3181000
unkown
page read and write
7FF5ED942000
unkown
page readonly
4CC0000
unkown
page read and write
79D3000
unkown
page read and write
9D8000
heap
page read and write
A841000
heap
page read and write
CE5E000
heap
page read and write
7FF5ED6A5000
unkown
page readonly
2FB0000
remote allocation
page read and write
D069000
heap
page read and write
90FE000
heap
page read and write
33D0000
unkown
page read and write
BD1D000
stack
page read and write
2FB0000
remote allocation
page read and write
50F9000
heap
page read and write
7FFE000
stack
page read and write
3160000
unkown
page read and write
A98D000
heap
page read and write
904A000
heap
page read and write
435000
unkown
page execute read
2E20000
direct allocation
page execute and read and write
8F83000
heap
page read and write
CA20000
unkown
page read and write
B640000
unkown
page read and write
C50A000
unkown
page read and write
CF7C000
heap
page read and write
2D80000
heap
page read and write
51B9000
heap
page read and write
42D000
unkown
page read and write
2EF0000
direct allocation
page read and write
5557000
stack
page read and write
A7E4000
heap
page read and write
9AAA000
stack
page read and write
2D5E000
stack
page read and write
B4F0000
unkown
page read and write
F77B000
unkown
page read and write
A65E000
stack
page read and write
2F00000
heap
page read and write
9840000
direct allocation
page read and write
4BC1000
heap
page read and write
2A2F000
stack
page read and write
765000
heap
page read and write
9A61000
stack
page read and write
9C80000
unkown
page read and write
4E46000
heap
page read and write
2D40000
heap
page read and write
8F74000
heap
page read and write
A820000
heap
page read and write
13A0000
unkown
page read and write
8EE8000
heap
page read and write
33D0000
unkown
page read and write
2E1E000
stack
page read and write
8C0000
heap
page read and write
597000
heap
page read and write
7CC0000
unkown
page readonly
9840000
direct allocation
page read and write
2D20000
heap
page read and write
894000
heap
page read and write
C92D000
unkown
page read and write
A11F000
stack
page read and write
4B11000
heap
page read and write
8F9B000
heap
page read and write
9C80000
unkown
page read and write
400000
unkown
page readonly
13A0000
unkown
page read and write
8F80000
heap
page read and write
19B3E985000
heap
page read and write
30EE000
heap
page read and write
EA1D000
stack
page read and write
9CE0000
unkown
page read and write
8F74000
heap
page read and write
43C000
remote allocation
page execute and read and write
11B0000
unkown
page read and write
9560000
unkown
page read and write
8EB8000
heap
page read and write
33D0000
unkown
page read and write
2CAF000
stack
page read and write
4E86000
heap
page read and write
9840000
direct allocation
page read and write
1275000
stack
page read and write
4E77000
heap
page read and write
AAF9000
unkown
page read and write
8AE000
stack
page read and write
786B000
unkown
page read and write
29FF000
stack
page read and write
2E1E000
stack
page read and write
C6D8000
unkown
page read and write
4D54000
heap
page read and write
8E8000
heap
page read and write
685000
heap
page read and write
7FF5ED471000
unkown
page readonly
3250000
unkown
page read and write
B4F0000
unkown
page read and write
8ED3000
heap
page read and write
B4F0000
unkown
page read and write
401000
unkown
page execute read
A997000
heap
page read and write
242F000
stack
page read and write
E26D000
stack
page read and write
1388000
heap
page read and write
900D000
heap
page read and write
7DF460B01000
trusted library allocation
page execute read
E99D000
stack
page read and write
51BE000
heap
page read and write
1CEFD47A000
heap
page read and write
FCA0000
unkown
page read and write
410000
unkown
page readonly
7DA0000
unkown
page read and write
B4F0000
unkown
page read and write
F190000
heap
page read and write
D6C0000
trusted library allocation
page read and write
35D0000
unkown
page read and write
7FF5D1CD4000
unkown
page readonly
2CEE000
stack
page read and write
7FF5ED39B000
unkown
page readonly
418000
unkown
page write copy
32A0000
unkown
page read and write
1505000
heap
page read and write
8EE2000
heap
page read and write
4E86000
heap
page read and write
4BA6000
unkown
page read and write
C54A000
unkown
page read and write
902000
heap
page read and write
90F8000
heap
page read and write
1440000
unkown
page read and write
A9BC000
heap
page read and write
8D8F000
heap
page read and write
11B0000
unkown
page read and write
89F000
heap
page read and write
D0CD000
heap
page read and write
2D08000
unkown
page readonly
4EDF000
heap
page read and write
1CEFD4B2000
heap
page read and write
90EA000
heap
page read and write
7DA0000
unkown
page read and write
8C00000
remote allocation
page read and write
7FF5ED94A000
unkown
page readonly
3570000
direct allocation
page read and write
52C3000
heap
page read and write
9840000
direct allocation
page read and write
3309000
stack
page read and write
4EFC000
heap
page read and write
8F0000
heap
page read and write
5340000
trusted library allocation
page read and write
8F6D000
heap
page read and write
7FF5ED821000
unkown
page readonly
7FF5ED849000
unkown
page readonly
C6F8000
unkown
page read and write
892000
heap
page read and write
7D90000
unkown
page read and write
33D0000
unkown
page read and write
400000
unkown
page execute and read and write
4E46000
heap
page read and write
30AC000
stack
page read and write
785B000
unkown
page read and write
B4F0000
unkown
page read and write
51A000
remote allocation
page execute and read and write
A8D5000
heap
page read and write
2F37000
heap
page read and write
A83D000
heap
page read and write
7D90000
unkown
page read and write
9B000
stack
page read and write
97B5000
unkown
page read and write
7D90000
unkown
page read and write
3570000
direct allocation
page read and write
916000
heap
page read and write
7FF5ED956000
unkown
page readonly
4CF0000
heap
page read and write
30DA000
heap
page read and write
9840000
direct allocation
page read and write
400000
unkown
page readonly
9D8000
heap
page read and write
450000
heap
page read and write
A14B000
stack
page read and write
2EB0000
heap
page read and write
13A0000
unkown
page read and write
8F83000
heap
page read and write
36F0000
unkown
page readonly
7FF5ED8A4000
unkown
page readonly
A81F000
heap
page read and write
51C9000
heap
page read and write
2EE0000
direct allocation
page execute and read and write
2E30000
direct allocation
page read and write
7A8000
heap
page read and write
526F000
heap
page read and write
4D61000
heap
page read and write
AF8D000
stack
page read and write
33D0000
unkown
page read and write
32A0000
unkown
page read and write
2D90000
heap
page read and write
13A0000
unkown
page read and write
A7FF000
heap
page read and write
9CE0000
unkown
page read and write
33D0000
unkown
page read and write
4E86000
heap
page read and write
E46D000
stack
page read and write
3570000
direct allocation
page read and write
31B0000
direct allocation
page read and write
2CA0000
heap
page read and write
7DF4F3030000
unkown
page readonly
8208000
stack
page read and write
33D0000
unkown
page read and write
2D14000
heap
page read and write
418000
unkown
page write copy
7FF5ED404000
unkown
page readonly
A83D000
heap
page read and write
2D08000
unkown
page readonly
BBD000
heap
page execute and read and write
3160000
unkown
page read and write
9C80000
unkown
page read and write
8FB000
heap
page read and write
D0F4000
heap
page read and write
CE51000
heap
page read and write
9C80000
unkown
page read and write
33D0000
unkown
page read and write
3570000
direct allocation
page read and write
2E4B000
heap
page execute and read and write
9A0000
direct allocation
page read and write
4E34000
heap
page read and write
911000
heap
page read and write
434000
remote allocation
page execute and read and write
33D0000
unkown
page read and write
229F000
stack
page read and write
7FF5EDA70000
unkown
page readonly
AAF2000
unkown
page read and write
B4F0000
unkown
page read and write
4D12000
heap
page read and write
52B000
remote allocation
page execute and read and write
30CF000
stack
page read and write
4D2D000
heap
page read and write
787C000
unkown
page read and write
7FF5ED7FD000
unkown
page readonly
52B000
remote allocation
page execute and read and write
11B0000
unkown
page read and write
A9B4000
heap
page read and write
B4F0000
unkown
page read and write
8EF000
heap
page read and write
769000
heap
page read and write
9C80000
unkown
page read and write
33D0000
unkown
page read and write
A7FB000
heap
page read and write
AA8000
heap
page read and write
8F89000
heap
page read and write
11B0000
unkown
page read and write
A844000
heap
page read and write
7FF5ED670000
unkown
page readonly
6C8F1000
unkown
page execute read
909000
heap
page read and write
7FF5ED409000
unkown
page readonly
3160000
unkown
page read and write
197000
stack
page read and write
9C80000
unkown
page read and write
40F000
unkown
page readonly
10B91000
unkown
page read and write
33C0000
unkown
page read and write
5243000
heap
page read and write
8D36000
heap
page read and write
2FB0000
remote allocation
page read and write
7D40000
unkown
page read and write
C5A3000
unkown
page read and write
A479000
unkown
page read and write
32A0000
unkown
page read and write
897000
heap
page read and write
438000
remote allocation
page execute and read and write
6C8000
heap
page read and write
550000
heap
page read and write
13A0000
unkown
page read and write
C350000
unkown
page read and write
838000
heap
page read and write
19C000
stack
page read and write
33D0000
unkown
page read and write
13A0000
unkown
page read and write
9560000
unkown
page read and write
1CEFD4A1000
heap
page read and write
31B0000
direct allocation
page read and write
905C000
heap
page read and write
8BD000
heap
page read and write
4B50000
heap
page read and write
2BAE000
stack
page read and write
4D86000
heap
page read and write
26EF000
stack
page read and write
753000
heap
page read and write
47DE000
stack
page read and write
400000
unkown
page readonly
31B0000
direct allocation
page read and write
8FB0000
heap
page read and write
A984000
heap
page read and write
7FF5ED48A000
unkown
page readonly
7FF5ED4C6000
unkown
page readonly
A80A000
heap
page read and write
93F000
stack
page read and write
8EE4000
heap
page read and write
4A0000
heap
page read and write
7FF5ED4B4000
unkown
page readonly
31B0000
direct allocation
page read and write
4B56000
unkown
page read and write
13A0000
unkown
page read and write
197000
stack
page read and write
57E000
stack
page read and write
9B000
stack
page read and write
11B0000
unkown
page read and write
410000
unkown
page readonly
410000
unkown
page readonly
418000
unkown
page write copy
D7A0000
trusted library allocation
page read and write
7D90000
unkown
page read and write
D0B1000
heap
page read and write
97E000
stack
page read and write
8E1A000
heap
page read and write
2DFE000
heap
page read and write
7FF5ED8AC000
unkown
page readonly
4B61000
heap
page read and write
5193000
heap
page read and write
1DDFD000
direct allocation
page readonly
A844000
heap
page read and write
81CE000
stack
page read and write
8B8000
heap
page read and write
8FB0000
heap
page read and write
8ECD000
heap
page read and write
3570000
direct allocation
page read and write
B4F0000
unkown
page read and write
2FB0000
heap
page read and write
418000
unkown
page write copy
1CA078F8000
heap
page read and write
CE96000
heap
page read and write
7AB000
heap
page read and write
4D61000
heap
page read and write
A494000
unkown
page read and write
B170000
unkown
page readonly
A9A2000
heap
page read and write
335C000
stack
page read and write
11B0000
unkown
page read and write
A5E000
stack
page read and write
A9B6000
heap
page read and write
7D1000
heap
page read and write
4C60000
unkown
page read and write
B4F0000
unkown
page read and write
2A6D000
stack
page read and write
8DD15AF000
stack
page read and write
A984000
heap
page read and write
B22B000
stack
page read and write
4F85000
stack
page read and write
8F85000
heap
page read and write
19B3E610000
heap
page read and write
7FF5ED755000
unkown
page readonly
B4F0000
unkown
page read and write
3659000
stack
page read and write
D069000
heap
page read and write
289F000
stack
page read and write
A7EA000
heap
page read and write
8EC9000
heap
page read and write
7FF5ED1E2000
unkown
page readonly
A981000
heap
page read and write
CF76000
heap
page read and write
7FF5ED81B000
unkown
page readonly
31B0000
direct allocation
page read and write
5262000
heap
page read and write
33D0000
unkown
page read and write
7D90000
unkown
page read and write
8D4A000
heap
page read and write
7FF5EDA0D000
unkown
page readonly
7DF4F3071000
unkown
page execute read
1DDF2000
direct allocation
page read and write
838000
heap
page read and write
A4E000
stack
page read and write
5C1000
heap
page read and write
2C8C000
unkown
page readonly
7FAA000
stack
page read and write
C350000
unkown
page read and write
4AB000
unkown
page write copy
18A0000
unkown
page readonly
2020B000
heap
page read and write
C857000
unkown
page read and write
9C80000
unkown
page read and write
4C34000
unkown
page read and write
2D06000
unkown
page read and write
7DB0000
unkown
page read and write
90F2000
heap
page read and write
8ED7000
heap
page read and write
B4F0000
unkown
page read and write
A820000
heap
page read and write
3160000
unkown
page read and write
438000
unkown
page write copy
52E000
remote allocation
page execute and read and write
8EA5000
heap
page read and write
8B7000
heap
page read and write
7B8000
heap
page read and write
8BEB000
stack
page read and write
11B0000
unkown
page read and write
4D07000
stack
page read and write
B4F0000
unkown
page read and write
8FBC000
heap
page read and write
A984000
heap
page read and write
198000
stack
page read and write
51B2000
heap
page read and write
5EF000
stack
page read and write
7FF5ED1DC000
unkown
page readonly
7D90000
unkown
page read and write
7857000
unkown
page read and write
906B000
heap
page read and write
9C80000
unkown
page read and write
7E9000
unkown
page readonly
4D67000
heap
page read and write
7E70000
unkown
page read and write
37A0000
unkown
page read and write
7D90000
unkown
page read and write
2A6E000
stack
page read and write
33D0000
unkown
page read and write
8FE5000
heap
page read and write
B00000
heap
page read and write
7FF5ED8E7000
unkown
page readonly
9840000
direct allocation
page read and write
4CF000
heap
page read and write
A841000
heap
page read and write
2E30000
heap
page read and write
7FF5ED503000
unkown
page readonly
8E46000
heap
page read and write
87BE000
stack
page read and write
AEF000
stack
page read and write
B4F0000
unkown
page read and write
4D80000
heap
page read and write
6C8F0000
unkown
page readonly
2020D000
heap
page read and write
1CEFD3C0000
heap
page read and write
A981000
heap
page read and write
7FF5ED2A9000
unkown
page readonly
7FF5ED418000
unkown
page readonly
D0CC000
heap
page read and write
D0B1000
heap
page read and write
8D40000
heap
page read and write
7FF5ED750000
unkown
page readonly
256F000
stack
page read and write
9DF000
stack
page read and write
1DBB1000
direct allocation
page execute read
319F000
stack
page read and write
7EB000
heap
page read and write
13A0000
unkown
page read and write
4C4B000
unkown
page read and write
A816000
heap
page read and write
51B9000
heap
page read and write
DEED000
stack
page read and write
8F68000
heap
page read and write
7950000
unkown
page read and write
905C000
heap
page read and write
4AA000
unkown
page read and write
887000
heap
page read and write
9560000
unkown
page read and write
4CC0000
heap
page read and write
9B60000
unkown
page readonly
4A7000
heap
page read and write
3160000
unkown
page read and write
8D46000
heap
page read and write
418000
unkown
page write copy
9C80000
unkown
page read and write
7FF5ED3D6000
unkown
page readonly
78A000
heap
page read and write
7FF5ED933000
unkown
page readonly
7FF5ED9C6000
unkown
page readonly
24A0000
heap
page read and write
8ED3000
heap
page read and write
3570000
direct allocation
page read and write
2D08000
unkown
page readonly
8FF000
heap
page read and write
89D000
heap
page read and write
7FF5ED93E000
unkown
page readonly
9124000
heap
page read and write
A9B6000
heap
page read and write
1828D4C0000
heap
page read and write
9C80000
unkown
page read and write
B4F0000
unkown
page read and write
4B50000
unkown
page read and write
7FF5ED7D6000
unkown
page readonly
19B3E980000
heap
page read and write
A01C000
stack
page read and write
3250000
unkown
page read and write
8E1A000
heap
page read and write
9869000
unkown
page read and write
8EA1000
heap
page read and write
9A10000
unkown
page read and write
687000
heap
page read and write
A984000
heap
page read and write
198000
stack
page read and write
2DDA000
heap
page read and write
1F0000
heap
page read and write
13A0000
unkown
page read and write
7A1000
heap
page read and write
7DA0000
unkown
page read and write
13A0000
unkown
page read and write
410000
unkown
page readonly
4E6E000
heap
page read and write
7FF5ED77E000
unkown
page readonly
1B4F1000
heap
page read and write
6C0000
heap
page read and write
8000000
unkown
page read and write
9840000
direct allocation
page read and write
CA7C000
unkown
page read and write
2D08000
unkown
page readonly
2D10000
heap
page read and write
8DE000
stack
page read and write
3040000
heap
page read and write
30EB000
heap
page read and write
4E80000
heap
page read and write
19C000
stack
page read and write
410000
unkown
page readonly
2D70000
heap
page read and write
4D46000
heap
page read and write
4EDA000
heap
page read and write
2EDA000
heap
page read and write
9048000
heap
page read and write
CDA0000
heap
page readonly
F931000
unkown
page read and write
2610000
heap
page read and write
9C80000
unkown
page read and write
12B0000
heap
page read and write
2A10000
heap
page read and write
525E000
heap
page read and write
82D3000
stack
page read and write
4AA000
unkown
page read and write
400000
unkown
page readonly
9054000
heap
page read and write
4EDF000
heap
page read and write
438000
unkown
page write copy
8FD000
heap
page read and write
9840000
direct allocation
page read and write
20006000
heap
page read and write
A997000
heap
page read and write
7FF5ED5F7000
unkown
page readonly
3560000
heap
page read and write
4D46000
heap
page read and write
9C80000
unkown
page read and write
7D6000
heap
page read and write
3250000
unkown
page read and write
B150000
unkown
page read and write
4EDF000
heap
page read and write
1828D562000
heap
page read and write
2480000
heap
page read and write
748000
heap
page read and write
A997000
heap
page read and write
1828D562000
heap
page read and write
9C80000
unkown
page read and write
4AA000
unkown
page read and write
435000
unkown
page execute read
3160000
unkown
page read and write
418000
unkown
page write copy
8EEB000
heap
page read and write
33D0000
unkown
page read and write
A9A6000
heap
page read and write
A33E000
unkown
page read and write
8DA0000
unkown
page read and write
923000
heap
page read and write
D0F4000
heap
page read and write
7FF5ED8C6000
unkown
page readonly
3160000
unkown
page read and write
7FF5ED5C5000
unkown
page readonly
3160000
unkown
page read and write
9C80000
unkown
page read and write
9119000
heap
page read and write
7FF5ED990000
unkown
page readonly
C6F2000
unkown
page read and write
48E0000
unclassified section
page read and write
7863000
unkown
page read and write
31B0000
direct allocation
page read and write
8F8B000
heap
page read and write
13A0000
unkown
page read and write
418000
unkown
page write copy
3220000
unkown
page readonly
79B1000
unkown
page read and write
418000
unkown
page write copy
1F0000
heap
page read and write
32A0000
unkown
page read and write
7D90000
unkown
page read and write
51B5000
heap
page read and write
8F6D000
heap
page read and write
9560000
unkown
page read and write
4E34000
heap
page read and write
447000
unkown
page read and write
496F000
stack
page read and write
D6BE000
stack
page read and write
CFC1000
heap
page read and write
4EDA000
heap
page read and write
BCD000
heap
page read and write
9C80000
unkown
page read and write
4D4E000
heap
page read and write
8A1000
heap
page read and write
33D0000
unkown
page read and write
2C89000
unkown
page read and write
BC2A000
stack
page read and write
7FF5ED495000
unkown
page readonly
33B9000
stack
page read and write
1B4F9000
heap
page read and write
7FF5ED86B000
unkown
page readonly
697000
heap
page read and write
4E67000
heap
page read and write
1828D53A000
heap
page read and write
92F000
heap
page read and write
7DC0000
unkown
page read and write
3160000
unkown
page read and write
410000
unkown
page readonly
19C000
stack
page read and write
7F50000
unkown
page read and write
A9A6000
heap
page read and write
33D0000
unkown
page read and write
7859000
unkown
page read and write
A379000
unkown
page read and write
CFBC000
heap
page read and write
1F0000
heap
page read and write
13A0000
unkown
page read and write
EB9D000
stack
page read and write
31B0000
direct allocation
page read and write
7FF5ED64F000
unkown
page readonly
7D90000
unkown
page read and write
A3BE000
unkown
page read and write
3160000
unkown
page read and write
1248000
heap
page read and write
B4F0000
unkown
page read and write
7FF5ED50A000
unkown
page readonly
B8F000
stack
page read and write
4F08000
heap
page read and write
8F85000
heap
page read and write
A816000
heap
page read and write
D77B000
stack
page read and write
B4F0000
unkown
page read and write
3160000
unkown
page read and write
1DAA0000
heap
page read and write
7EF000
heap
page read and write
33D0000
unkown
page read and write
418000
unkown
page write copy
7FF5ED9CC000
unkown
page readonly
13A0000
unkown
page read and write
418000
unkown
page write copy
13A0000
unkown
page read and write
1FFFF000
heap
page read and write
B650000
unkown
page read and write
76A000
heap
page read and write
A89B000
heap
page read and write
32A0000
unkown
page read and write
4D52000
heap
page read and write
B00C000
stack
page read and write
4D46000
heap
page read and write
8FE5000
heap
page read and write
2D08000
unkown
page readonly
33D0000
unkown
page read and write
5CF000
heap
page read and write
A984000
heap
page read and write
7DA0000
unkown
page read and write
1210000
unkown
page readonly
9ADB000
stack
page read and write
11B0000
unkown
page read and write
8ED7000
heap
page read and write
51C9000
heap
page read and write
B4F0000
unkown
page read and write
342F000
stack
page read and write
7D20000
unkown
page readonly
33D0000
unkown
page read and write
48DF000
stack
page read and write
13A0000
unkown
page read and write
7D90000
unkown
page read and write
4B78000
unkown
page read and write
8FA000
heap
page read and write
CFAF000
heap
page read and write
32A0000
unkown
page read and write
9840000
direct allocation
page read and write
3590000
unkown
page read and write
18FF0000
remote allocation
page read and write
9C80000
unkown
page read and write
D0C7000
heap
page read and write
13A0000
unkown
page read and write
7D90000
unkown
page read and write
CCD0000
trusted library allocation
page read and write
8710000
unkown
page readonly
829000
heap
page read and write
8F93000
heap
page read and write
37F2000
unkown
page read and write
979C000
unkown
page read and write
9687000
unkown
page read and write
7DF460B11000
trusted library allocation
page execute read
7FF5ED9B8000
unkown
page readonly
3160000
unkown
page read and write
1CEFD470000
heap
page read and write
78AD000
unkown
page read and write
32A0000
unkown
page read and write
C89A000
unkown
page read and write
C563000
unkown
page read and write
7FF5ED867000
unkown
page readonly
5114000
heap
page read and write
EC1C000
stack
page read and write
BD2E000
stack
page read and write
A892000
heap
page read and write
9C80000
unkown
page read and write
A8A5000
heap
page read and write
2A7E000
stack
page read and write
C964000
unkown
page read and write
2DED000
stack
page read and write
4E32000
heap
page read and write
E8EE000
stack
page read and write
37B0000
unkown
page read and write
269F000
stack
page read and write
7DB0000
unkown
page read and write
2FB0000
remote allocation
page read and write
31B0000
direct allocation
page read and write
835E000
stack
page read and write
A891000
heap
page read and write
4E80000
heap
page read and write
706000
heap
page read and write
3160000
unkown
page read and write
95E000
stack
page read and write
F5E0000
unkown
page read and write
7FF5ED6B9000
unkown
page readonly
4D94000
heap
page read and write
4EDF000
heap
page read and write
9C80000
unkown
page read and write
7FF5ED62F000
unkown
page readonly
8F3F000
heap
page read and write
19C000
stack
page read and write
906B000
heap
page read and write
4D56000
heap
page read and write
33D0000
unkown
page read and write
8F80000
heap
page read and write
4E80000
heap
page read and write
7FF5ED975000
unkown
page readonly
7FF5ED743000
unkown
page readonly
29FF000
stack
page read and write
A80A000
heap
page read and write
A9B6000
heap
page read and write
8A6E000
stack
page read and write
31B0000
direct allocation
page read and write
9C80000
unkown
page read and write
9E0000
heap
page read and write
B4F0000
unkown
page read and write
1CEFD680000
heap
page read and write
13A0000
unkown
page read and write
A984000
heap
page read and write
410000
unkown
page readonly
8A6000
heap
page read and write
9881000
unkown
page read and write
7DA0000
unkown
page read and write
580000
heap
page read and write
410000
unkown
page readonly
8CA000
heap
page read and write
7E9000
unkown
page readonly
91B000
heap
page read and write
9118000
heap
page read and write
EC9D000
stack
page read and write
986B000
unkown
page read and write
11B0000
unkown
page read and write
7FF5EDA0B000
unkown
page readonly
35A0000
trusted library allocation
page read and write
DFED000
stack
page read and write
CE96000
heap
page read and write
8A7000
heap
page read and write
8E7000
heap
page read and write
7D90000
unkown
page read and write
9CE0000
unkown
page read and write
7DB0000
unkown
page read and write
7FF5ED295000
unkown
page readonly
8CAA000
stack
page read and write
923000
heap
page read and write
51C9000
heap
page read and write
32A0000
unkown
page read and write
3160000
unkown
page read and write
A898000
heap
page read and write
7FF5ED850000
unkown
page readonly
5AE000
stack
page read and write
9BE000
stack
page read and write
D059000
heap
page read and write
9840000
direct allocation
page read and write
3800000
unkown
page readonly
13A0000
unkown
page read and write
EE9A000
stack
page read and write
401000
unkown
page execute read
8F47000
heap
page read and write
7E9000
unkown
page readonly
8FA000
heap
page read and write
33D0000
unkown
page read and write
7D90000
unkown
page read and write
8EC4000
heap
page read and write
9870000
trusted library allocation
page read and write
3570000
direct allocation
page read and write
8FBC000
heap
page read and write
7D90000
unkown
page read and write
8DAD000
heap
page read and write
13A0000
unkown
page read and write
400000
unkown
page readonly
1B5CC000
stack
page read and write
C41F000
stack
page read and write
2080000
heap
page read and write
7D90000
unkown
page read and write
2F5F000
stack
page read and write
4C40000
heap
page read and write
3160000
unkown
page read and write
8F6D000
heap
page read and write
4CB0000
unkown
page read and write
13A0000
unkown
page read and write
50A0000
trusted library allocation
page read and write
8E95000
heap
page read and write
400000
unkown
page readonly
E81D000
stack
page read and write
AE0000
heap
page read and write
2EC0000
direct allocation
page read and write
2F5F000
stack
page read and write
2DBE000
stack
page read and write
5289000
heap
page read and write
D063000
heap
page read and write
AAF6000
unkown
page read and write
922000
heap
page read and write
7FF5ED85F000
unkown
page readonly
8FB000
heap
page read and write
50D0000
heap
page read and write
7DA0000
unkown
page read and write
3240000
unkown
page read and write
1DBB0000
direct allocation
page execute and read and write
4CD0000
unkown
page read and write
A997000
heap
page read and write
51BA000
heap
page read and write
9840000
direct allocation
page read and write
3074C000
stack
page read and write
7DF4F3061000
unkown
page execute read
2D08000
unkown
page readonly
890000
heap
page read and write
8E46000
heap
page read and write
9B29000
stack
page read and write
9C80000
unkown
page read and write
580000
heap
page read and write
C893000
unkown
page read and write
2FB0000
remote allocation
page read and write
7FF5ED961000
unkown
page readonly
9879000
unkown
page read and write
943B000
stack
page read and write
D0CE000
heap
page read and write
7DA0000
unkown
page read and write
89E0000
unkown
page read and write
D0CE000
heap
page read and write
416000
unkown
page write copy
8D7000
heap
page read and write
9840000
direct allocation
page read and write
B4F0000
unkown
page read and write
E61D000
stack
page read and write
72E000
stack
page read and write
7D90000
unkown
page read and write
1F0000
heap
page read and write
4D56000
heap
page read and write
4E77000
heap
page read and write
1DDFA000
direct allocation
page readonly
7DA0000
unkown
page read and write
7FF5ED42B000
unkown
page readonly
9840000
direct allocation
page read and write
3160000
unkown
page read and write
B4F0000
unkown
page read and write
32A0000
unkown
page read and write
4EC6000
heap
page read and write
4D36000
heap
page read and write
7FF5ED9ED000
unkown
page readonly
1828D490000
heap
page read and write
9D6000
heap
page read and write
C507000
unkown
page read and write
A9E000
stack
page read and write
4E80000
heap
page read and write
7FF5ED9D2000
unkown
page readonly
CE4D000
heap
page read and write
8DD152E000
stack
page read and write
8F74000
heap
page read and write
8AA000
heap
page read and write
A997000
heap
page read and write
8E21000
heap
page read and write
495F000
stack
page read and write
A81F000
heap
page read and write
7D90000
unkown
page read and write
D099000
heap
page read and write
7D90000
unkown
page read and write
7DB0000
unkown
page read and write
4E42000
heap
page read and write
7FF5ED4DF000
unkown
page readonly
7D90000
unkown
page read and write
30B9000
heap
page read and write
1F0000
heap
page read and write
7FF5ED46A000
unkown
page readonly
3570000
direct allocation
page read and write
8BA000
heap
page read and write
4F0C000
heap
page read and write
F5E0000
unkown
page read and write
8A7000
heap
page read and write
11B0000
unkown
page read and write
30BF000
stack
page read and write
C4D0000
unkown
page read and write
32A0000
unkown
page read and write
8EC9000
heap
page read and write
A816000
heap
page read and write
3160000
unkown
page read and write
50D6000
heap
page read and write
B4F0000
unkown
page read and write
8FA000
heap
page read and write
904A000
heap
page read and write
197000
stack
page read and write
8ED3000
heap
page read and write
4AB000
unkown
page write copy
A81D000
heap
page read and write
9840000
direct allocation
page read and write
8E5000
heap
page read and write
9840000
direct allocation
page read and write
3160000
unkown
page read and write
1CEFD4A1000
heap
page read and write
28FE000
stack
page read and write
C88B000
unkown
page read and write
291E000
stack
page read and write
33D0000
unkown
page read and write
7DA0000
unkown
page read and write
1350000
unkown
page readonly
400000
unkown
page readonly
29FF000
stack
page read and write
7FF5ED342000
unkown
page readonly
1DD16000
direct allocation
page execute read
9DED000
stack
page read and write
A8A3000
heap
page read and write
7FF5ED844000
unkown
page readonly
7FF5ED46E000
unkown
page readonly
A9AB000
heap
page read and write
11B0000
unkown
page read and write
8FB0000
heap
page read and write
FD4F000
stack
page read and write
308A000
stack
page read and write
5020000
trusted library allocation
page read and write
B4F0000
unkown
page read and write
A9B6000
heap
page read and write
3250000
unkown
page read and write
C6BF000
unkown
page read and write
8F78000
heap
page read and write
1E22A000
heap
page read and write
401000
unkown
page execute read
8EC000
heap
page read and write
840000
heap
page read and write
13A0000
unkown
page read and write
829000
heap
page read and write
410000
unkown
page readonly
7F40000
unkown
page readonly
8B60000
unkown
page readonly
4E80000
heap
page read and write
2FB0000
remote allocation
page read and write
E56C000
stack
page read and write
8BE9000
stack
page read and write
2F30000
heap
page read and write
909000
heap
page read and write
A997000
heap
page read and write
76B000
heap
page read and write
B4F0000
unkown
page read and write
916000
heap
page read and write
C10A000
stack
page read and write
A375000
unkown
page read and write
4E77000
heap
page read and write
C516000
unkown
page read and write
7DD0000
unkown
page read and write
9CE0000
unkown
page read and write
CD90000
trusted library allocation
page read and write
7FF5ED800000
unkown
page readonly
2EB7000
heap
page read and write
906B000
heap
page read and write
98F000
stack
page read and write
8F87000
heap
page read and write
8ED3000
heap
page read and write
B4F0000
unkown
page read and write
B8C0000
unkown
page readonly
4D3A000
heap
page read and write
260F000
stack
page read and write
8D32000
heap
page read and write
AF0B000
stack
page read and write
B4F0000
unkown
page read and write
9C000
stack
page read and write
7D90000
unkown
page read and write
B4F0000
unkown
page read and write
529000
remote allocation
page execute and read and write
52B000
remote allocation
page execute and read and write
8BD000
heap
page read and write
4E80000
heap
page read and write
8F8B000
heap
page read and write
40B000
unkown
page execute read
76C000
heap
page read and write
916000
heap
page read and write
B4F0000
unkown
page read and write
5F0000
heap
page read and write
C89C000
unkown
page read and write
CDDB000
heap
page read and write
33D0000
unkown
page read and write
2DAE000
stack
page read and write
11B0000
unkown
page read and write
8D8F000
heap
page read and write
13A0000
unkown
page read and write
4E05000
heap
page read and write
8B2000
heap
page read and write
143B000
stack
page read and write
13A0000
unkown
page read and write
D6C0000
trusted library allocation
page read and write
8AC000
heap
page read and write
37AE000
unkown
page read and write
8ECF000
heap
page read and write
2FB1000
heap
page read and write
8E4000
heap
page read and write
13A0000
unkown
page read and write
D6D0000
trusted library allocation
page read and write
4E42000
heap
page read and write
4AB000
unkown
page write copy
37F6000
unkown
page read and write
B4F0000
unkown
page read and write
A9B4000
heap
page read and write
9048000
heap
page read and write
34E9000
stack
page read and write
7FF5ECED2000
unkown
page readonly
CE48000
heap
page read and write
33D0000
unkown
page read and write
2F5F000
stack
page read and write
4E6E000
heap
page read and write
B4F0000
unkown
page read and write
4D94000
heap
page read and write
9560000
unkown
page read and write
B4F0000
unkown
page read and write
AB4E000
unkown
page read and write
D9AE000
stack
page read and write
37F9000
unkown
page read and write
7FF5ED68C000
unkown
page readonly
8A9000
heap
page read and write
E06E000
stack
page read and write
8EBF000
heap
page read and write
401000
unkown
page execute read
3037000
heap
page read and write
2D20000
direct allocation
page read and write
4E67000
heap
page read and write
9840000
direct allocation
page read and write
B728000
stack
page read and write
7FF5ED7E9000
unkown
page readonly
9001000
heap
page read and write
843000
heap
page read and write
7DA0000
unkown
page read and write
715000
heap
page read and write
A9A6000
heap
page read and write
7D1000
heap
page read and write
DF6C000
stack
page read and write
68E000
stack
page read and write
8F8000
heap
page read and write
A81B000
heap
page read and write
33D0000
unkown
page read and write
2CBF000
stack
page read and write
7FF5ED5CE000
unkown
page readonly
2EF85FF000
unkown
page read and write
2CFE000
stack
page read and write
F876000
unkown
page read and write
1E48C000
stack
page read and write
3030000
heap
page read and write
923000
heap
page read and write
401000
unkown
page execute read
B4F0000
unkown
page read and write
7FF5ED660000
unkown
page readonly
96DF000
unkown
page read and write
D179000
heap
page read and write
30B1000
heap
page read and write
2D00000
direct allocation
page execute and read and write
7FF5ED4F3000
unkown
page readonly
926000
heap
page read and write
6CA8F000
unkown
page readonly
A997000
heap
page read and write
7DA0000
unkown
page read and write
4E3C000
heap
page read and write
FCDD000
unkown
page read and write
D0C9000
heap
page read and write
13A0000
unkown
page read and write
13A0000
unkown
page read and write
13A0000
unkown
page read and write
A820000
heap
page read and write
13A0000
unkown
page read and write
A820000
heap
page read and write
7DA0000
unkown
page read and write
7DA0000
unkown
page read and write
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
7D90000
unkown
page read and write
8F95000
heap
page read and write
C7C5000
unkown
page read and write
B4F0000
unkown
page read and write
90F2000
heap
page read and write
13A0000
unkown
page read and write
2D6E000
stack
page read and write
A9A2000
heap
page read and write
607000
heap
page read and write
1CA07740000
heap
page read and write
33D0000
unkown
page read and write
B4F0000
unkown
page read and write
1CA07840000
heap
page read and write
4D17000
heap
page read and write
7F30000
unkown
page read and write
76A000
heap
page read and write
13A0000
unkown
page read and write
4E57000
heap
page read and write
7A0000
heap
page read and write
A9AB000
heap
page read and write
9C80000
unkown
page read and write
7FF5ED1BC000
unkown
page readonly
7DA0000
unkown
page read and write
4E3C000
heap
page read and write
32A0000
unkown
page read and write
44E000
stack
page read and write
2E3E000
heap
page read and write
7DB0000
unkown
page read and write
9124000
heap
page read and write
4EE7000
heap
page read and write
9795000
unkown
page read and write
2F70000
heap
page read and write
7DB0000
unkown
page read and write
7FF5ED3CE000
unkown
page readonly
2F1B000
heap
page execute and read and write
B4F0000
unkown
page read and write
2F10000
heap
page read and write
7E6000
unkown
page read and write
7F0000
heap
page read and write
33D0000
unkown
page read and write
76B000
heap
page read and write
13A0000
unkown
page read and write
4BE1000
unkown
page read and write
3748000
unkown
page read and write
7FF5ED9BE000
unkown
page readonly
3570000
direct allocation
page read and write
A4FC000
unkown
page read and write
1B50A000
heap
page read and write
4D5A000
heap
page read and write
13A0000
unkown
page read and write
A9BB000
heap
page read and write
4EF1000
heap
page read and write
D069000
heap
page read and write
7FF5ED669000
unkown
page readonly
9560000
unkown
page read and write
B4F0000
unkown
page read and write
D0F4000
heap
page read and write
9C80000
unkown
page read and write
EE19000
stack
page read and write
7FF5ED71B000
unkown
page readonly
2FB0000
remote allocation
page read and write
7AE000
stack
page read and write
36D5000
stack
page read and write
90F2000
heap
page read and write
7E60000
unkown
page read and write
B4F0000
unkown
page read and write
607000
heap
page read and write
5110000
heap
page read and write
9B000
stack
page read and write
4E42000
heap
page read and write
4D22000
heap
page read and write
11B0000
unkown
page read and write
4CE0000
unkown
page read and write
33D0000
unkown
page read and write
B4F0000
unkown
page read and write
52EA000
trusted library section
page read and write
9840000
direct allocation
page read and write
8530000
heap
page read and write
2BBE000
stack
page read and write
16B5C000
stack
page read and write
89A000
heap
page read and write
9C80000
unkown
page read and write
B4F0000
unkown
page read and write
33D0000
unkown
page read and write
76C000
heap
page read and write
2A1F000
stack
page read and write
9126000
heap
page read and write
2DCE000
stack
page read and write
9115000
heap
page read and write
4D56000
heap
page read and write
32A0000
unkown
page read and write
1451000
unkown
page readonly
D0C9000
heap
page read and write
7D0000
heap
page read and write
13B0000
unkown
page read and write
8DD14AD000
stack
page read and write
8F8000
heap
page read and write
2F0A000
heap
page read and write
C6CF000
unkown
page read and write
EB1D000
stack
page read and write
4E77000
heap
page read and write
CF7C000
heap
page read and write
2EC0000
heap
page read and write
CF1C000
heap
page read and write
C350000
unkown
page read and write
33D0000
unkown
page read and write
A310000
unkown
page read and write
910000
heap
page read and write
5641000
unkown
page read and write
4D58000
heap
page read and write
A820000
heap
page read and write
2C8C000
unkown
page readonly
341F000
stack
page read and write
A9A2000
heap
page read and write
D112000
heap
page read and write
418000
unkown
page write copy
11B0000
unkown
page read and write
8B8000
heap
page read and write
7FF5ED9CA000
unkown
page readonly
C94B000
stack
page read and write
B4F0000
unkown
page read and write
33C0000
unkown
page read and write
D176000
heap
page read and write
C49E000
stack
page read and write
9CE0000
unkown
page read and write
90FE000
heap
page read and write
4D3B000
heap
page read and write
8FBC000
heap
page read and write
9C6000
heap
page read and write
B4F0000
unkown
page read and write
2D84000
heap
page read and write
37D0000
stack
page read and write
51BA000
heap
page read and write
7D90000
unkown
page read and write
80E000
heap
page read and write
33C0000
unkown
page read and write
1DBB8000
direct allocation
page execute read
93B000
heap
page read and write
11B0000
unkown
page read and write
D0F4000
heap
page read and write
BB2B000
stack
page read and write
13A0000
unkown
page read and write
CEE2000
heap
page read and write
8EC8000
heap
page read and write
A98D000
heap
page read and write
7FF5ED885000
unkown
page readonly
20164000
heap
page read and write
ED1F000
stack
page read and write
BAF9000
stack
page read and write
D0F4000
heap
page read and write
9A5B000
unkown
page read and write
5268000
heap
page read and write
9C80000
unkown
page read and write
7D90000
unkown
page read and write
2DDE000
heap
page read and write
7D90000
unkown
page read and write
C700000
unkown
page read and write
33D0000
unkown
page read and write
4D58000
heap
page read and write
7D90000
unkown
page read and write
9560000
unkown
page read and write
8FF7000
heap
page read and write
2FB0000
remote allocation
page read and write
4D5A000
heap
page read and write
11B0000
unkown
page read and write
7DF460B21000
trusted library allocation
page execute read
9048000
heap
page read and write
8ED6000
heap
page read and write
7E70000
trusted library section
page readonly
7FF5ED674000
unkown
page readonly
9792000
unkown
page read and write
8D3D000
heap
page read and write
418000
unkown
page write copy
4D20000
heap
page read and write
400000
unkown
page readonly
8DB000
heap
page read and write
2C89000
unkown
page readonly
7D7000
heap
page read and write
13A0000
unkown
page read and write
A6DB000
stack
page read and write
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
13A0000
unkown
page read and write
76A0000
unkown
page read and write
51B9000
heap
page read and write
7DA0000
unkown
page read and write
88EE000
stack
page read and write
A9B6000
heap
page read and write
8FE5000
heap
page read and write
31B0000
direct allocation
page read and write
7D90000
unkown
page read and write
A9AB000
heap
page read and write
9C80000
unkown
page read and write
922000
heap
page read and write
B4F0000
unkown
page read and write
7FF5ED286000
unkown
page readonly
83D8000
stack
page read and write
400000
unkown
page readonly
9CE0000
unkown
page read and write
7FF5ED92C000
unkown
page readonly
76A000
heap
page read and write
CDC0000
heap
page read and write
A502000
unkown
page read and write
B4F0000
unkown
page read and write
A889000
heap
page read and write
90C000
heap
page read and write
B629000
stack
page read and write
B4F0000
unkown
page read and write
2FB0000
remote allocation
page read and write
4B8B000
unkown
page read and write
7FF5ED5C9000
unkown
page readonly
91B000
heap
page read and write
30AF000
stack
page read and write
250E000
stack
page read and write
4C50000
unkown
page read and write
3250000
unkown
page read and write
8FE5000
heap
page read and write
3738000
unkown
page read and write
2F00000
heap
page read and write
CCA9000
stack
page read and write
4E69000
heap
page read and write
401000
unkown
page execute read
11B0000
unkown
page read and write
7FF5ED91A000
unkown
page readonly
A9BB000
heap
page read and write
D0CD000
heap
page read and write
7DA0000
unkown
page read and write
CD90000
trusted library allocation
page read and write
8D88000
heap
page read and write
13A0000
unkown
page read and write
7FF5ED80C000
unkown
page readonly
9062000
heap
page read and write
8ED7000
heap
page read and write
2C89000
unkown
page readonly
18F9D000
stack
page read and write
48D0000
direct allocation
page read and write
A9A6000
heap
page read and write
A8D5000
heap
page read and write
A491000
unkown
page read and write
9C000
stack
page read and write
794000
heap
page read and write
8D29000
stack
page read and write
51F0000
heap
page read and write
10C0000
unkown
page readonly
4D60000
heap
page read and write
89F000
stack
page read and write
28FE000
stack
page read and write
1CEFD4B2000
heap
page read and write
A8A5000
heap
page read and write
83F000
heap
page read and write
9883000
unkown
page read and write
11C0000
unkown
page readonly
2D06000
unkown
page read and write
13A0000
unkown
page read and write
7FF5ED9A6000
unkown
page readonly
33D0000
unkown
page read and write
8F91000
heap
page read and write
40B000
unkown
page execute read
13A0000
unkown
page read and write
4EE9000
heap
page read and write
13A0000
unkown
page read and write
D114000
heap
page read and write
9C80000
unkown
page read and write
8F87000
heap
page read and write
33D0000
unkown
page read and write
7D90000
unkown
page read and write
6C851000
unkown
page execute read
4D58000
heap
page read and write
9560000
unkown
page read and write
8F8B000
heap
page read and write
9873000
unkown
page read and write
400000
unkown
page readonly
13A0000
unkown
page read and write
9560000
unkown
page read and write
980000
heap
page read and write
8F85000
heap
page read and write
BAE000
heap
page read and write
7D90000
unkown
page read and write
7D90000
unkown
page read and write
7DA0000
unkown
page read and write
A361000
unkown
page read and write
9C80000
unkown
page read and write
4D67000
heap
page read and write
4D52000
heap
page read and write
3250000
unkown
page read and write
3791000
unkown
page read and write
8730000
unkown
page read and write
4E40000
heap
page read and write
9C80000
unkown
page read and write
A29E000
stack
page read and write
417000
unkown
page write copy
B4F0000
unkown
page read and write
D007000
heap
page read and write
2D08000
unkown
page readonly
2E0E000
heap
page execute and read and write
2E29000
heap
page read and write
33D0000
unkown
page read and write
3570000
direct allocation
page read and write
B4F0000
unkown
page read and write
410000
unkown
page readonly
19B3E5F0000
heap
page read and write
9840000
direct allocation
page read and write
4AA000
unkown
page read and write
3160000
unkown
page read and write
7FF5ED33F000
unkown
page readonly
8EAA000
heap
page read and write
13A0000
unkown
page read and write
9C80000
unkown
page read and write
716000
heap
page read and write
8FB9000
stack
page read and write
401000
unkown
page execute read
A98D000
heap
page read and write
7FF5ED68F000
unkown
page readonly
4C1E000
unkown
page read and write
5167000
heap
page read and write
400000
unkown
page readonly
A9A2000
heap
page read and write
D8E0000
trusted library allocation
page read and write
4EDF000
heap
page read and write
2FB0000
remote allocation
page read and write
11B0000
unkown
page read and write
33D0000
unkown
page read and write
4EE7000
heap
page read and write
BCAF000
stack
page read and write
9048000
heap
page read and write
F8F4000
unkown
page read and write
7861000
unkown
page read and write
8DAD000
heap
page read and write
51C9000
heap
page read and write
7FF5ED28E000
unkown
page readonly
33D0000
unkown
page read and write
A39B000
unkown
page read and write
90D3000
heap
page read and write
83F000
heap
page read and write
35A0000
unkown
page readonly
812000
heap
page read and write
13A0000
unkown
page read and write
7FF5ED937000
unkown
page readonly
F8B4000
unkown
page read and write
31B0000
direct allocation
page read and write
8EE1000
heap
page read and write
B8B0000
unkown
page read and write
8F8000
heap
page read and write
2D20000
remote allocation
page read and write
7E11000
unkown
page read and write
7E6000
unkown
page read and write
2E70000
heap
page read and write
B4F0000
unkown
page read and write
B4F0000
unkown
page read and write
8F8B000
heap
page read and write
BDA0000
unkown
page readonly
7FF5ED7DB000
unkown
page readonly
C51E000
unkown
page read and write
276F000
stack
page read and write
31B0000
direct allocation
page read and write
33D0000
unkown
page read and write
401000
unkown
page execute read
4BD000
stack
page read and write
F833000
unkown
page read and write
B4F0000
unkown
page read and write
519D000
heap
page read and write
E36D000
stack
page read and write
32A0000
unkown
page read and write
7DA0000
unkown
page read and write
8E5E000
heap
page read and write
91C000
heap
page read and write
8F6000
heap
page read and write
B44F000
stack
page read and write
6C850000
unkown
page readonly
690000
heap
page read and write
D7FB000
stack
page read and write
4C18000
unkown
page read and write
8D6D000
heap
page read and write
A81D000
heap
page read and write
1CEFD670000
heap
page read and write
90B3000
heap
page read and write
2D30000
heap
page read and write
7FF5ED9F2000
unkown
page readonly
8A5000
heap
page read and write
8E66000
heap
page read and write
8EE5000
heap
page read and write
A0E000
stack
page read and write
90D1000
heap
page read and write
49D3000
heap
page execute and read and write
13A0000
unkown
page read and write
B4F0000
unkown
page read and write
740000
heap
page read and write
33D0000
unkown
page read and write
92D000
heap
page read and write
987D000
unkown
page read and write
534000
remote allocation
page execute and read and write
7FF5ED26E000
unkown
page readonly
8A7000
heap
page read and write
33D0000
unkown
page read and write
79E000
stack
page read and write
2EBE000
heap
page execute and read and write
90A000
heap
page read and write
4E05000
heap
page read and write
B4F0000
unkown
page read and write
935000
heap
page read and write
987B000
unkown
page read and write
3209000
stack
page read and write
9062000
heap
page read and write
A9A2000
heap
page read and write
13A0000
unkown
page read and write
88E000
stack
page read and write
2DD0000
heap
page read and write
7D90000
unkown
page read and write
192000
stack
page read and write
51C9000
heap
page read and write
9560000
unkown
page read and write
9FA0000
stack
page read and write
B4F0000
unkown
page read and write
A3CA000
stack
page read and write
883000
heap
page read and write
7884000
unkown
page read and write
CF58000
heap
page read and write
9B3000
heap
page read and write
28FE000
stack
page read and write
4976000
heap
page execute and read and write
C350000
unkown
page read and write
1483000
heap
page read and write
19D000
stack
page read and write
8ED1000
heap
page read and write
909000
heap
page read and write
B4F0000
unkown
page read and write
A895000
heap
page read and write
57E000
stack
page read and write
A80A000
heap
page read and write
889000
heap
page read and write
7FF5ED781000
unkown
page readonly
410000
unkown
page readonly
D0CC000
heap
page read and write
8F78000
heap
page read and write
7DF460B10000
trusted library allocation
page readonly
2D5E000
stack
page read and write
9560000
unkown
page read and write
1F0000
heap
page read and write
8EB0000
heap
page read and write
E51C000
stack
page read and write
CE51000
heap
page read and write
7FF5ED4FD000
unkown
page readonly
36D3000
stack
page read and write
764000
heap
page read and write
3580000
unkown
page readonly
7DA0000
unkown
page read and write
D179000
heap
page read and write
7EB000
heap
page read and write
460000
heap
page read and write
2CFE000
stack
page read and write
9074000
heap
page read and write
900E000
stack
page read and write
9C80000
unkown
page read and write
13A0000
unkown
page read and write
B10D000
stack
page read and write
7D90000
unkown
page read and write
7DA0000
unkown
page read and write
37AC000
unkown
page read and write
4D80000
heap
page read and write
753000
heap
page read and write
7DA0000
unkown
page read and write
2FB0000
heap
page read and write
D0F4000
heap
page read and write
19B3E6A0000
heap
page read and write
9E6C000
stack
page read and write
2C89000
unkown
page read and write
9840000
direct allocation
page read and write
5127000
heap
page read and write
4D67000
heap
page read and write
D6F3000
trusted library allocation
page read and write
A9B4000
heap
page read and write
1360000
heap
page read and write
7D90000
unkown
page read and write
31B0000
direct allocation
page read and write
1DAB1000
heap
page read and write
7FF5ED433000
unkown
page readonly
33C0000
unkown
page read and write
829000
heap
page read and write
8FD000
heap
page read and write
7DB0000
unkown
page read and write
4E77000
heap
page read and write
B4F0000
unkown
page read and write
7FF5ED556000
unkown
page readonly
7D90000
unkown
page read and write
3160000
unkown
page read and write
2D20000
remote allocation
page read and write
146CE000
stack
page read and write
3160000
unkown
page read and write
3759000
stack
page read and write
960000
heap
page read and write
A8E000
stack
page read and write
2A10000
heap
page read and write
1480000
heap
page read and write
51F5000
heap
page read and write
89A000
heap
page read and write
9560000
unkown
page read and write
42D000
unkown
page read and write
D6C3000
trusted library allocation
page read and write
9CE0000
unkown
page read and write
2CEE000
stack
page read and write
D0CE000
heap
page read and write
9C80000
unkown
page read and write
5590000
unkown
page write copy
3160000
unkown
page read and write
9840000
direct allocation
page read and write
E86E000
stack
page read and write
B4F0000
unkown
page read and write
35BB000
stack
page read and write
7D90000
unkown
page read and write
B4F0000
unkown
page read and write
9C80000
unkown
page read and write
8E8000
heap
page read and write
7FF5ED803000
unkown
page readonly
8EF5000
heap
page read and write
8F83000
heap
page read and write
4E59000
heap
page read and write
A981000
heap
page read and write
7FF5ED516000
unkown
page readonly
B4F0000
unkown
page read and write
19E000
stack
page read and write
6EE000
stack
page read and write
7FF5ED806000
unkown
page readonly
5264000
heap
page read and write
909D000
heap
page read and write
11B0000
unkown
page read and write
8FE000
heap
page read and write
CDB0000
trusted library allocation
page read and write
727000
heap
page read and write
E71C000
stack
page read and write
948000
heap
page read and write
31B0000
direct allocation
page read and write
1B46F000
stack
page read and write
32A0000
unkown
page read and write
3570000
direct allocation
page read and write
4E05000
heap
page read and write
16B0D000
stack
page read and write
8F87000
heap
page read and write
1224E000
stack
page read and write
DBCF000
stack
page read and write
F4D5000
unkown
page read and write
7FF5ED71E000
unkown
page readonly
8B8000
heap
page read and write
1500000
heap
page read and write
2D08000
unkown
page readonly
8E21000
heap
page read and write
9560000
unkown
page read and write
9840000
direct allocation
page read and write
8C0000
heap
page read and write
BC9B000
stack
page read and write
13A0000
unkown
page read and write
838000
heap
page read and write
4AB000
unkown
page write copy
8EDD000
heap
page read and write
6C8E2000
unkown
page readonly
2FB1000
heap
page read and write
CF17000
heap
page read and write
50E9000
heap
page read and write
51C9000
heap
page read and write
B82A000
stack
page read and write
CEE2000
heap
page read and write
7FF5ED8FF000
unkown
page readonly
3160000
unkown
page read and write
31B0000
direct allocation
page read and write
51C9000
heap
page read and write
52B000
remote allocation
page execute and read and write
4C8A000
unkown
page read and write
A4CD000
stack
page read and write
C84D000
unkown
page read and write
9B000
stack
page read and write
5D0000
heap
page read and write
2C8C000
unkown
page readonly
DD0000
unkown
page readonly
7FF5ED97E000
unkown
page readonly
519D000
heap
page read and write
9560000
unkown
page read and write
9840000
direct allocation
page read and write
7FF5EDA08000
unkown
page readonly
2D60000
heap
page read and write
27DF000
stack
page read and write
D0CE000
heap
page read and write
B4F0000
unkown
page read and write
9840000
direct allocation
page read and write
51C9000
heap
page read and write
D19F000
heap
page read and write
900D000
heap
page read and write
410000
unkown
page readonly
40F000
unkown
page readonly
C6C9000
unkown
page read and write
4AB000
unkown
page write copy
7D90000
unkown
page read and write
7D90000
unkown
page read and write
C962000
unkown
page read and write
7FF5ED9E1000
unkown
page readonly
418000
unkown
page write copy
D0CE000
heap
page read and write
9B5C000
stack
page read and write
7D90000
unkown
page read and write
2DFE000
stack
page read and write
13A0000
unkown
page read and write
345C000
stack
page read and write
B4F0000
unkown
page read and write
2D06000
unkown
page read and write
B4F0000
unkown
page read and write
5C8000
heap
page read and write
7FF5ED76D000
unkown
page readonly
DE6D000
stack
page read and write
5169000
heap
page read and write
3170000
heap
page read and write
727000
heap
page read and write
B4F0000
unkown
page read and write
19B3E6A9000
heap
page read and write
7FF5ED9A1000
unkown
page readonly
B4F0000
unkown
page read and write
A61000
heap
page read and write
B4F0000
unkown
page read and write
5116000
heap
page read and write
76B000
heap
page read and write
11B0000
unkown
page read and write
3570000
direct allocation
page read and write
2EF86FF000
stack
page read and write
5163000
heap
page read and write
51B4000
heap
page read and write
33D0000
unkown
page read and write
4D1F000
heap
page read and write
51D0000
heap
page read and write
A981000
heap
page read and write
B4F0000
unkown
page read and write
9001000
heap
page read and write
8F74000
heap
page read and write
7DA0000
unkown
page read and write
8EE8000
heap
page read and write
8F6D000
heap
page read and write
2F5F000
stack
page read and write
7FF5ED644000
unkown
page readonly
11B0000
unkown
page read and write
13A0000
unkown
page read and write
F780000
heap
page read and write
9977000
unkown
page read and write
33D0000
unkown
page read and write
8A7000
heap
page read and write
9840000
direct allocation
page read and write
810000
heap
page read and write
9C80000
unkown
page read and write
7FF5ED412000
unkown
page readonly
2F0E000
heap
page read and write
8EEA000
heap
page read and write
1095000
stack
page read and write
2D06000
unkown
page read and write
1F0000
heap
page read and write
CA42000
unkown
page read and write
4D2D000
heap
page read and write
1F0000
heap
page read and write
4D56000
heap
page read and write
2C89000
unkown
page read and write
595000
heap
page read and write
921000
heap
page read and write
7DA0000
unkown
page read and write
FDBE000
stack
page read and write
13A0000
unkown
page read and write
7D90000
unkown
page read and write
A9A6000
heap
page read and write
8830000
heap
page read and write
416000
unkown
page read and write
A9A2000
heap
page read and write
93BE000
stack
page read and write
9CE0000
unkown
page read and write
19E000
stack
page read and write
4EDD000
heap
page read and write
510C000
heap
page read and write
D6E0000
heap
page read and write
7DF460B00000
trusted library allocation
page readonly
A8D5000
heap
page read and write
8F78000
heap
page read and write
3758000
unkown
page read and write
7FF5ED8F9000
unkown
page readonly
401000
unkown
page execute read
796000
heap
page read and write
There are 3271 hidden memdumps, click here to show them.