IOC Report
uChcvn3L6R.exe

loading gif

Files

File Path
Type
Category
Malicious
uChcvn3L6R.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Program Files\Uninstall Information\qiOZcVoixJLcuAFKAnRd.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Recovery\RuntimeBroker.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Recovery\explorer.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Surrogateprovidercomponentsessionmonitor\browserwinsvc.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Surrogateprovidercomponentsessionmonitor\qiOZcVoixJLcuAFKAnRd.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-R8U9P.tmp\Arcane CheatSetup.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Fonts\qiOZcVoixJLcuAFKAnRd.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Windows\addins\audiodg.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Arcane Cheat\Arcane Cheat.exe (copy)
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\is-5H46A.tmp
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\is-8NKS2.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\COPYRIGHT (copy)
ISO-8859 text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\LICENSE (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\README.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt (copy)
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\THIRDPARTYLICENSEREADME.txt (copy)
Unicode text, UTF-8 text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\Welcome.html (copy)
HTML document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\JAWTAccessBridge-32.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\JAWTAccessBridge.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\JavaAccessBridge-32.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\JavaAccessBridge.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\WindowsAccessBridge-32.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\WindowsAccessBridge.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\awt.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\bci.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\client\Xusage.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\client\is-95M9J.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\client\is-KHA4M.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\client\jvm.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dcpr.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\decora_sse.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\deploy.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dt_shmem.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dt_socket.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dtplugin\deployJava1.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dtplugin\is-7TEQQ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dtplugin\is-L2DJE.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\dtplugin\npdeployJava1.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\eula.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\fontmanager.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\fxplugins.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\glass.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\glib-lite.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\gstreamer-lite.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\hprof.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\instrument.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-069DQ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-0TC1S.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-11A56.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-162RA.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-17AF0.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-1D9V4.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-1EODK.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-1NNTS.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-23BHM.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-2KSRS.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-3CGHC.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-3TU72.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-4UUQJ.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-4VJ8E.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-5VJPG.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-6EJKR.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-6IE0O.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-6TBSI.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-78EDT.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-7HO40.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-7KMRP.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-7LLC2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-8BCTR.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-8GHN8.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-90393.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-94OVM.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-9OG1R.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-9PR86.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-AASG5.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-B9B0I.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-B9PAS.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-C92NJ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-CKDJ7.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-CSEKM.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-D49GQ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-DCG3E.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-DK2B0.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-DLMB6.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-DQ2M9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-F27BH.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-F39U2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-F8M96.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-FA3UT.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-FDP9A.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-FF2ON.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-FKC0I.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-FLHTG.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-G1B5Q.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-G6G2A.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-GFQTQ.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-GMKU6.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-H7O6N.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-HUQAI.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-I5RLV.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-KFFNG.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-KH7DR.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-KL3UV.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-KP5B8.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-LS3UA.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-LUGNS.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-M0CO5.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-M6OGV.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-M8DR9.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-MH2RS.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-MITQ2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-ML2GN.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-MV7G1.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-NE044.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-O1CKK.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-O5MSC.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-OMDGH.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-OV1CO.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-P9144.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-PFI2B.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-QS1JT.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-RBKCS.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-RJ8O6.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-RKJ6P.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-RMB9M.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-RPV0O.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-S4T07.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-SGAAD.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-T1J1I.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-TH2Q9.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-TJN2U.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-U0SIJ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-VI3JJ.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\is-VNH60.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\j2pcsc.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\j2pkcs11.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jaas_nt.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jabswitch.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\java-rmi.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\java.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\java.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\java_crw_demo.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javacpl.cpl (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javacpl.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javafx_font.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javafx_font_t2k.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javafx_iio.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javaw.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\javaws.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jawt.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jdwp.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jfr.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jfxmedia.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jfxwebkit.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jjs.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jli.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jp2iexp.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jp2launcher.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jp2native.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jp2ssv.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jpeg.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jsdt.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jsound.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\jsoundds.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\kcms.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\keytool.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\kinit.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\klist.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\ktab.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\lcms.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\management.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\mlib_image.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\msvcp120.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\msvcr100.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\msvcr120.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\net.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\nio.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\npt.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\orbd.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\pack200.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\plugin2\is-1RSEV.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\plugin2\is-OVE01.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\plugin2\msvcr100.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\plugin2\npjp2.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\policytool.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\prism_common.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\prism_d3d.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\prism_sw.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\resource.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\rmid.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\rmiregistry.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\servertool.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\splashscreen.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\ssv.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\ssvagent.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\sunec.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\sunmscapi.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\t2k.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\tnameserv.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\unpack.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\unpack200.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\verify.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\w2k_lsa_auth.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\wsdetect.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\bin\zip.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-5391N.tmp
ASCII text, with very long lines (427), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-JM49M.tmp
ISO-8859 text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-KASLN.tmp
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-NCUG3.tmp
HTML document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-P3EBR.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-S4OCV.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\is-TG8N3.tmp
Unicode text, UTF-8 text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\accessibility.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\calendars.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\charsets.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\classlist (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\CIEXYZ.pf (copy)
Sun KCMS color profile 2.0, type KCMS, XYZ/XYZ-spac device, 51236 bytes, 2-12-1997 18:50:04, dependently, PCS X=0xf6b3 Z=0xd2f8 "XYZ to XYZ Identity Profile"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\GRAY.pf (copy)
Sun KCMS color profile 2.0, type KCMS, GRAY/XYZ-mntr device, KODA/GRAY model, 632 bytes, 27-7-95 17:30:15, embedded, relative colorimetric, PCS Z=0xd32b "KODAK Grayscale Conversion - Gamma 1.0"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\LINEAR_RGB.pf (copy)
color profile 2.0, type KCMS, RGB/XYZ-mntr device by KODK, 1044 bytes, 2-2-1998, PCS Z=0xd32c "linear sRGB"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\PYCC.pf (copy)
Sun KCMS color profile 2.0, type KCMS, 3CLR/Lab-spac device, 274474 bytes, 6-11-1996 7:50:04, PCS X=0xf6b3 Z=0xd2f8 "Std Photo YCC Print"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\is-1B792.tmp
Sun KCMS color profile 2.0, type KCMS, 3CLR/Lab-spac device, 274474 bytes, 6-11-1996 7:50:04, PCS X=0xf6b3 Z=0xd2f8 "Std Photo YCC Print"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\is-7KC82.tmp
Sun KCMS color profile 2.0, type KCMS, XYZ/XYZ-spac device, 51236 bytes, 2-12-1997 18:50:04, dependently, PCS X=0xf6b3 Z=0xd2f8 "XYZ to XYZ Identity Profile"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\is-7UU59.tmp
Microsoft color profile 2.1, type Lino, RGB/XYZ-mntr device, IEC/sRGB model by HP, 3144 bytes, 9-2-1998 6:49:00 "sRGB IEC61966-2.1"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\is-G1NLE.tmp
Sun KCMS color profile 2.0, type KCMS, GRAY/XYZ-mntr device, KODA/GRAY model, 632 bytes, 27-7-95 17:30:15, embedded, relative colorimetric, PCS Z=0xd32b "KODAK Grayscale Conversion - Gamma 1.0"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\is-U96LM.tmp
color profile 2.0, type KCMS, RGB/XYZ-mntr device by KODK, 1044 bytes, 2-2-1998, PCS Z=0xd32c "linear sRGB"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\cmm\sRGB.pf (copy)
Microsoft color profile 2.1, type Lino, RGB/XYZ-mntr device, IEC/sRGB model by HP, 3144 bytes, 9-2-1998 6:49:00 "sRGB IEC61966-2.1"
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\content-types.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\currency.data (copy)
data
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\ffjcext.zip (copy)
Zip archive data, at least v1.0 to extract, compression method=store
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-02PG7.tmp
ASCII text, with very long lines (1575), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-0FC44.tmp
GIF image data, version 89a, 320 x 139
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-0KRQK.tmp
Zip archive data, at least v1.0 to extract, compression method=store
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-9JGEJ.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-AEG93.tmp
ASCII text, with very long lines (1386), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-C26GO.tmp
ASCII text, with very long lines (2601), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-EPLI5.tmp
ASCII text, with very long lines (2924), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-F8M9G.tmp
ASCII text, with very long lines (1392), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-HVVCP.tmp
GIF image data, version 89a, 640 x 278
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-IDQKF.tmp
ASCII text, with very long lines (1729), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-K1E6H.tmp
GIF image data, version 89a, 320 x 139
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-LMLB3.tmp
ASCII text, with very long lines (1857), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-NCSTA.tmp
GIF image data, version 89a, 640 x 278
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-NGOVH.tmp
ASCII text, with very long lines (1729), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-NJ10N.tmp
ASCII text, with very long lines (1345), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-OAA9U.tmp
ASCII text, with very long lines (1319), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\is-V6B2J.tmp
ASCII text, with very long lines (1475), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_de.properties (copy)
ASCII text, with very long lines (1345), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_es.properties (copy)
ASCII text, with very long lines (1475), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_fr.properties (copy)
ASCII text, with very long lines (1575), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_it.properties (copy)
ASCII text, with very long lines (1392), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_ja.properties (copy)
ASCII text, with very long lines (2924), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_ko.properties (copy)
ASCII text, with very long lines (2601), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_pt_BR.properties (copy)
ASCII text, with very long lines (1319), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_sv.properties (copy)
ASCII text, with very long lines (1386), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_zh_CN.properties (copy)
ASCII text, with very long lines (1857), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_zh_HK.properties (copy)
ASCII text, with very long lines (1729), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\messages_zh_TW.properties (copy)
ASCII text, with very long lines (1729), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\splash.gif (copy)
GIF image data, version 89a, 320 x 139
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\splash@2x.gif (copy)
GIF image data, version 89a, 640 x 278
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\splash_11-lic.gif (copy)
GIF image data, version 89a, 320 x 139
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\deploy\splash_11@2x-lic.gif (copy)
GIF image data, version 89a, 640 x 278
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\access-bridge-32.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\access-bridge.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\cldrdata.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\dnsns.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-1S1SJ.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-22GBI.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-3CKM4.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-8G35C.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-8USHQ.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-CGAJL.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-G569F.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-INSJS.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-JT4HE.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-M055Q.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-NN2UH.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-Q568H.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-Q8QH7.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\is-UQRP1.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\jaccess.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\jfxrt.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\localedata.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\meta-index (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\nashorn.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\sunec.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\sunjce_provider.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\sunmscapi.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\sunpkcs11.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\ext\zipfs.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\flavormap.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fontconfig.bfc (copy)
raw G3 (Group 3) FAX
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fontconfig.properties.src (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaBrightDemiBold.ttf (copy)
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,422.Lucida BrightDemiboldLucida Bright Dem
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaBrightDemiItalic.ttf (copy)
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc.Lucida BrightDemibold ItalicLucida Bright Demibold Itali
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaBrightItalic.ttf (copy)
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,773.Lucida BrightItalicLucida Bright Itali
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaBrightRegular.ttf (copy)
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,421.Lucida BrightRegularLucida Bright Regu
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaSansDemiBold.ttf (copy)
TrueType Font data, 15 tables, 1st "LTSH", 19 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida SansDemiboldLucida Sa
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaSansRegular.ttf (copy)
TrueType Font data, 18 tables, 1st "GDEF", 19 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida SansRegularLucida Sans Regu
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaTypewriterBold.ttf (copy)
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc.Lucida Sans TypewriterBoldLucida Sans Typewrite
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\LucidaTypewriterRegular.ttf (copy)
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc.Lucida Sans TypewriterRegularLucida Sans Typewriter R
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-5GSHU.tmp
TrueType Font data, 15 tables, 1st "LTSH", 19 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida SansDemiboldLucida Sa
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-656OT.tmp
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999, 2001 by Bigelow & Holmes Inc.Lucida Sans TypewriterBoldLucida Sans Typewrite
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-9LD56.tmp
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc.Lucida BrightDemibold ItalicLucida Bright Demibold Itali
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-ABJOJ.tmp
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,421.Lucida BrightRegularLucida Bright Regu
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-LTJKT.tmp
TrueType Font data, 18 tables, 1st "GDEF", 19 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc. Pat. Des. 289,420.Lucida SansRegularLucida Sans Regu
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-NGCN5.tmp
TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright (c) 1999 by Bigelow & Holmes Inc.Lucida Sans TypewriterRegularLucida Sans Typewriter R
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-NTO90.tmp
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,422.Lucida BrightDemiboldLucida Bright Dem
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\fonts\is-REGRC.tmp
TrueType Font data, 15 tables, 1st "LTSH", 16 names, Macintosh, Copyright (c) 2000 Bigelow & Holmes Inc. Pat. Des 289,773.Lucida BrightItalicLucida Bright Itali
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\hijrah-config-umalqura.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\i386\is-3KI1N.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\i386\jvm.cfg (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\cursors.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\invalid32x32.gif (copy)
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-C85MI.tmp
GIF image data, version 89a, 31 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-FK0R7.tmp
GIF image data, version 89a, 31 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-HGFT2.tmp
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-I6PSN.tmp
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-KJBAP.tmp
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-Q1QMN.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-Q5E2F.tmp
GIF image data, version 89a, 31 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\is-T6K13.tmp
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\win32_CopyDrop32x32.gif (copy)
GIF image data, version 89a, 31 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif (copy)
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\win32_LinkDrop32x32.gif (copy)
GIF image data, version 89a, 31 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif (copy)
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\win32_MoveDrop32x32.gif (copy)
GIF image data, version 89a, 31 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif (copy)
GIF image data, version 89a, 32 x 32
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-4AM1E.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-4CLUR.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-4SN73.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-5EIE5.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-62RAF.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-6S6GT.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-71S1B.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-7LOEQ.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-8LK0S.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-B8ALA.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-DB6C0.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-EJS52.tmp
Algol 68 source, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-GDBM4.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-HMD89.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-IUF2L.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-J0593.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-J5D5J.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-JK5E2.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-KUGIH.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-LKM6J.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-LVB41.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-M00FU.tmp
data
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-MSBPS.tmp
data
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-N36F6.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-NCN18.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-RNH73.tmp
raw G3 (Group 3) FAX
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-SDO4P.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-TUEUN.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-V21KH.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\is-V8NE5.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\javafx.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\javaws.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jce.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jfr.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jfr\default.jfc (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jfr\is-67R0L.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jfr\is-E3OJR.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jfr\profile.jfc (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jfxswt.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jsse.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\jvm.hprof.txt (copy)
Algol 68 source, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\logging.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management-agent.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\is-5N31F.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\is-JTQUT.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\is-NQ6DF.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\is-VF2AJ.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\jmxremote.access (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\jmxremote.password.template (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\management.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\management\snmp.acl.template (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\meta-index (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\net.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\plugin.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\psfont.properties.ja (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\psfontj2d.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\resources.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\rt.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\US_export_policy.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\blacklist (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\blacklisted.certs (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\cacerts (copy)
Java KeyStore
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-3GORA.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-4IB00.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-6E1P7.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-8FS1L.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-AOEAG.tmp
Java KeyStore
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-F94G2.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-JAOE1.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\is-JGNRI.tmp
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\java.policy (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\java.security (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\javaws.policy (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\security\local_policy.jar (copy)
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\sound.properties (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\tzdb.dat (copy)
data
dropped
C:\Program Files (x86)\Arcane Cheat\jre\lib\tzmappings (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\jre\release (copy)
ASCII text, with very long lines (427), with CRLF line terminators
dropped
C:\Program Files (x86)\Arcane Cheat\lib\asm-all.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\lib\dn-compiled-module.jar (copy)
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\lib\dn-php-sdk.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\gson.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=store
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-0BEL9.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-2IL8O.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-54OT5.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-8C01F.tmp
Zip archive data, at least v1.0 to extract, compression method=store
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-DKGHN.tmp
Java archive data (JAR)
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-E5C2I.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-J8OSH.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-OD4SB.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-PS6NL.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-S4SM4.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-SI355.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\is-UJDM9.tmp
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-app-framework.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-core.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-desktop-ext.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-gui-ext.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-json-ext.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-runtime.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-xml-ext.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\lib\jphp-zend-ext.jar (copy)
Zip archive data, at least v1.0 to extract, compression method=deflate
dropped
C:\Program Files (x86)\Arcane Cheat\unins000.dat
InnoSetup Log Arcane Cheat {1abcb2b3-469c-4b18-82f8-f208926ef299}, version 0x418, 37183 bytes, 960781\37\user\376, C:\Program Files (x86)\Arcane Cheat\376\37
dropped
C:\Program Files (x86)\Arcane Cheat\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files\Uninstall Information\4f78d385fc35a0
ASCII text, with very long lines (876), with no line terminators
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arcane Cheat\Arcane Cheat.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sun May 26 07:02:28 2024, mtime=Sun May 26 07:02:28 2024, atime=Mon May 20 03:42:10 2024, length=32768, window=hide
dropped
C:\Recovery\7a0fd90576e088
ASCII text, with very long lines (861), with no line terminators
dropped
C:\Recovery\9e8d7a4ca61bd9
ASCII text, with no line terminators
dropped
C:\Surrogateprovidercomponentsessionmonitor\4f78d385fc35a0
ASCII text, with very long lines (519), with no line terminators
dropped
C:\Surrogateprovidercomponentsessionmonitor\WinStore.App.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Surrogateprovidercomponentsessionmonitor\bjWdhUfYhC7CKzpdCHePv6eJ.bat
ASCII text, with no line terminators
dropped
C:\Surrogateprovidercomponentsessionmonitor\fd168b19609dff
ASCII text, with very long lines (951), with no line terminators
dropped
C:\Surrogateprovidercomponentsessionmonitor\lEI1Ux7.vbe
data
dropped
C:\Users\Public\Desktop\Arcane Cheat.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Sun May 26 07:02:28 2024, mtime=Sun May 26 07:02:47 2024, atime=Mon May 20 03:42:10 2024, length=32768, window=hide
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\audiodg.exe.log
CSV text
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\browserwinsvc.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\explorer.exe.log
CSV text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\Arcane Cheat.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Arcane CheatSetup.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_03oywmg4.lds.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0x2tcaoz.2qk.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2xbfeqj4.jig.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3gm0k5gp.al2.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3kjj3tm5.wfs.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3shhf1hw.ie3.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4odaopsr.ucv.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_a0zkugfo.yfw.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_alxozhwx.vtx.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_d0yk53bt.lvx.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dy0z2z5d.gp5.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_fv1mqlap.f1c.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iqqeovwe.h2z.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iz0dqzkz.ugp.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_n23qz2hd.gxc.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nguu5n1u.lp3.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_njpr3is0.cce.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y5riyp5m.zlp.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yovzcxgy.q15.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zkvzyvhh.2dd.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-N4812.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-N4812.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Windows\Fonts\4f78d385fc35a0
ASCII text, with very long lines (463), with no line terminators
dropped
C:\Windows\addins\42af1c969fbb7b
ASCII text, with very long lines (386), with no line terminators
dropped
C:\Windows\en-US\4f78d385fc35a0
ASCII text, with very long lines (401), with no line terminators
dropped
C:\Windows\en-US\qiOZcVoixJLcuAFKAnRd.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
There are 466 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\uChcvn3L6R.exe
"C:\Users\user\Desktop\uChcvn3L6R.exe"
 malicious
C:\Users\user\AppData\Local\Temp\is-R8U9P.tmp\Arcane CheatSetup.tmp
"C:\Users\user\AppData\Local\Temp\is-R8U9P.tmp\Arcane CheatSetup.tmp" /SL5="$4042E,46527891,119296,C:\Users\user\AppData\Local\Temp\Arcane CheatSetup.exe"
malicious
C:\Users\user\AppData\Local\Temp\Arcane Cheat.exe
"C:\Users\user\AppData\Local\Temp\Arcane Cheat.exe"
malicious
C:\Windows\SysWOW64\wscript.exe
"C:\Windows\System32\WScript.exe" "C:\Surrogateprovidercomponentsessionmonitor\lEI1Ux7.vbe"
malicious
C:\Surrogateprovidercomponentsessionmonitor\browserwinsvc.exe
"C:\Surrogateprovidercomponentsessionmonitor\browserwinsvc.exe"
 malicious
C:\Windows\System32\schtasks.exe
schtasks.exe /create /tn "qiOZcVoixJLcuAFKAnRdq" /sc MINUTE /mo 12 /tr "'C:\Program Files\Uninstall Information\qiOZcVoixJLcuAFKAnRd.exe'" /f
malicious
C:\Windows\addins\audiodg.exe
C:\Windows\addins\audiodg.exe
 malicious
C:\Windows\addins\audiodg.exe
C:\Windows\addins\audiodg.exe
 malicious
C:\Recovery\explorer.exe
C:\Recovery\explorer.exe
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Surrogateprovidercomponentsessionmonitor\browserwinsvc.exe'
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Recovery\RuntimeBroker.exe'
 malicious
C:\Recovery\explorer.exe
C:\Recovery\explorer.exe
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Windows\addins\audiodg.exe'
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Windows\Fonts\qiOZcVoixJLcuAFKAnRd.exe'
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"powershell" -Command Add-MpPreference -ExclusionPath 'C:\Surrogateprovidercomponentsessionmonitor\qiOZcVoixJLcuAFKAnRd.exe'
 malicious
C:\Users\user\AppData\Local\Temp\Arcane CheatSetup.exe
"C:\Users\user\AppData\Local\Temp\Arcane CheatSetup.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Surrogateprovidercomponentsessionmonitor\bjWdhUfYhC7CKzpdCHePv6eJ.bat" "
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 11 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://729231cm.n9shteam1.top/@0J3bwBXdzh2chlnb
malicious
http://pesterbdd.com/images/Pester.png
unknown
 malicious
http://www.innosetup.com/
unknown
http://go.micN
unknown
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
http://ocsp.example.net:80
unknown
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
http://ocsp.thawte.com0
unknown
http://bugreport.sun.com/bugreport/
unknown
http://java.oracle.com/
unknown
http://www.oracle.com/technetwork/java/javaseproducts/C:
unknown
http://www.symauth.com/cps0(
unknown
https://github.com/Pester/Pester
unknown
http://openjdk.java.net/jeps/220).
unknown
http://www.dk-soft.org/
unknown
http://crl.thawte.com/ThawteTimestampingCA.crl0
unknown
http://www.oracle.com/hotspot/jvm/vm/compiler/id
unknown
http://www.oracle.com/hotspot/jvm/vm/gc/id
unknown
http://www.symauth.com/rpa00
unknown
http://www.oracle.com/technetwork/java/javase/overview/
unknown
http://schemas.xmlsoap.org/wsdl/
unknown
http://ip-api.com
unknown
http://counter-strike.com.ua/
unknown
http://www.oracle.com/technetwork/java/javaseproducts/
unknown
https://aka.ms/pscore68
unknown
http://www.oracle.com/hotspot/jvm/java/monitor/address
unknown
http://www.remobjects.com/ps
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://www.oracle.com/hotspot/jvm/
unknown
http://download.oracle.com/javase/7/docs/technotes/guides/plugin/
unknown
http://www.oracle.com/hotspot/jvm/vm/code_sweeper/id
unknown
http://ip-api.com/line/?fields=hosting
208.95.112.1
http://bugreport.sun.com/bugreport/java.vendor.url.bughttp://java.oracle.com/java.vendor.urljava.ven
unknown
There are 24 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
ip-api.com
208.95.112.1
 malicious

IPs

IP
Domain
Country
Malicious
208.95.112.1
ip-api.com
United States
malicious

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RuntimeBroker
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
audiodg
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
audiodg
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
explorer
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
explorer
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
WinStore.App
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
qiOZcVoixJLcuAFKAnRd
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Shell
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: Selected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: Deselected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
Inno Setup: Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
MinorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1abcb2b3-469c-4b18-82f8-f208926ef299}_is1
EstimatedSize
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.ApplicationCompany
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\browserwinsvc_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\8e8ff9c3ddbba7ed8a7c2d32a0d9f109fb1e10c2
161c451eae3291ecccafedf7d3007700fc801377
There are 55 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
24F1000
trusted library allocation
page read and write
 malicious
2C04000
trusted library allocation
page read and write
 malicious
28D1000
trusted library allocation
page read and write
 malicious
2A1F000
trusted library allocation
page read and write
 malicious
2C1F000
trusted library allocation
page read and write
 malicious
290E000
trusted library allocation
page read and write
 malicious
29E1000
trusted library allocation
page read and write
 malicious
12ABD000
trusted library allocation
page read and write
 malicious
3261000
trusted library allocation
page read and write
 malicious
2AB1000
trusted library allocation
page read and write
 malicious
133D878000
stack
page read and write
63D000
heap
page read and write
35C2000
heap
page read and write
3068000
heap
page read and write
12D72000
trusted library allocation
page read and write
362E000
stack
page read and write
32FE000
heap
page read and write
54E000
heap
page read and write
335E000
stack
page read and write
7FFD9BA40000
trusted library allocation
page execute and read and write
3158000
heap
page read and write
902AFCE000
stack
page read and write
CEE000
heap
page read and write
7FFD9BA30000
trusted library allocation
page read and write
204013D7000
trusted library allocation
page read and write
30E0000
heap
page read and write
501000
unkown
page write copy
33DA000
heap
page read and write
8A147EE000
stack
page read and write
853000
unkown
page readonly
3582000
heap
page read and write
1C303000
heap
page read and write
30CF000
heap
page read and write
881000
unkown
page read and write
CE8000
heap
page read and write
308D000
heap
page read and write
25A5000
trusted library allocation
page read and write
19F596E3000
trusted library allocation
page read and write
939CB79000
stack
page read and write
400000
unkown
page readonly
19F56D70000
heap
page read and write
939C753000
stack
page read and write
1C2F0000
heap
page read and write
B6BC000
stack
page read and write
22C95458000
heap
page read and write
3041000
heap
page read and write
19F58944000
heap
page read and write
2040133E000
trusted library allocation
page read and write
7FFD9B9A4000
trusted library allocation
page read and write
28BE000
stack
page read and write
3151000
heap
page read and write
654000
heap
page read and write
902AECD000
stack
page read and write
22C98780000
trusted library allocation
page read and write
30BE000
heap
page read and write
5E9000
heap
page read and write
2320000
heap
page execute and read and write
505000
unkown
page read and write
902A2FF000
stack
page read and write
2EDE000
stack
page read and write
B52F000
stack
page read and write
7FFD9B992000
trusted library allocation
page read and write
14A1000
heap
page read and write
3580000
heap
page read and write
7FFD9BA50000
trusted library allocation
page execute and read and write
401000
unkown
page execute read
590000
heap
page read and write
577000
heap
page read and write
2FCB000
trusted library allocation
page read and write
6DD000
heap
page read and write
2F6E000
trusted library allocation
page read and write
654000
heap
page read and write
1D25E368000
trusted library allocation
page read and write
BB0D4A3000
stack
page read and write
69E0000
heap
page read and write
63B000
heap
page read and write
565000
heap
page read and write
E10000
heap
page read and write
133D6FE000
stack
page read and write
306A000
heap
page read and write
20D9000
heap
page read and write
BB0DC7A000
stack
page read and write
CD5000
heap
page read and write
1D25C216000
heap
page read and write
129E1000
trusted library allocation
page read and write
1D25DFB0000
heap
page read and write
7FFD9BB1C000
trusted library allocation
page read and write
BB0DD7F000
stack
page read and write
1BABF000
heap
page read and write
1D25F444000
trusted library allocation
page read and write
4B6E000
stack
page read and write
304F000
heap
page read and write
7FFD9BB20000
trusted library allocation
page read and write
1B96E000
stack
page read and write
1B7ED000
stack
page read and write
4DCE000
stack
page read and write
939CEB9000
stack
page read and write
1D25E60D000
trusted library allocation
page read and write
7FFD9BBE7000
trusted library allocation
page read and write
128D3000
trusted library allocation
page read and write
1C081003000
trusted library allocation
page read and write
20D0000
heap
page read and write
93000
stack
page read and write
2CCF000
trusted library allocation
page read and write
1B917000
stack
page read and write
7FFD9BB36000
trusted library allocation
page read and write
19F5A716000
trusted library allocation
page read and write
133DC3E000
stack
page read and write
CB0000
trusted library allocation
page read and write
1C2FC000
heap
page read and write
3150000
heap
page read and write
24DF000
direct allocation
page read and write
902A07C000
stack
page read and write
7FFD9B9AB000
trusted library allocation
page execute and read and write
BE0000
heap
page read and write
133E789000
stack
page read and write
2CEA000
trusted library allocation
page read and write
7FFD9BA2C000
trusted library allocation
page execute and read and write
7FFD9B970000
trusted library allocation
page read and write
204011D8000
trusted library allocation
page read and write
5BA0000
heap
page read and write
3043000
heap
page read and write
1BA20000
heap
page read and write
654000
heap
page read and write
30A4000
heap
page read and write
3150000
heap
page read and write
62B000
heap
page read and write
7FFD9BA76000
trusted library allocation
page execute and read and write
1B71E000
stack
page read and write
1C3C8000
heap
page read and write
3500000
heap
page read and write
37FF000
stack
page read and write
3059000
heap
page read and write
14CD000
heap
page read and write
1130000
heap
page read and write
133D937000
stack
page read and write
20ED000
direct allocation
page read and write
741F000
heap
page read and write
22C983EF000
trusted library allocation
page read and write
1080000
trusted library allocation
page read and write
5CE000
heap
page read and write
555000
heap
page read and write
9029D79000
stack
page read and write
18C000
stack
page read and write
20401A27000
trusted library allocation
page read and write
5F0000
heap
page read and write
259C000
trusted library allocation
page read and write
BB0DDFD000
stack
page read and write
1C3D5000
heap
page read and write
24F0000
direct allocation
page read and write
86F000
stack
page read and write
590000
heap
page read and write
19F56FC0000
heap
page read and write
1B3C0000
heap
page read and write
1D25C2D0000
heap
page read and write
1B47F000
stack
page read and write
55E000
heap
page read and write
780000
trusted library allocation
page read and write
7FFD9BB40000
trusted library allocation
page read and write
D0A000
heap
page read and write
204013C0000
trusted library allocation
page read and write
D34000
heap
page read and write
853000
unkown
page readonly
22C956F0000
trusted library allocation
page read and write
1B18F000
stack
page read and write
19F56DBA000
heap
page read and write
1B283000
stack
page read and write
1BE3F000
stack
page read and write
7FFD9B974000
trusted library allocation
page read and write
308F000
heap
page read and write
B66C000
stack
page read and write
576000
heap
page read and write
902999D000
unkown
page read and write
72F2000
heap
page read and write
124F1000
trusted library allocation
page read and write
625000
heap
page read and write
3830000
heap
page read and write
1326D000
trusted library allocation
page read and write
7FFD9BB10000
trusted library allocation
page read and write
902A27C000
stack
page read and write
20B3000
heap
page read and write
172F000
stack
page read and write
1C081092000
trusted library allocation
page read and write
821000
unkown
page execute read
3150000
heap
page execute and read and write
7FFD9BB2C000
trusted library allocation
page read and write
19F57000000
trusted library allocation
page read and write
19F56DAD000
heap
page read and write
2E20000
heap
page read and write
3543000
heap
page read and write
1F0000
heap
page read and write
589000
heap
page read and write
EDF000
stack
page read and write
3410000
heap
page read and write
22C9812B000
trusted library allocation
page read and write
405000
unkown
page write copy
304C000
heap
page read and write
1BAB0000
heap
page read and write
583000
heap
page read and write
9029913000
stack
page read and write
7FFD9B9BD000
trusted library allocation
page execute and read and write
2985000
trusted library allocation
page read and write
1C080BF9000
trusted library allocation
page read and write
7FFD9BA50000
trusted library allocation
page read and write
7FFD9B990000
trusted library allocation
page read and write
3601000
heap
page read and write
2A8D000
trusted library allocation
page read and write
7FFD9B9A3000
trusted library allocation
page execute and read and write
2EE0000
heap
page read and write
204019C4000
trusted library allocation
page read and write
BB0D9FB000
stack
page read and write
939D03F000
stack
page read and write
10C0000
trusted library allocation
page read and write
22C95494000
heap
page read and write
30F9000
heap
page read and write
213A000
direct allocation
page read and write
D83000
heap
page read and write
133C0000
trusted library allocation
page read and write
2D2C000
stack
page read and write
1D25C3A0000
trusted library allocation
page read and write
7FFD9BB31000
trusted library allocation
page read and write
22C98D50000
trusted library allocation
page read and write
BD0000
heap
page read and write
1C263000
heap
page read and write
7FFD9BA26000
trusted library allocation
page read and write
7FFD9BB40000
trusted library allocation
page read and write
1508000
heap
page read and write
31E0000
heap
page read and write
20C0000
direct allocation
page execute and read and write
2DAA000
trusted library allocation
page read and write
3940000
heap
page read and write
7FFD9BB3B000
trusted library allocation
page read and write
BB0D8F9000
stack
page read and write
B0AF000
stack
page read and write
1D25C390000
heap
page readonly
3080000
trusted library allocation
page read and write
20E0000
direct allocation
page read and write
7FF4A2BB0000
trusted library allocation
page execute and read and write
85E000
unkown
page write copy
13261000
trusted library allocation
page read and write
58D000
heap
page read and write
7FFD9B9A4000
trusted library allocation
page read and write
1C284000
heap
page read and write
1D25ED3E000
trusted library allocation
page read and write
5CE000
heap
page read and write
5EB000
heap
page read and write
1B590000
heap
page read and write
1B290000
trusted library section
page read and write
57E000
heap
page read and write
7FFD9B99D000
trusted library allocation
page execute and read and write
1BB02000
heap
page read and write
2D26000
stack
page read and write
204018B8000
trusted library allocation
page read and write
700000
heap
page read and write
1AF2D000
stack
page read and write
D1D000
heap
page read and write
22C95654000
heap
page read and write
902ADCE000
stack
page read and write
34D1000
direct allocation
page read and write
F70000
heap
page read and write
1B763000
stack
page read and write
1B38E000
stack
page read and write
133E80D000
stack
page read and write
1B813000
stack
page read and write
11F0000
heap
page read and write
1C242000
heap
page read and write
58E000
heap
page read and write
5BA2000
heap
page read and write
22C986C6000
trusted library allocation
page read and write
7FFD9B97D000
trusted library allocation
page execute and read and write
1D25C3C4000
heap
page read and write
1C3E9000
heap
page read and write
53BF000
stack
page read and write
5260000
heap
page read and write
54A000
heap
page read and write
AF6000
stack
page read and write
22C953F0000
heap
page read and write
2A8A000
trusted library allocation
page read and write
3318000
trusted library allocation
page read and write
55C000
heap
page read and write
19F59C32000
trusted library allocation
page read and write
7FFD9BA46000
trusted library allocation
page read and write
1B42F000
stack
page read and write
41C000
unkown
page readonly
7FFD9BB70000
trusted library allocation
page read and write
1BA6F000
stack
page read and write
C49000
heap
page read and write
7FFD9B9C4000
trusted library allocation
page read and write
50D1000
trusted library allocation
page read and write
5EA000
heap
page read and write
1C081A28000
trusted library allocation
page read and write
1C0819C5000
trusted library allocation
page read and write
1B510000
heap
page execute and read and write
2D48000
stack
page read and write
2DB2000
trusted library allocation
page read and write
4FEE000
heap
page read and write
8A14F79000
stack
page read and write
810000
heap
page read and write
C40000
heap
page read and write
2DA6000
trusted library allocation
page read and write
CE0000
heap
page read and write
20400001000
trusted library allocation
page read and write
CB5000
heap
page read and write
2D30000
stack
page read and write
3322000
trusted library allocation
page read and write
315A000
heap
page read and write
7FFD9BB50000
trusted library allocation
page read and write
883000
unkown
page readonly
129ED000
trusted library allocation
page read and write
BB0D5AF000
stack
page read and write
52BE000
stack
page read and write
1C080DB2000
trusted library allocation
page read and write
939CE37000
stack
page read and write
C45000
heap
page read and write
3152000
heap
page read and write
CEC000
heap
page read and write
1025000
heap
page read and write
DAD000
heap
page read and write
303F000
stack
page read and write
BB0D52F000
unkown
page read and write
22C954AE000
heap
page read and write
3190000
direct allocation
page read and write
53FB000
stack
page read and write
7FFD9BA30000
trusted library allocation
page execute and read and write
608000
heap
page read and write
7FFD9BB53000
trusted library allocation
page read and write
1C37C000
heap
page read and write
1D25F0B1000
trusted library allocation
page read and write
5F0000
heap
page read and write
19F56F40000
heap
page read and write
5008000
heap
page read and write
2FBE000
stack
page read and write
3000000
heap
page read and write
570000
unkown
page readonly
902A0F9000
stack
page read and write
55EE000
stack
page read and write
50EA000
trusted library allocation
page read and write
1D25C253000
heap
page read and write
7FFD9BB64000
trusted library allocation
page read and write
CC3000
heap
page read and write
1BA77000
heap
page read and write
29DF000
stack
page read and write
A1F000
stack
page read and write
7FFD9B990000
trusted library allocation
page read and write
1C080228000
trusted library allocation
page read and write
213E000
direct allocation
page read and write
8A14B7F000
stack
page read and write
22C95541000
heap
page read and write
1B29F000
stack
page read and write
1C34E000
heap
page read and write
22C95774000
heap
page read and write
2D52000
stack
page read and write
AF6000
stack
page read and write
104E000
stack
page read and write
2F30000
heap
page read and write
7FFD9B9A0000
trusted library allocation
page read and write
20400A53000
trusted library allocation
page read and write
306B000
heap
page read and write
22C95670000
trusted library allocation
page read and write
25AE000
trusted library allocation
page read and write
1BA83000
heap
page read and write
821000
unkown
page execute read
71F0000
heap
page read and write
19F588E0000
heap
page execute and read and write
33D0000
heap
page read and write
19F58C91000
trusted library allocation
page read and write
5CE000
heap
page read and write
305C000
heap
page read and write
8A14CFE000
stack
page read and write
22C95690000
trusted library allocation
page read and write
1C0804CE000
trusted library allocation
page read and write
880000
heap
page read and write
20A0000
heap
page read and write
9029F78000
stack
page read and write
2E66000
heap
page read and write
19F59F34000
trusted library allocation
page read and write
1D25C0D0000
heap
page read and write
5B20000
heap
page read and write
30B9000
heap
page read and write
2E90000
heap
page readonly
630000
heap
page read and write
10E0000
heap
page read and write
7B0000
heap
page read and write
7FFD9BB50000
trusted library allocation
page read and write
1C080FA0000
trusted library allocation
page read and write
510000
heap
page read and write
5BA0000
heap
page read and write
19F58D11000
trusted library allocation
page read and write
1B813000
stack
page read and write
401000
unkown
page execute read
1C081121000
trusted library allocation
page read and write
54FC000
stack
page read and write
1C3A4000
heap
page read and write
573000
heap
page read and write
3501000
heap
page read and write
654000
heap
page read and write
1C0810BE000
trusted library allocation
page read and write
20401003000
trusted library allocation
page read and write
7FFD9B9B7000
trusted library allocation
page read and write
8A15C4E000
stack
page read and write
20401122000
trusted library allocation
page read and write
1AE5D000
stack
page read and write
133D4FF000
unkown
page read and write
1D25C310000
heap
page read and write
12A99000
trusted library allocation
page read and write
7FFD9BA56000
trusted library allocation
page execute and read and write
939D0BD000
stack
page read and write
1D25ED46000
trusted library allocation
page read and write
C60000
trusted library allocation
page read and write
2A9F000
trusted library allocation
page read and write
1C373000
heap
page read and write
587000
heap
page read and write
2149000
direct allocation
page read and write
F60000
heap
page read and write
BB0D87F000
stack
page read and write
8059000
heap
page read and write
30BD000
heap
page read and write
654000
heap
page read and write
2040199E000
trusted library allocation
page read and write
1C080A53000
trusted library allocation
page read and write
580000
heap
page read and write
8A14D7B000
stack
page read and write
1D25F1FD000
trusted library allocation
page read and write
30CA000
heap
page read and write
3481000
direct allocation
page read and write
19F56E62000
heap
page read and write
1D25DFC1000
heap
page read and write
4F6000
stack
page read and write
9029EFD000
stack
page read and write
7A0000
trusted library allocation
page read and write
1D25EEAB000
trusted library allocation
page read and write
772E000
stack
page read and write
8A14A73000
stack
page read and write
B3EF000
stack
page read and write
331E000
trusted library allocation
page read and write
404000
unkown
page read and write
297C000
trusted library allocation
page read and write
133D7FD000
stack
page read and write
148A000
heap
page read and write
20401339000
trusted library allocation
page read and write
939CDBE000
stack
page read and write
1B58E000
stack
page read and write
2537000
trusted library allocation
page read and write
3048000
heap
page read and write
20400086000
trusted library allocation
page read and write
305C000
heap
page read and write
30CA000
heap
page read and write
2D1C000
stack
page read and write
305E000
heap
page read and write
7FFD9BA86000
trusted library allocation
page execute and read and write
8A1507F000
stack
page read and write
7FFD9BC40000
trusted library allocation
page read and write
22C95450000
heap
page read and write
215F000
direct allocation
page read and write
19F56FD0000
trusted library allocation
page read and write
297F000
trusted library allocation
page read and write
412000
unkown
page write copy
3157000
heap
page read and write
7FFD9B983000
trusted library allocation
page read and write
30A4000
heap
page read and write
133E68E000
stack
page read and write
7FFD9BB60000
trusted library allocation
page read and write
69F0000
trusted library allocation
page read and write
22C984E1000
trusted library allocation
page read and write
22C98664000
trusted library allocation
page read and write
2A93000
trusted library allocation
page read and write
1C23D000
stack
page read and write
401000
unkown
page execute read
57A000
heap
page read and write
308D000
heap
page read and write
7FFD9BC1C000
trusted library allocation
page read and write
2E2C000
trusted library allocation
page read and write
1C38B000
heap
page read and write
55AE000
stack
page read and write
22C95680000
heap
page readonly
2BBB000
stack
page read and write
19F56D78000
heap
page read and write
19F59F95000
trusted library allocation
page read and write
2150000
direct allocation
page read and write
2900000
heap
page read and write
22C98C79000
trusted library allocation
page read and write
C10000
heap
page read and write
939CCFD000
stack
page read and write
291B000
heap
page read and write
939C7DF000
unkown
page read and write
1B2F0000
trusted library section
page read and write
3020000
heap
page read and write
7FFD9BB3A000
trusted library allocation
page read and write
7FFD9B994000
trusted library allocation
page read and write
2D5A000
stack
page read and write
1D25DF46000
heap
page execute and read and write
1D25F4FF000
trusted library allocation
page read and write
7FFD9B99D000
trusted library allocation
page execute and read and write
1B3AE000
stack
page read and write
133E70E000
stack
page read and write
22C98D5F000
trusted library allocation
page read and write
7D0000
trusted library allocation
page read and write
372F000
stack
page read and write
1D25C1D0000
heap
page read and write
1D25E100000
heap
page execute and read and write
654000
heap
page read and write
2104000
direct allocation
page read and write
4BA0000
heap
page read and write
3062000
heap
page read and write
19F56D00000
heap
page read and write
ADEE000
stack
page read and write
22C9847F000
trusted library allocation
page read and write
7FFD9BB4A000
trusted library allocation
page read and write
7FFD9B982000
trusted library allocation
page read and write
7FFD9BB80000
trusted library allocation
page read and write
939DC0E000
stack
page read and write
5E6000
heap
page read and write
939D13E000
stack
page read and write
400000
unkown
page readonly
22C9851C000
trusted library allocation
page read and write
BFE000
heap
page read and write
59DB000
stack
page read and write
628000
heap
page read and write
9029CFF000
stack
page read and write
7FFD9B9BD000
trusted library allocation
page execute and read and write
133D9B9000
stack
page read and write
573000
heap
page read and write
1D25C330000
heap
page read and write
7FFD9BB70000
trusted library allocation
page read and write
1C93E000
stack
page read and write
654000
heap
page read and write
882000
unkown
page readonly
3543000
heap
page read and write
1C03B000
stack
page read and write
14D0000
heap
page read and write
939CAFE000
stack
page read and write
939CBFE000
stack
page read and write
BF0000
heap
page read and write
5EE000
heap
page read and write
3020000
trusted library allocation
page read and write
B0B0000
heap
page read and write
5E2000
heap
page read and write
3060000
heap
page read and write
22C98E47000
trusted library allocation
page read and write
35EF000
stack
page read and write
7FFD9BB90000
trusted library allocation
page read and write
308F000
heap
page read and write
5D9000
heap
page read and write
7FFD9BBC0000
trusted library allocation
page execute and read and write
7FFD9BC10000
trusted library allocation
page read and write
133D473000
stack
page read and write
19B000
stack
page read and write
7FFD9B993000
trusted library allocation
page read and write
1C325000
heap
page read and write
939D1BB000
stack
page read and write
22C0000
heap
page execute and read and write
1B714000
stack
page read and write
1C24D000
heap
page read and write
25A2000
trusted library allocation
page read and write
7FFD9B983000
trusted library allocation
page execute and read and write
8A14DFD000
stack
page read and write
19F56DB2000
heap
page read and write
2040102F000
trusted library allocation
page read and write
51AF000
heap
page read and write
408000
unkown
page readonly
7E0000
heap
page read and write
91E000
stack
page read and write
7FFD9BBE0000
trusted library allocation
page read and write
69E7000
heap
page read and write
24EE000
stack
page read and write
654000
heap
page read and write
325F000
stack
page read and write
F4E000
stack
page read and write
2DF2000
trusted library allocation
page read and write
1BA26000
heap
page read and write
BB0EB4E000
stack
page read and write
3052000
heap
page read and write
7FFD9BB30000
trusted library allocation
page read and write
A80000
heap
page read and write
3151000
heap
page read and write
587000
heap
page read and write
3352000
heap
page read and write
1D25EF19000
trusted library allocation
page read and write
C50000
heap
page read and write
BB0DEFB000
stack
page read and write
3041000
heap
page read and write
7FFD9B9BB000
trusted library allocation
page execute and read and write
3071000
heap
page read and write
2CF4000
trusted library allocation
page read and write
7FFD9BB50000
trusted library allocation
page read and write
1823000
unkown
page readonly
E14000
heap
page read and write
22C975E7000
trusted library allocation
page read and write
7FFD9B9CC000
trusted library allocation
page execute and read and write
28E0000
trusted library allocation
page read and write
7FFD9BB2E000
trusted library allocation
page read and write
23B0000
direct allocation
page read and write
7CC5000
heap
page read and write
5EA000
heap
page read and write
2121000
direct allocation
page read and write
C1F000
heap
page read and write
19F59DB1000
trusted library allocation
page read and write
7FFD9B99D000
trusted library allocation
page execute and read and write
5CE000
heap
page read and write
30A4000
heap
page read and write
19F5915E000
trusted library allocation
page read and write
146C000
heap
page read and write
85E000
unkown
page read and write
B2EE000
stack
page read and write
31E8000
heap
page read and write
D46000
heap
page read and write
3090000
heap
page read and write
7FFD9BB43000
trusted library allocation
page read and write
3730000
heap
page read and write
2DF4000
trusted library allocation
page read and write
7FFD9B98C000
trusted library allocation
page read and write
7FFD9BB63000
trusted library allocation
page read and write
2990000
trusted library allocation
page read and write
1B61F000
stack
page read and write
C52000
heap
page read and write
1B91E000
stack
page read and write
7FFD9B9EC000
trusted library allocation
page execute and read and write
2E85000
trusted library allocation
page read and write
5F0000
heap
page read and write
1BF3E000
stack
page read and write
4B90000
heap
page read and write
128D1000
trusted library allocation
page read and write
8A14C79000
stack
page read and write
5020000
heap
page read and write
1C03E000
stack
page read and write
22C97264000
heap
page read and write
1C337000
heap
page read and write
13273000
trusted library allocation
page read and write
419000
unkown
page write copy
3046000
heap
page read and write
2166000
direct allocation
page read and write
7FFD9BB6B000
trusted library allocation
page read and write
1AF6D000
stack
page read and write
760000
heap
page read and write
423000
unkown
page readonly
7FFD9BC30000
trusted library allocation
page read and write
3051000
heap
page read and write
2A99000
trusted library allocation
page read and write
3028000
heap
page read and write
57E000
heap
page read and write
14CB000
heap
page read and write
1C2C7000
heap
page read and write
C50000
heap
page read and write
2D37000
stack
page read and write
1C08199F000
trusted library allocation
page read and write
2A9B000
trusted library allocation
page read and write
2DAC000
trusted library allocation
page read and write
7FFD9B973000
trusted library allocation
page execute and read and write
1060000
trusted library allocation
page read and write
1020000
heap
page read and write
C4B000
heap
page read and write
50C000
unkown
page read and write
315A000
heap
page read and write
790000
heap
page read and write
1C39D000
heap
page read and write
BB0E8CE000
stack
page read and write
30B9000
heap
page read and write
882000
unkown
page write copy
5EE000
heap
page read and write
438000
heap
page read and write
2223000
unkown
page readonly
1B270000
trusted library section
page read and write
12989000
trusted library allocation
page read and write
19F5000
heap
page read and write
2C90000
trusted library allocation
page read and write
90299DE000
stack
page read and write
19F5A549000
trusted library allocation
page read and write
1D25C360000
trusted library allocation
page read and write
304B000
heap
page read and write
298B000
trusted library allocation
page read and write
7FFD9BA5C000
trusted library allocation
page execute and read and write
22C95640000
trusted library allocation
page read and write
1466000
heap
page read and write
19F56DF6000
heap
page read and write
531F000
stack
page read and write
667000
heap
page read and write
1D25F316000
trusted library allocation
page read and write
569000
heap
page read and write
1D25F9D3000
trusted library allocation
page read and write
211A000
direct allocation
page read and write
3580000
heap
page read and write
128E1000
trusted library allocation
page read and write
1C081305000
trusted library allocation
page read and write
939CD79000
stack
page read and write
3028000
heap
page read and write
1C31E000
heap
page read and write
521E000
stack
page read and write
35C3000
heap
page read and write
30CA000
heap
page read and write
3580000
heap
page read and write
7FFD9BB4C000
trusted library allocation
page read and write
2DB4000
trusted library allocation
page read and write
654000
heap
page read and write
307E000
stack
page read and write
2C39000
trusted library allocation
page read and write
19F57044000
heap
page read and write
305F000
heap
page read and write
1C0813D8000
trusted library allocation
page read and write
308D000
heap
page read and write
1B48E000
stack
page read and write
1511000
heap
page read and write
8A14BFE000
stack
page read and write
BB0E9C7000
stack
page read and write
25A8000
trusted library allocation
page read and write
430000
heap
page read and write
204010BF000
trusted library allocation
page read and write
3290000
heap
page read and write
1A520000
trusted library allocation
page read and write
19F56DCE000
heap
page read and write
1BA23000
heap
page read and write
3152000
heap
page read and write
1BA20000
heap
page read and write
7FFD9BBA0000
trusted library allocation
page read and write
128DD000
trusted library allocation
page read and write
7FFD9B98D000
trusted library allocation
page execute and read and write
56EF000
stack
page read and write
1BC2E000
stack
page read and write
30B6000
heap
page read and write
D54000
heap
page read and write
1BA98000
heap
page read and write
34B7000
direct allocation
page read and write
2C56000
stack
page read and write
9029FF7000
stack
page read and write
20401306000
trusted library allocation
page read and write
19F588B0000
heap
page execute and read and write
101E000
stack
page read and write
32DE000
stack
page read and write
7FFD9B9A4000
trusted library allocation
page read and write
149F000
heap
page read and write
587000
heap
page read and write
939CC79000
stack
page read and write
1C0811D8000
trusted library allocation
page read and write
22C97380000
heap
page execute and read and write
9029E7B000
stack
page read and write
1C2DB000
heap
page read and write
3042000
heap
page read and write
509000
unkown
page read and write
B42E000
stack
page read and write
2AA0000
heap
page execute and read and write
1D25ED36000
trusted library allocation
page read and write
7FFD9BA40000
trusted library allocation
page read and write
3063000
heap
page read and write
7FFD9BBEB000
trusted library allocation
page read and write
50E0000
heap
page read and write
1C13D000
stack
page read and write
13271000
trusted library allocation
page read and write
1C0812A4000
trusted library allocation
page read and write
5BA0000
heap
page read and write
2991000
trusted library allocation
page read and write
1D25C20C000
heap
page read and write
2F20000
heap
page read and write
20400DDC000
trusted library allocation
page read and write
303D000
heap
page read and write
19F5A068000
trusted library allocation
page read and write
F1E000
stack
page read and write
331B000
trusted library allocation
page read and write
13268000
trusted library allocation
page read and write
3152000
heap
page read and write
20E6000
direct allocation
page read and write
20F5000
direct allocation
page read and write
133DA3E000
stack
page read and write
8A14E79000
stack
page read and write
22C95462000
heap
page read and write
8A14AFF000
unkown
page read and write
5F20000
direct allocation
page read and write
50C000
unkown
page write copy
1D25F260000
trusted library allocation
page read and write
58A000
heap
page read and write
2ABB000
stack
page read and write
7FFD9BB60000
trusted library allocation
page read and write
CF1000
heap
page read and write
2C43000
trusted library allocation
page read and write
2605000
direct allocation
page read and write
9029DFE000
stack
page read and write
44A000
heap
page read and write
2CB5000
trusted library allocation
page read and write
1BA9F000
heap
page read and write
3310000
direct allocation
page read and write
7FFD9BAB1000
trusted library allocation
page execute and read and write
1C240000
heap
page read and write
22C9816E000
trusted library allocation
page read and write
3042000
heap
page read and write
7FFD9BC20000
trusted library allocation
page read and write
7FFD9B983000
trusted library allocation
page execute and read and write
9E0000
heap
page read and write
720000
heap
page read and write
1B320000
heap
page read and write
133DBBD000
stack
page read and write
512000
unkown
page readonly
600000
heap
page read and write
BB0D97E000
stack
page read and write
B2AF000
stack
page read and write
1B2D0000
trusted library section
page read and write
3605000
heap
page read and write
51DF000
stack
page read and write
2F12000
trusted library allocation
page read and write
7FFD9BC50000
trusted library allocation
page read and write
3580000
heap
page read and write
6DE000
unkown
page readonly
585000
heap
page read and write
31FE000
stack
page read and write
8A15ECC000
stack
page read and write
939CF38000
stack
page read and write
19F59CBF000
trusted library allocation
page read and write
1BAE1000
heap
page read and write
339E000
stack
page read and write
7F0000
heap
page read and write
7FFD9BA4C000
trusted library allocation
page execute and read and write
1B5CE000
stack
page read and write
19F56D10000
heap
page read and write
5D9000
heap
page read and write
7FFD9BB61000
trusted library allocation
page read and write
5D1000
heap
page read and write
7FFD9BBB0000
trusted library allocation
page execute and read and write
34BF000
direct allocation
page read and write
BB0D5EE000
stack
page read and write
1AA8C000
stack
page read and write
1B56F000
stack
page read and write
19F58EB8000
trusted library allocation
page read and write
5BA2000
heap
page read and write
5A20000
heap
page read and write
1C2B3000
heap
page read and write
2D6A000
trusted library allocation
page read and write
3021000
heap
page read and write
BB0EA4D000
stack
page read and write
308D000
heap
page read and write
AE9E000
stack
page read and write
7FFD9BB30000
trusted library allocation
page read and write
207E000
stack
page read and write
19F56DBC000
heap
page read and write
4B00000
heap
page read and write
8A14EF7000
stack
page read and write
1B08F000
stack
page read and write
19F56D30000
heap
page read and write
1D25E141000
trusted library allocation
page read and write
2DAE000
trusted library allocation
page read and write
2EC2000
trusted library allocation
page read and write
2E30000
heap
page read and write
19F59889000
trusted library allocation
page read and write
1830000
heap
page read and write
259F000
trusted library allocation
page read and write
32F9000
heap
page read and write
2137000
direct allocation
page read and write
1B66F000
stack
page read and write
20D5000
heap
page read and write
72F5000
heap
page read and write
19F59D4E000
trusted library allocation
page read and write
133D57F000
stack
page read and write
22C953C0000
heap
page read and write
501000
unkown
page read and write
31A0000
direct allocation
page read and write
400000
unkown
page readonly
12AB1000
trusted library allocation
page read and write
7FFD9B99B000
trusted library allocation
page execute and read and write
5DB000
heap
page read and write
7FFD9BAC0000
trusted library allocation
page execute and read and write
129E3000
trusted library allocation
page read and write
1C0818B9000
trusted library allocation
page read and write
2D70000
trusted library allocation
page read and write
B56C000
stack
page read and write
5D9000
heap
page read and write
569000
heap
page read and write
20400F92000
trusted library allocation
page read and write
8A151FE000
stack
page read and write
3190000
direct allocation
page read and write
2DA8000
trusted library allocation
page read and write
1A900000
trusted library allocation
page read and write
2F7E000
stack
page read and write
28CE000
stack
page read and write
30F8000
heap
page read and write
22C956E0000
heap
page execute and read and write
315A000
heap
page read and write
538000
heap
page read and write
7F4000
heap
page read and write
1D25C1D8000
heap
page read and write
19F0000
heap
page read and write
1D25DF40000
heap
page execute and read and write
1D25C22C000
heap
page read and write
2C23000
unkown
page readonly
1AAE0000
trusted library allocation
page read and write
7FFD9B9CD000
trusted library allocation
page execute and read and write
1C081A86000
trusted library allocation
page read and write
530000
heap
page read and write
3051000
heap
page read and write
1C3E6000
heap
page read and write
133E90E000
stack
page read and write
1C2E6000
heap
page read and write
6B2000
heap
page read and write
182E000
stack
page read and write
1B280000
trusted library section
page read and write
1C30F000
heap
page read and write
34D8000
direct allocation
page read and write
5F0000
heap
page read and write
BEC000
heap
page read and write
650000
heap
page read and write
31A0000
direct allocation
page read and write
19F5A5EF000
trusted library allocation
page read and write
315A000
heap
page read and write
E23000
unkown
page readonly
7FFD9B9B0000
trusted library allocation
page read and write
7FFD9BB4B000
trusted library allocation
page read and write
2A80000
trusted library section
page read and write
9B000
stack
page read and write
580000
heap
page read and write
19F5A050000
trusted library allocation
page read and write
5ADC000
stack
page read and write
C80000
trusted library allocation
page read and write
A85000
heap
page read and write
1C0813C0000
trusted library allocation
page read and write
7FFD9B9DC000
trusted library allocation
page execute and read and write
5E6000
heap
page read and write
305D000
heap
page read and write
7FFD9B9DC000
trusted library allocation
page execute and read and write
1D25E130000
heap
page execute and read and write
1420000
heap
page read and write
7FFD9B9A0000
trusted library allocation
page read and write
76EE000
stack
page read and write
13263000
trusted library allocation
page read and write
BB0EACC000
stack
page read and write
22C95430000
heap
page read and write
1D25DEE0000
trusted library allocation
page read and write
3491000
direct allocation
page read and write
3151000
heap
page read and write
69E1000
heap
page read and write
1D25E1B2000
trusted library allocation
page read and write
2128000
direct allocation
page read and write
7FFD9B972000
trusted library allocation
page read and write
5210000
trusted library allocation
page read and write
1135000
heap
page read and write
31EB000
heap
page read and write
31CE000
stack
page read and write
5D3000
heap
page read and write
1D25C20E000
heap
page read and write
8A15CCD000
stack
page read and write
7FFD9B993000
trusted library allocation
page execute and read and write
1B460000
heap
page execute and read and write
30BF000
heap
page read and write
AFAE000
stack
page read and write
902AF4C000
stack
page read and write
1D25F16E000
trusted library allocation
page read and write
5EA000
heap
page read and write
129F1000
trusted library allocation
page read and write
3152000
heap
page read and write
20B0000
heap
page read and write
3050000
heap
page read and write
3415000
heap
page read and write
7FFD9BB33000
trusted library allocation
page read and write
740000
heap
page read and write
2158000
direct allocation
page read and write
1BAC5000
heap
page read and write
1D25FA94000
trusted library allocation
page read and write
30C7000
heap
page read and write
782E000
stack
page read and write
C21000
heap
page read and write
30B5000
heap
page read and write
1D25F9AC000
trusted library allocation
page read and write
20401161000
trusted library allocation
page read and write
1BAE6000
heap
page read and write
3008000
heap
page read and write
3601000
heap
page read and write
1B290000
trusted library allocation
page read and write
3153000
heap
page read and write
CC1000
heap
page read and write
620000
heap
page read and write
7FFD9B994000
trusted library allocation
page read and write
2DB0000
heap
page read and write
7FFD9B98D000
trusted library allocation
page execute and read and write
1D25C212000
heap
page read and write
BB0DAF8000
stack
page read and write
654000
heap
page read and write
7FE3D000
direct allocation
page read and write
19F57040000
heap
page read and write
7FFD9BB3C000
trusted library allocation
page read and write
BB0DA7E000
stack
page read and write
308F000
heap
page read and write
8A15D4E000
stack
page read and write
19F59899000
trusted library allocation
page read and write
9029C7E000
stack
page read and write
7FFD9B99D000
trusted library allocation
page execute and read and write
2F35000
heap
page read and write
30B8000
heap
page read and write
6BC000
heap
page read and write
72F4000
heap
page read and write
22C97E13000
trusted library allocation
page read and write
311F000
heap
page read and write
7FFD9BBD0000
trusted library allocation
page execute and read and write
55A000
heap
page read and write
1C080EF0000
trusted library allocation
page read and write
7FFD9B980000
trusted library allocation
page read and write
AEA0000
heap
page read and write
597000
heap
page read and write
7FFD9BA90000
trusted library allocation
page execute and read and write
519000
unkown
page readonly
1D25F142000
trusted library allocation
page read and write
7FFD9B9AD000
trusted library allocation
page execute and read and write
1C133000
stack
page read and write
19F5A655000
trusted library allocation
page read and write
3049000
heap
page read and write
1D25F8C7000
trusted library allocation
page read and write
CD0000
heap
page execute and read and write
1D25C1B0000
heap
page read and write
124F8000
trusted library allocation
page read and write
1C080D77000
trusted library allocation
page read and write
7FFD9BB50000
trusted library allocation
page read and write
BB0DE7F000
stack
page read and write
530000
heap
page read and write
7FFD9BAA5000
trusted library allocation
page execute and read and write
591000
heap
page read and write
1D25F1D1000
trusted library allocation
page read and write
3609000
heap
page read and write
820000
unkown
page readonly
19F587F0000
trusted library allocation
page read and write
864000
unkown
page read and write
1430000
heap
page read and write
19F59C93000
trusted library allocation
page read and write
2D6E000
trusted library allocation
page read and write
5EA000
heap
page read and write
2DB0000
trusted library allocation
page read and write
C20000
heap
page read and write
C8C000
heap
page read and write
7FFD9B9FC000
trusted library allocation
page execute and read and write
7FFD9BAAF000
trusted library allocation
page execute and read and write
CBC000
heap
page read and write
58D000
heap
page read and write
9A6000
stack
page read and write
133DB3C000
stack
page read and write
C80000
heap
page read and write
654000
heap
page read and write
22C97447000
trusted library allocation
page read and write
7FFD9BB20000
trusted library allocation
page read and write
133DABE000
stack
page read and write
7FFD9B993000
trusted library allocation
page read and write
51E000
unkown
page readonly
7FFD9B9CB000
trusted library allocation
page execute and read and write
DE0000
trusted library allocation
page read and write
7FFD9B9B4000
trusted library allocation
page read and write
3320000
heap
page read and write
1C29E000
heap
page read and write
5E3000
heap
page read and write
3060000
heap
page read and write
1C140000
heap
page read and write
2900000
heap
page read and write
5D9000
heap
page read and write
7FFD9BB43000
trusted library allocation
page read and write
572000
unkown
page readonly
129E8000
trusted library allocation
page read and write
424000
unkown
page readonly
2113000
direct allocation
page read and write
5CE000
heap
page read and write
7FFD9BA20000
trusted library allocation
page read and write
1D25F3E3000
trusted library allocation
page read and write
417000
unkown
page read and write
B7BD000
stack
page read and write
19F5A62E000
trusted library allocation
page read and write
22C986C8000
trusted library allocation
page read and write
559000
heap
page read and write
C55000
heap
page read and write
654000
heap
page read and write
7FFD9B9A3000
trusted library allocation
page read and write
19F56FB0000
heap
page readonly
7FFD9BB40000
trusted library allocation
page read and write
7FFD9B9C0000
trusted library allocation
page read and write
939DC87000
stack
page read and write
7FFD9BB33000
trusted library allocation
page read and write
30CE000
heap
page read and write
231E000
stack
page read and write
56D000
heap
page read and write
1B300000
trusted library section
page read and write
22C95720000
trusted library allocation
page read and write
7FFD9BA66000
trusted library allocation
page execute and read and write
8A15DC6000
stack
page read and write
2DF6000
trusted library allocation
page read and write
22C95650000
heap
page read and write
5CE000
heap
page read and write
22C9548E000
heap
page read and write
210C000
direct allocation
page read and write
3098000
heap
page read and write
304D000
heap
page read and write
589E000
stack
page read and write
22C986F9000
trusted library allocation
page read and write
654000
heap
page read and write
7FFD9BC02000
trusted library allocation
page read and write
7FFD9B9AD000
trusted library allocation
page execute and read and write
38FF000
stack
page read and write
1CBDB000
stack
page read and write
DDE000
stack
page read and write
1B4CF000
stack
page read and write
2D43000
stack
page read and write
75EE000
stack
page read and write
5E6000
heap
page read and write
9B000
stack
page read and write
578000
heap
page read and write
654000
heap
page read and write
939CFBE000
stack
page read and write
1460000
heap
page read and write
7FFD9BB40000
trusted library allocation
page read and write
22C954D9000
heap
page read and write
124FD000
trusted library allocation
page read and write
19F58940000
heap
page read and write
7FFD9BB60000
trusted library allocation
page read and write
7FFD9BAAA000
trusted library allocation
page execute and read and write
20400D6F000
trusted library allocation
page read and write
1C080F9A000
trusted library allocation
page read and write
760000
heap
page read and write
22C98DE8000
trusted library allocation
page read and write
902AE47000
stack
page read and write
20400228000
trusted library allocation
page read and write
7FFD9BB43000
trusted library allocation
page read and write
133D67A000
stack
page read and write
1BAD7000
heap
page read and write
C86000
heap
page read and write
8A14FFE000
stack
page read and write
19F59D22000
trusted library allocation
page read and write
2142000
direct allocation
page read and write
22C95492000
heap
page read and write
7FFD9BA36000
trusted library allocation
page read and write
D1B000
heap
page read and write
3046000
heap
page read and write
3066000
heap
page read and write
1D25EB91000
trusted library allocation
page read and write
7FFD9BAB0000
trusted library allocation
page execute and read and write
19F59E68000
trusted library allocation
page read and write
13319000
trusted library allocation
page read and write
133E88C000
stack
page read and write
7FFD9BB2B000
trusted library allocation
page read and write
BB0E94E000
stack
page read and write
22C973B0000
heap
page read and write
133D777000
stack
page read and write
30F9000
heap
page read and write
22C98D85000
trusted library allocation
page read and write
7FFD9B9AD000
trusted library allocation
page execute and read and write
592000
heap
page read and write
76E000
stack
page read and write
2B3E000
trusted library allocation
page read and write
3061000
heap
page read and write
1B86E000
stack
page read and write
1494000
heap
page read and write
5DD000
heap
page read and write
7FFD9BAA0000
trusted library allocation
page execute and read and write
22C973C1000
trusted library allocation
page read and write
1C080086000
trusted library allocation
page read and write
20401A86000
trusted library allocation
page read and write
412000
unkown
page read and write
30CA000
heap
page read and write
1B430000
trusted library section
page read and write
1C2BB000
heap
page read and write
10D0000
heap
page execute and read and write
8A1527B000
stack
page read and write
3051000
heap
page read and write
5BA0000
heap
page read and write
128D8000
trusted library allocation
page read and write
BB0DBF9000
stack
page read and write
30F7000
heap
page read and write
124F3000
trusted library allocation
page read and write
20401211000
trusted library allocation
page read and write
41F000
unkown
page readonly
902AD4E000
stack
page read and write
7FFD9BA56000
trusted library allocation
page read and write
565000
heap
page read and write
34B0000
direct allocation
page read and write
2DA4000
trusted library allocation
page read and write
BB0DCFE000
stack
page read and write
204012A4000
trusted library allocation
page read and write
770000
heap
page read and write
2DF0000
trusted library allocation
page read and write
5E6000
heap
page read and write
7FFD9B98D000
trusted library allocation
page execute and read and write
654000
heap
page read and write
133D8BE000
stack
page read and write
8A150FC000
stack
page read and write
204004CE000
trusted library allocation
page read and write
2DF8000
trusted library allocation
page read and write
23E0000
heap
page read and write
3053000
heap
page read and write
599F000
stack
page read and write
3040000
trusted library allocation
page read and write
4FEE000
heap
page read and write
7FFD9B998000
trusted library allocation
page read and write
7FFD9BC35000
trusted library allocation
page read and write
1BA15000
stack
page read and write
32F0000
heap
page read and write
CB0000
heap
page read and write
1C080001000
trusted library allocation
page read and write
939DE0E000
stack
page read and write
1B39F000
stack
page read and write
7FFD9BB2C000
trusted library allocation
page read and write
2D68000
trusted library allocation
page read and write
133D5FF000
stack
page read and write
30A4000
heap
page read and write
1C440000
heap
page read and write
19F59C28000
trusted library allocation
page read and write
72F0000
heap
page read and write
8A15F4E000
stack
page read and write
22C98598000
trusted library allocation
page read and write
820000
unkown
page readonly
315A000
heap
page read and write
1C35B000
heap
page read and write
8A15E49000
stack
page read and write
902A1FF000
stack
page read and write
5EF000
heap
page read and write
7FFD9BA3C000
trusted library allocation
page execute and read and write
22C95770000
heap
page read and write
22C9549C000
heap
page read and write
7FE41000
direct allocation
page read and write
815000
heap
page read and write
2D6C000
trusted library allocation
page read and write
C9C000
heap
page read and write
54D000
heap
page read and write
22C954D5000
heap
page read and write
4ECE000
stack
page read and write
304D000
heap
page read and write
22C98453000
trusted library allocation
page read and write
939DD0E000
stack
page read and write
10A0000
heap
page execute and read and write
22C983C3000
trusted library allocation
page read and write
669000
heap
page read and write
125A9000
trusted library allocation
page read and write
7FFD9B9B3000
trusted library allocation
page read and write
902A37B000
stack
page read and write
308F000
heap
page read and write
22C953D0000
heap
page read and write
7FFD9BB30000
trusted library allocation
page read and write
1BD3E000
stack
page read and write
7FFD9BBF0000
trusted library allocation
page read and write
8A1517C000
stack
page read and write
1C08102F000
trusted library allocation
page read and write
654000
heap
page read and write
133DCBC000
stack
page read and write
1C267000
heap
page read and write
7FFD9BAA0000
trusted library allocation
page execute and read and write
1D25C334000
heap
page read and write
303E000
heap
page read and write
7FFD9B9AC000
trusted library allocation
page read and write
5E6000
heap
page read and write
C00000
heap
page read and write
1BF34000
stack
page read and write
2E60000
heap
page read and write
19F58920000
trusted library allocation
page read and write
22C9835E000
trusted library allocation
page read and write
552000
heap
page read and write
5BA0000
heap
page read and write
7FFD9B9BC000
trusted library allocation
page read and write
58E000
heap
page read and write
1D25C210000
heap
page read and write
2130000
direct allocation
page read and write
1BE3D000
stack
page read and write
1BC30000
heap
page execute and read and write
1D25C3C0000
heap
page read and write
3580000
heap
page read and write
20401093000
trusted library allocation
page read and write
1AA10000
trusted library allocation
page read and write
1BAA3000
heap
page read and write
1BA1E000
stack
page read and write
61B000
heap
page read and write
22C9788E000
trusted library allocation
page read and write
939DB8E000
stack
page read and write
7FFD9BA60000
trusted library allocation
page execute and read and write
4AEF000
stack
page read and write
1D25C380000
trusted library allocation
page read and write
5E1000
heap
page read and write
20FC000
direct allocation
page read and write
5E1000
heap
page read and write
ADAE000
stack
page read and write
E00000
trusted library allocation
page read and write
939DD8C000
stack
page read and write
1425000
heap
page read and write
1AF80000
heap
page read and write
1D25C218000
heap
page read and write
1400000
heap
page read and write
7FFD9BA66000
trusted library allocation
page execute and read and write
7FFD9BA36000
trusted library allocation
page read and write
640000
heap
page read and write
939CA7E000
stack
page read and write
7FFD9B984000
trusted library allocation
page read and write
7FD30000
direct allocation
page read and write
19F56FA0000
trusted library allocation
page read and write
2DA2000
trusted library allocation
page read and write
3066000
heap
page read and write
12501000
trusted library allocation
page read and write
7FFD9B99C000
trusted library allocation
page read and write
22C97FC5000
trusted library allocation
page read and write
902A17E000
stack
page read and write
19F56F80000
trusted library allocation
page read and write
7FFD9B99C000
trusted library allocation
page read and write
654000
heap
page read and write
19C000
stack
page read and write
2F24000
heap
page read and write
BB0DB76000
stack
page read and write
30D9000
heap
page read and write
1D25DEB0000
trusted library allocation
page read and write
591000
heap
page read and write
1AECF000
stack
page read and write
654000
heap
page read and write
28F0000
heap
page read and write
315A000
heap
page read and write
1D25C257000
heap
page read and write
11B6000
stack
page read and write
3315000
trusted library allocation
page read and write
1C332000
heap
page read and write
54AE000
stack
page read and write
22C98798000
trusted library allocation
page read and write
2145000
direct allocation
page read and write
570000
unkown
page readonly
25B1000
trusted library allocation
page read and write
There are 1294 hidden memdumps, click here to show them.