IOC Report
7Y18r(14).exe

loading gif

Files

File Path
Type
Category
Malicious
7Y18r(14).exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Program Files (x86)\AutoIt3\Examples\Helpfile\Extras\MyProg.exe
MS-DOS executable PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files\7-Zip\Uninstall.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\753F.exe
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\B552.exe
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\ExtractedVenom\g2m.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\ExtractedVenom\runvm.bat
DOS batch file, ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Temp\ExtractedVenom\vm.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\F6D9.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\IXDaI.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\rentry-script.ps1
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyStartupScript.vbs
ASCII text, with CRLF line terminators
modified
 malicious
C:\Users\user\AppData\Roaming\ftejced
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\ftejced:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_IXDaI.exe_608deba89d493f51917f2e2f2e64431295b61_d6b2a92d_a71deb28-b74a-4c69-9242-bcc348634ffa\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_lm.exe_c61e40594a1409babe66f8b377aac18216c95_5fe582ea_62e495da-7860-476e-93aa-32e866fd8ce5\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vm.exe_cc123a61b5ef7992db71cfc53434ac4432f88368_19c5d0bb_2539ab57-2f04-406f-bc3c-3a4864c6ad7d\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2CE2.tmp.dmp
Mini DuMP crash report, 14 streams, Wed Jul 24 17:55:16 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2E3B.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2E6B.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER506E.tmp.dmp
Mini DuMP crash report, 14 streams, Wed Jul 24 17:57:36 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5292.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER52D2.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER62CD.tmp.dmp
Mini DuMP crash report, 15 streams, Wed Jul 24 17:57:41 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER63F7.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6427.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\753F.exe.log
CSV text
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\vm.exe.log
ASCII text, with CRLF line terminators
modified
C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Windows\Explorer\NotifyIcon\Microsoft.Explorer.Notification.{88B8C382-1A26-F976-8F93-4F607D4F11B3}.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k1[1].rar
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k1[2].rar
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k2[1].rar
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k3[1].rar
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k4[1].rar
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\Q8X2NUFH\k5[1].rar
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
dropped
C:\Users\user\AppData\Local\Temp\02DD5A3F.exe
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\3FF9770D.exe
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\47F11985.exe
ASCII text
modified
C:\Users\user\AppData\Local\Temp\4CAE0F08.exe
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\666819F5.exe
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\740D5605.exe
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\7760095b.bat
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\ExtractedLumma\data.bin
data
dropped
C:\Users\user\AppData\Local\Temp\ExtractedLumma\run.bat
DOS batch file, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\ExtractedVenom\data.bin
data
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dwvtgaet.uft.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hnrcxkxp.2n0.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jm4hxg24.ta1.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qase4wks.3lz.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xj2mwzl1.03l.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zkuzqpgv.rbl.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\lumma.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Users\user\AppData\Local\Temp\venom.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Users\user\AppData\Local\Temp\{13F86EBE-5A0C-4E70-8D68-55A07A8CE44C}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\{2C4EDB85-9C37-4123-AEB5-E5F69A5070D9}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\{8069E4B2-8AC2-42AB-A302-D386C8F7446B}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\{816DBFA2-37EF-48CA-81EF-C8D4760A42C3}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\{90B967A7-2931-4F6E-8D27-0FE70883BFCE}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\{C16C90C5-330B-45BC-A499-31106BAD28D9}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\{D3CD3048-0877-4280-A1E8-DA25C7442B6A}.png
PNG image data, 306 x 306, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Roaming\MyData\DataLogs.conf
ASCII text
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 59 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\7Y18r(14).exe
"C:\Users\user\Desktop\7Y18r(14).exe"
 malicious
C:\Users\user\AppData\Local\Temp\IXDaI.exe
C:\Users\user\AppData\Local\Temp\IXDaI.exe
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\ftejced
C:\Users\user\AppData\Roaming\ftejced
 malicious
C:\Users\user\AppData\Local\Temp\IXDaI.exe
C:\Users\user\AppData\Local\Temp\IXDaI.exe
 malicious
C:\Users\user\AppData\Local\Temp\F6D9.exe
C:\Users\user\AppData\Local\Temp\F6D9.exe
 malicious
C:\Users\user\AppData\Local\Temp\B552.exe
C:\Users\user\AppData\Local\Temp\B552.exe
 malicious
C:\Users\user\AppData\Local\Temp\753F.exe
C:\Users\user\AppData\Local\Temp\753F.exe
 malicious
C:\Users\user\AppData\Local\Temp\753F.exe
"C:\Users\user\AppData\Local\Temp\753F.exe" -HOSTRUNAS
malicious
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1"
malicious
C:\Users\user\AppData\Local\Temp\ExtractedVenom\vm.exe
"vm.exe"
malicious
C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exe
"lm.exe"
malicious
C:\Windows\System32\wscript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyStartupScript.vbs"
malicious
C:\Users\user\AppData\Local\Temp\ExtractedVenom\vm.exe
"vm.exe"
malicious
C:\Users\user\AppData\Local\Temp\F6D9.exe
"C:\Users\user\AppData\Local\Temp\F6D9.exe"
malicious
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7516 -s 1536
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\7760095b.bat" "
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\cmd.exe
"C:\Windows\system32\cmd.exe" /c C:\Users\user\AppData\Local\Temp\ExtractedVenom\runvm.bat
C:\Windows\System32\cmd.exe
"C:\Windows\system32\cmd.exe" /c C:\Users\user\AppData\Local\Temp\ExtractedLumma\run.bat
C:\Windows\System32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\ExtractedVenom\runvm.bat" "
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5776 -s 1124
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7864 -s 628
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 18 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://gebeus.ru/tmp/index.php
malicious
callosallsaospz.shop
malicious
http://cx5519.com/tmp/index.php
malicious
http://ddos.dnsnb8.net:799/cj//k1.rar
44.221.84.105
 malicious
liernessfornicsa.shop
malicious
http://evilos.cc/tmp/index.php
malicious
https://107.173.160.139/
107.173.160.139
 malicious
shepherdlyopzc.shop
malicious
upknittsoappz.shop
malicious
https://mussangroup.com/wp-content/images/pic1.jpg
185.149.100.242
 malicious
unseaffarignsk.shop
malicious
https://107.173.160.137/
107.173.160.137
 malicious
lariatedzugspd.shop
malicious
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://wns.windows.com/bat
unknown
http://www.activestate.comHolger
unknown
http://ddos.dnsnb8.net:799/cj//k3.rar
44.221.84.105
https://api.msn.com:443/v1/news/Feed/Windows?
unknown
http://ocsps.ssl.com0?
unknown
http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt0
unknown
https://liernessfornicsa.shop/8
unknown
https://www.msn.com/en-us/news/politics/california-workers-will-get-five-sick-days-instead-of-three-
unknown
http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
unknown
https://www.msn.com/en-us/news/crime/bar-fight-leaves-man-in-critical-condition-suspect-arrested-in-
unknown
https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip
31.14.70.245
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppin
unknown
https://contile-images.services.mozilla.com/5b4DH7KHAf2n_mNaLjNi1-UAoKmM9rhqaA9w7FyznHo.10943.jpg
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&ci=1696497267574.12791&key=1696497267400700
unknown
https://www.msn.com/en-us/money/companies/legacy-park-auction-canceled-liquidation-proposed-here-s-w
unknown
https://nuget.org/nuget.exe
unknown
http://ocsps.ssl.com0_
unknown
http://www.spaceblue.com
unknown
https://callosallsaospz.shop/api1
unknown
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&ci=1696497267574.12791&key=1696497267400700002.1&cta
unknown
http://www.develop.comDeepak
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
https://rentry.co
unknown
http://www.oberhumer.com
unknown
https://assets.msn.com/weathermapdata/1/static/weather/taskbar/animation/WeatherInsights/WeatherInsi
unknown
http://www.autoitscript.com/autoit3/J
unknown
https://aka.ms/winsvr-2022-pshelp
unknown
http://pesterbdd.com/images/Pester.png
unknown
http://schemas.xmlsoap.org/soap/encoding/
unknown
https://store4.gofile.io
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
https://www.msn.com/en-us/money/realestate/my-husband-and-i-paid-off-our-mortgage-more-than-15-years
unknown
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
unknown
http://www.activestate.com
unknown
https://contoso.com/Icon
unknown
http://%s:%d/%s/%sZwQuerySystemInformationntdll.dllNtSystemDebugControlSeDebugPrivilege%s%.8x.bat:DE
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13fcaT-dark
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://crl.rootca1.amazontrust.com/rootca1.crl0
unknown
http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
unknown
https://api.msn.com/v1/news/Feed/Windows?activityId=C2BB6DDCE8D847D6B779FE8AEC27D161&timeOut=5000&oc
unknown
https://www.ecosia.org/newtab/
unknown
https://liernessfornicsa.shop/fD
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://word.office.com576
unknown
https://github.com/Pester/Pester
unknown
http://www.spaceblue.comMathias
unknown
http://ddos.dnsnb8.net:799/cj//k5.rar
44.221.84.105
http://www.lua.org
unknown
https://android.notify.windows.com/iOS
unknown
https://store4.gofile.io/download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip
31.14.70.245
http://schemas.xmlsoap.org/wsdl/
unknown
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/MostlyClearNight.svg
unknown
https://liernessfornicsa.shop/_
unknown
http://ddos.dnsnb8.net:799/cj//k3.rarB
unknown
https://api.msn.com/$
unknown
http://ddos.dnsnb8.net:799/cj//k3.rar6
unknown
https://callosallsaospz.shop/
unknown
https://liernessfornicsa.shop/g
unknown
https://api.msn.com/v1/news/Feed/Windows?
unknown
http://html4/loose.dtd
unknown
https://callosallsaospz.shop/api
188.114.96.3
http://www.scintilla.org/scite.rng
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13fcaT
unknown
https://www.msn.com/en-us/health/wellness/7-secrets-to-a-happy-old-age-backed-by-science/ss-AA1hwpvW
unknown
https://www.marriott.com/default.mi?utm_source=admarketplace&utm_medium=cpc&utm_campaign=Marriott_Pr
unknown
https://rentry.co/microgods/raw
104.26.3.16
https://contoso.com/License
unknown
https://liernessfornicsa.shop/api(
unknown
http://cert.ssl.com/SSL.com-timeStamping-I-RSA-R1.cer0Q
unknown
http://ocsps.ssl.com0
unknown
http://store4.gofile.io
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://ddos.dnsnb8.net:799/cj//k4.rarO
unknown
https://www.msn.com/en-us/money/careersandeducation/student-loan-debt-forgiveness-arrives-for-some-b
unknown
http://ddos.dnsnb8.net:799/cj//k2.rar
44.221.84.105
http://.css
unknown
http://schemas.micro
unknown
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/recordhigh.svg
unknown
http://www.baanboard.comBrendon
unknown
https://www.smartsharesystems.com/
unknown
http://www.scintilla.org
unknown
http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
funrecipebooks.com
162.0.235.84
 malicious
evilos.cc
127.0.0.127
 malicious
gebeus.ru
189.165.133.52
 malicious
rentry.co
104.26.3.16
 malicious
liernessfornicsa.shop
172.67.213.85
 malicious
mussangroup.com
185.149.100.242
 malicious
callosallsaospz.shop
188.114.96.3
 malicious
bg.microsoft.map.fastly.net
199.232.214.172
store4.gofile.io
31.14.70.245
ddos.dnsnb8.net
44.221.84.105

IPs

IP
Domain
Country
Malicious
77.221.157.163
unknown
Russian Federation
malicious
107.173.160.139
unknown
United States
malicious
107.173.160.137
unknown
United States
malicious
172.67.213.85
liernessfornicsa.shop
United States
malicious
211.168.53.110
unknown
Korea Republic of
malicious
162.0.235.84
funrecipebooks.com
Canada
malicious
64.190.113.113
unknown
United States
malicious
127.0.0.127
evilos.cc
unknown
malicious
94.156.79.190
unknown
Bulgaria
malicious
104.26.3.16
rentry.co
United States
malicious
189.165.133.52
gebeus.ru
Mexico
malicious
167.235.128.153
unknown
United States
malicious
188.114.96.3
callosallsaospz.shop
European Union
malicious
193.222.96.24
unknown
Germany
malicious
185.149.100.242
mussangroup.com
Turkey
malicious
44.221.84.105
ddos.dnsnb8.net
United States
31.14.70.245
store4.gofile.io
Virgin Islands (BRITISH)
There are 7 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Update#6110_8yUscnjrUY
 malicious
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
ProgramId
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
FileId
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
LowerCaseLongPath
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
LongPathHash
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
Name
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
OriginalFileName
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
Publisher
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
Version
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
BinFileVersion
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
BinaryType
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
ProductName
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
ProductVersion
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
LinkDate
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
BinProductVersion
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
AppxPackageFullName
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
AppxPackageRelativeId
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
Size
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
Language
\REGISTRY\A\{9edb790d-2a57-1861-2cb7-0f6f89b6bfa2}\Root\InventoryApplicationFile\ixdai.exe|f824d9441aabe7bb
Usn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{5985FC23-2588-4D9A-B38B-7E7AFFAB3155} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000F0244
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020212
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000B0084
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@explorerframe.dll,-13137
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@explorerframe.dll,-13138
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020134
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{9E04CAB2-CC14-11DF-BB8C-A2F1DED72085}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{FA99DFC7-6AC2-453A-A5E2-5E2AFF4507BD}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CAA59E3C-4792-41A5-9909-6A6A8D32490E}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{A3D53349-6E61-4557-8FC7-0028EDCEEBF6}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F2A1CB5A-E3CC-4A2E-AF9D-505A7009D442}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{BCB48336-4DDD-48FF-BB0B-D3190DACB3E2}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithProgids
VBSFile
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@C:\Windows\System32\wshext.dll,-4511
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JFpevcg.rkr
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.ApplicationCompany
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithList
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithList
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000600FC
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000008006E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000060232
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000009020A
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\VKQnV.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Trgfgnegrq_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfSrrqonpxUho_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfZncf_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Crbcyr_8jrxlo3q8oojr!k4p7n3o7ql2188l46q4ln362l19np5n5805r5k
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.ZvpebfbsgFgvpxlAbgrf_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\FavccvatGbby.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfPnyphyngbe_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfcnvag.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.PybhqRkcrevraprUbfg_pj5a1u2gklrjl!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.FuryyRkcrevraprUbfg_pj5a1u2gklrjl!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
jvaqbjf.vzzrefvirpbagebycnary_pj5a1u2gklrjl!zvpebfbsg.jvaqbjf.vzzrefvirpbagebycnary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Puebzr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{6Q809377-6NS0-444O-8957-N3773S02200R}\Nqbor\Npebong QP\Npebong\Npebong.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\BcraJvgu.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
308046O0NS4N39PO
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.PbagebyCnary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Rkcybere
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Frnepu_pj5a1u2gklrjl!PbegnanHV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\Qrfxgbc\BssvprFrghc.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{6Q809377-6NS0-444O-8957-N3773S02200R}\Pbzzba Svyrf\zvpebfbsg funerq\PyvpxGbEha\BssvprP2EPyvrag.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Bssvpr.RKPRY.RKR.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pzq.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\NhgbVg3\NhgbVg3.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.TrgUryc_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{Q65231O0-O2S1-4857-N4PR-N8R7P6RN7Q27}\JvaqbjfCbjreFuryy\i1.0\cbjrefuryy.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
\\192.168.2.1\nyy\cngputhneq-qvfnoyre-nyy-irefvbaf.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\VKQnV.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Favccvat Gbby.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Cnvag.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Nqbor Npebong.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Sversbk.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Flfgrz Gbbyf\Pbageby Cnary.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Svyr Rkcybere.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\oebx\Qrfxgbc\Rkpry.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Trgfgnegrq_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfSrrqonpxUho_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfZncf_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Crbcyr_8jrxlo3q8oojr!k4p7n3o7ql2188l46q4ln362l19np5n5805r5k
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.ZvpebfbsgFgvpxlAbgrf_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\FavccvatGbby.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfPnyphyngbe_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfcnvag.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.PybhqRkcrevraprUbfg_pj5a1u2gklrjl!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.FuryyRkcrevraprUbfg_pj5a1u2gklrjl!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
jvaqbjf.vzzrefvirpbagebycnary_pj5a1u2gklrjl!zvpebfbsg.jvaqbjf.vzzrefvirpbagebycnary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Puebzr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{6Q809377-6NS0-444O-8957-N3773S02200R}\Nqbor\Npebong QP\Npebong\Npebong.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\BcraJvgu.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
308046O0NS4N39PO
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.PbagebyCnary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Rkcybere
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Frnepu_pj5a1u2gklrjl!PbegnanHV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\Qrfxgbc\BssvprFrghc.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{6Q809377-6NS0-444O-8957-N3773S02200R}\Pbzzba Svyrf\zvpebfbsg funerq\PyvpxGbEha\BssvprP2EPyvrag.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Bssvpr.RKPRY.RKR.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pzq.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\NhgbVg3\NhgbVg3.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.TrgUryc_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{Q65231O0-O2S1-4857-N4PR-N8R7P6RN7Q27}\JvaqbjfCbjreFuryy\i1.0\cbjrefuryy.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
\\192.168.2.1\nyy\cngputhneq-qvfnoyre-nyy-irefvbaf.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\VKQnV.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JFpevcg.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Favccvat Gbby.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Cnvag.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Nqbor Npebong.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Sversbk.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Flfgrz Gbbyf\Pbageby Cnary.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Svyr Rkcybere.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\oebx\Qrfxgbc\Rkpry.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{9E04CAB2-CC14-11DF-BB8C-A2F1DED72085}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{FA99DFC7-6AC2-453A-A5E2-5E2AFF4507BD}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CAA59E3C-4792-41A5-9909-6A6A8D32490E}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{A3D53349-6E61-4557-8FC7-0028EDCEEBF6}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F2A1CB5A-E3CC-4A2E-AF9D-505A7009D442}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{BCB48336-4DDD-48FF-BB0B-D3190DACB3E2}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Trgfgnegrq_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfSrrqonpxUho_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfZncf_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Crbcyr_8jrxlo3q8oojr!k4p7n3o7ql2188l46q4ln362l19np5n5805r5k
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.ZvpebfbsgFgvpxlAbgrf_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\FavccvatGbby.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.JvaqbjfPnyphyngbe_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\zfcnvag.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.PybhqRkcrevraprUbfg_pj5a1u2gklrjl!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.FuryyRkcrevraprUbfg_pj5a1u2gklrjl!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
jvaqbjf.vzzrefvirpbagebycnary_pj5a1u2gklrjl!zvpebfbsg.jvaqbjf.vzzrefvirpbagebycnary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Puebzr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{6Q809377-6NS0-444O-8957-N3773S02200R}\Nqbor\Npebong QP\Npebong\Npebong.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\BcraJvgu.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
308046O0NS4N39PO
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.PbagebyCnary
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Rkcybere
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Frnepu_pj5a1u2gklrjl!PbegnanHV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\Qrfxgbc\BssvprFrghc.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{6Q809377-6NS0-444O-8957-N3773S02200R}\Pbzzba Svyrf\zvpebfbsg funerq\PyvpxGbEha\BssvprP2EPyvrag.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Bssvpr.RKPRY.RKR.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\pzq.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\NhgbVg3\NhgbVg3.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.TrgUryc_8jrxlo3q8oojr!Ncc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{Q65231O0-O2S1-4857-N4PR-N8R7P6RN7Q27}\JvaqbjfCbjreFuryy\i1.0\cbjrefuryy.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
\\192.168.2.1\nyy\cngputhneq-qvfnoyre-nyy-irefvbaf.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\VKQnV.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\oebx\NccQngn\Ybpny\Grzc\S6Q9.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JFpevcg.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Favccvat Gbby.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\Npprffbevrf\Cnvag.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Nqbor Npebong.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Tbbtyr Puebzr.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\Choyvp\Qrfxgbc\Sversbk.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{N77S5Q77-2R2O-44P3-N6N2-NON601054N51}\Flfgrz Gbbyf\Pbageby Cnary.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
{9R3995NO-1S9P-4S13-O827-48O24O6P7174}\GnfxOne\Svyr Rkcybere.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
P:\Hfref\oebx\Qrfxgbc\Rkpry.yax
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{9E04CAB2-CC14-11DF-BB8C-A2F1DED72085}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{FA99DFC7-6AC2-453A-A5E2-5E2AFF4507BD}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CAA59E3C-4792-41A5-9909-6A6A8D32490E}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{A3D53349-6E61-4557-8FC7-0028EDCEEBF6}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F2A1CB5A-E3CC-4A2E-AF9D-505A7009D442}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{BCB48336-4DDD-48FF-BB0B-D3190DACB3E2}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER_Classes\VirtualStore\MACHINE\SOFTWARE\WOW6432Node\GTplus
Time
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\753F_RASMANCS
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\Microsoft\ActiveMovie\devenum
Version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018400CF081ADAB
There are 430 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
28C0000
trusted library section
page read and write
 malicious
3FDE000
unclassified section
page readonly
 malicious
660000
direct allocation
page read and write
 malicious
2131000
unclassified section
page read and write
 malicious
680000
direct allocation
page read and write
 malicious
7FF75F3B0000
unkown
page readonly
 malicious
681000
unclassified section
page read and write
 malicious
4E40000
trusted library section
page read and write
 malicious
7FF75F3B0000
unkown
page readonly
 malicious
81A0000
unkown
page read and write
B110000
unkown
page readonly
55F2000
heap
page read and write
7FF5304F1000
unkown
page readonly
4E80000
trusted library allocation
page read and write
B20000
unkown
page read and write
5E90000
heap
page read and write
3039000
unkown
page read and write
2ACA3245000
heap
page read and write
13FE000
stack
page read and write
350E000
stack
page read and write
C000031000
direct allocation
page read and write
3006000
heap
page read and write
8380000
unkown
page read and write
81C0000
unkown
page read and write
7FF75F311000
unkown
page write copy
5477000
trusted library allocation
page read and write
7FF5308D1000
unkown
page readonly
B20000
unkown
page read and write
405000
unkown
page readonly
5A1000
heap
page read and write
2FFA000
heap
page read and write
3145000
trusted library allocation
page read and write
29C5000
trusted library allocation
page read and write
2FD9000
heap
page read and write
20A67D33000
trusted library allocation
page read and write
85B10FE000
stack
page read and write
313B000
trusted library allocation
page read and write
7DF44D891000
unkown
page execute read
88B0000
unkown
page read and write
7FF53068E000
unkown
page readonly
88B0000
unkown
page read and write
316E000
trusted library allocation
page read and write
3168000
trusted library allocation
page read and write
20A65B90000
heap
page read and write
870E000
stack
page read and write
C00027E000
direct allocation
page read and write
7FF7C079D000
trusted library allocation
page execute and read and write
CFAC000
unkown
page read and write
22B5D885000
heap
page read and write
D161000
unkown
page read and write
81C0000
unkown
page read and write
2B9D000
trusted library allocation
page read and write
3147000
trusted library allocation
page read and write
315E000
trusted library allocation
page read and write
81C0000
unkown
page read and write
2598C9D8000
heap
page read and write
B20000
unkown
page read and write
2ACA0690000
heap
page read and write
55AD000
heap
page read and write
5465000
trusted library allocation
page read and write
88B0000
unkown
page read and write
2C9F000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
81C0000
unkown
page read and write
12C0000
heap
page read and write
C00010E000
direct allocation
page read and write
81A0000
unkown
page read and write
2FEF000
heap
page read and write
88B0000
unkown
page read and write
20A00240000
trusted library allocation
page read and write
410000
heap
page read and write
CFAA000
unkown
page read and write
2AF8000
trusted library allocation
page read and write
651000
heap
page read and write
8900000
unkown
page read and write
7FF75F390000
unkown
page write copy
219E000
stack
page read and write
11D9000
heap
page read and write
3040000
unkown
page read and write
2C40000
unkown
page read and write
94A1000
unkown
page read and write
2B93000
trusted library allocation
page read and write
7FF7C0989000
trusted library allocation
page read and write
7FF530A4F000
unkown
page readonly
4E70000
trusted library allocation
page read and write
3604000
trusted library allocation
page read and write
34CE000
stack
page read and write
6280000
trusted library allocation
page read and write
C00004B000
direct allocation
page read and write
81C0000
unkown
page read and write
9497000
unkown
page read and write
8710000
unkown
page read and write
20A68FE9000
trusted library allocation
page read and write
3197000
trusted library allocation
page read and write
7FF7C0A40000
trusted library allocation
page read and write
120C000
heap
page read and write
957B000
unkown
page read and write
88B0000
unkown
page read and write
B20000
unkown
page read and write
2B7A000
trusted library allocation
page read and write
8380000
unkown
page read and write
88B0000
unkown
page read and write
2190000
heap
page read and write
7009E000
unkown
page read and write
7FF5304D3000
unkown
page readonly
8380000
unkown
page read and write
88B0000
unkown
page read and write
5520000
heap
page read and write
A483000
unkown
page read and write
B50000
unkown
page read and write
311F000
trusted library allocation
page read and write
199000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
A485000
unkown
page read and write
315E000
trusted library allocation
page read and write
2FE1000
heap
page read and write
54A8000
trusted library allocation
page read and write
2B67000
trusted library allocation
page read and write
670000
heap
page read and write
7FF5309B1000
unkown
page readonly
94AF000
unkown
page read and write
54B0000
trusted library allocation
page read and write
600000
direct allocation
page execute and read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
6280000
trusted library allocation
page read and write
7FF70B8C1000
unkown
page execute read
4EE000
stack
page read and write
81C0000
unkown
page read and write
F316BFE000
stack
page read and write
2FF1000
heap
page read and write
7FF7C0780000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
7FF5309E2000
unkown
page readonly
1831C14B000
heap
page read and write
405000
unkown
page readonly
2FF8000
heap
page read and write
7FF530297000
unkown
page readonly
7FF530961000
unkown
page readonly
9B80000
unkown
page read and write
2B97000
trusted library allocation
page read and write
8380000
unkown
page read and write
3162000
trusted library allocation
page read and write
88B0000
unkown
page read and write
4392000
unkown
page read and write
88B0000
unkown
page read and write
38F5000
trusted library allocation
page read and write
7FF530673000
unkown
page readonly
2A88000
trusted library allocation
page read and write
C000010000
direct allocation
page read and write
7009E000
unkown
page read and write
7FF5307C6000
unkown
page readonly
2FEF000
heap
page read and write
3149000
trusted library allocation
page read and write
324F000
trusted library allocation
page read and write
110000
trusted library allocation
page execute and read and write
4F0000
heap
page read and write
7FF7C0CB0000
trusted library allocation
page read and write
4E80000
trusted library allocation
page read and write
AE1B000
stack
page read and write
8380000
unkown
page read and write
94B9000
unkown
page read and write
7FF75EE70000
unkown
page readonly
8380000
unkown
page read and write
1C080001000
trusted library allocation
page read and write
2A40000
trusted library allocation
page read and write
8380000
unkown
page read and write
88B0000
unkown
page read and write
283F000
stack
page read and write
7FF5309AC000
unkown
page readonly
70041000
unkown
page execute read
2A00000
trusted library allocation
page read and write
2EEF000
stack
page read and write
3B0D000
stack
page read and write
2FEF000
heap
page read and write
7FF7C07A0000
trusted library allocation
page read and write
1C080500000
trusted library allocation
page read and write
3174000
trusted library allocation
page read and write
CE0000
heap
page read and write
2CD1000
trusted library allocation
page read and write
34AF000
stack
page read and write
3160000
trusted library allocation
page read and write
23CE000
stack
page read and write
94AD000
unkown
page read and write
26DE000
unclassified section
page readonly
3147000
trusted library allocation
page read and write
EE41000
unkown
page read and write
5599000
heap
page read and write
8380000
unkown
page read and write
4DB3000
unkown
page read and write
8380000
unkown
page read and write
1C0F766A000
heap
page read and write
7FF530482000
unkown
page readonly
328E000
stack
page read and write
880000
heap
page read and write
313E000
trusted library allocation
page read and write
2FE9000
heap
page read and write
B20000
unkown
page read and write
2FD1000
heap
page read and write
B20000
unkown
page read and write
B9E61FD000
stack
page read and write
2A71000
trusted library allocation
page read and write
7FF530678000
unkown
page readonly
B20000
unkown
page read and write
9477000
unkown
page read and write
20A7FB50000
heap
page read and write
313E000
trusted library allocation
page read and write
4300000
unkown
page read and write
8380000
unkown
page read and write
2C95000
trusted library allocation
page read and write
6094000
heap
page read and write
7230000
trusted library allocation
page read and write
B5D0000
unkown
page read and write
7FF53050F000
unkown
page readonly
6B4000
heap
page read and write
7FF5307EA000
unkown
page readonly
B20000
unkown
page read and write
1C0F5BC3000
heap
page read and write
81C0000
unkown
page read and write
7FF7C093A000
trusted library allocation
page read and write
6F9000
heap
page read and write
B20000
unkown
page read and write
1C0F2310000
heap
page read and write
8380000
unkown
page read and write
81C0000
unkown
page read and write
5C0000
trusted library allocation
page read and write
81C0000
unkown
page read and write
5599000
heap
page read and write
5687000
heap
page read and write
1C0F2330000
trusted library allocation
page read and write
65B83FE000
stack
page read and write
5480000
trusted library allocation
page read and write
70008000
unkown
page readonly
57D0000
trusted library allocation
page read and write
1290000
direct allocation
page read and write
7FF7C09A0000
trusted library allocation
page execute and read and write
554A000
trusted library allocation
page read and write
3210000
trusted library allocation
page read and write
7FF5308EE000
unkown
page readonly
FEA9000
unkown
page read and write
2C40000
unkown
page read and write
B0000
trusted library allocation
page read and write
8710000
unkown
page read and write
B20000
unkown
page read and write
81C0000
unkown
page read and write
2B4E000
trusted library allocation
page read and write
54C9000
trusted library allocation
page read and write
1C0F7800000
heap
page read and write
7FF7C0B60000
trusted library allocation
page read and write
20A65C90000
heap
page read and write
590000
unkown
page readonly
5D0000
heap
page read and write
20A0017D000
heap
page read and write
1359000
heap
page read and write
7DF44D881000
unkown
page execute read
252A000
stack
page read and write
2FF2000
heap
page read and write
7DF44D871000
unkown
page execute read
88B0000
unkown
page read and write
B20000
unkown
page read and write
9CF8000
unkown
page read and write
5464000
trusted library allocation
page read and write
2C82000
trusted library allocation
page read and write
5A5F000
stack
page read and write
E89000
stack
page read and write
7FF530521000
unkown
page readonly
7FF75F3A8000
unkown
page write copy
2598AF19000
heap
page read and write
2FDC000
unkown
page read and write
7FF5303A0000
unkown
page readonly
2C40000
unkown
page read and write
4E84000
trusted library allocation
page read and write
7FF53076E000
unkown
page readonly
B20000
unkown
page read and write
A9E0000
unkown
page readonly
81C0000
unkown
page read and write
544A000
trusted library allocation
page read and write
2A4D000
trusted library allocation
page read and write
3147000
trusted library allocation
page read and write
1C080318000
trusted library allocation
page read and write
C000960000
direct allocation
page read and write
93B4000
unkown
page read and write
88B0000
unkown
page read and write
7FF7C09F0000
trusted library allocation
page read and write
3093000
unkown
page read and write
2DEA000
stack
page read and write
7FF7C07C4000
trusted library allocation
page read and write
1E0000
heap
page read and write
8583000
unkown
page read and write
20A689A4000
trusted library allocation
page read and write
3158000
trusted library allocation
page read and write
5C2E000
stack
page read and write
81C0000
unkown
page read and write
2C86000
trusted library allocation
page read and write
81B0000
unkown
page read and write
2AC86590000
trusted library section
page readonly
2ADA000
trusted library allocation
page read and write
2598AF1C000
heap
page read and write
8900000
unkown
page read and write
5461000
trusted library allocation
page read and write
1C0900C6000
trusted library allocation
page read and write
88B0000
unkown
page read and write
546E000
trusted library allocation
page read and write
7750000
unkown
page read and write
2FF7000
heap
page read and write
23B1B301000
direct allocation
page read and write
4C5000
unkown
page execute and read and write
D4000
trusted library allocation
page read and write
5473000
trusted library allocation
page read and write
20A679E1000
trusted library allocation
page read and write
81C0000
unkown
page read and write
88B0000
unkown
page read and write
3177000
trusted library allocation
page read and write
2AC2000
trusted library allocation
page read and write
3182000
trusted library allocation
page read and write
1C08042A000
trusted library allocation
page read and write
8710000
unkown
page read and write
2B56000
trusted library allocation
page read and write
5443000
trusted library allocation
page read and write
5DE0000
remote allocation
page read and write
5E60000
trusted library allocation
page read and write
2B40000
trusted library allocation
page read and write
88B0000
unkown
page read and write
2FF7000
heap
page read and write
3145000
trusted library allocation
page read and write
5441000
trusted library allocation
page read and write
7FF7C0B20000
trusted library allocation
page read and write
62A0000
trusted library allocation
page read and write
54BC000
trusted library allocation
page read and write
8710000
unkown
page read and write
81C0000
unkown
page read and write
7FF53041E000
unkown
page readonly
3249000
trusted library allocation
page read and write
62B0000
trusted library allocation
page read and write
5C0000
heap
page read and write
5DE0000
trusted library allocation
page read and write
300E000
stack
page read and write
88B0000
unkown
page read and write
7FF53096C000
unkown
page readonly
88B0000
unkown
page read and write
9CC8000
unkown
page read and write
7FF7C09E0000
trusted library allocation
page read and write
73D0000
unkown
page read and write
293E000
stack
page read and write
7FF53065A000
unkown
page readonly
316F000
trusted library allocation
page read and write
2FD4000
heap
page read and write
5E30000
trusted library allocation
page read and write
3000000
heap
page read and write
88B0000
unkown
page read and write
2A78084B000
heap
page read and write
88B0000
unkown
page read and write
2B8F000
trusted library allocation
page read and write
433B000
unkown
page read and write
2D09000
trusted library allocation
page read and write
B20000
unkown
page read and write
981963E000
stack
page read and write
7008B000
unkown
page read and write
401000
unkown
page execute read
2A3F000
trusted library allocation
page read and write
20A7FB44000
heap
page read and write
9519000
unkown
page read and write
2AB8000
trusted library allocation
page read and write
2C40000
unkown
page read and write
B20000
unkown
page read and write
7FF7C07A0000
trusted library allocation
page read and write
2FFC000
heap
page read and write
2A13000
trusted library allocation
page read and write
2A6F000
trusted library allocation
page read and write
88B0000
unkown
page read and write
B20000
unkown
page read and write
B20000
unkown
page read and write
5541000
heap
page read and write
2C40000
unkown
page read and write
9C18000
stack
page read and write
7FF70B94D000
unkown
page readonly
318B000
trusted library allocation
page read and write
C000394000
direct allocation
page read and write
70040000
unkown
page readonly
B20000
unkown
page read and write
88B0000
unkown
page read and write
78F0000
unkown
page readonly
88B0000
unkown
page read and write
5DF0000
trusted library allocation
page read and write
5DD0000
trusted library allocation
page read and write
7FE08000
trusted library allocation
page execute and read and write
5489000
trusted library allocation
page read and write
7FF5305C2000
unkown
page readonly
3195000
trusted library allocation
page read and write
88B0000
unkown
page read and write
3151000
trusted library allocation
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
7FF7C07A3000
trusted library allocation
page execute and read and write
6F60000
unkown
page read and write
6100000
heap
page read and write
26F84F20000
heap
page read and write
2ACA06F3000
heap
page read and write
7FF530A37000
unkown
page readonly
3002000
heap
page read and write
7FF75F38F000
unkown
page read and write
20A65ADB000
heap
page read and write
3011000
heap
page read and write
7FF5302B5000
unkown
page readonly
9CC6000
unkown
page read and write
88B0000
unkown
page read and write
94C2000
unkown
page read and write
110000
heap
page read and write
20A65D30000
heap
page read and write
88B0000
unkown
page read and write
2AC86388000
heap
page read and write
29F8000
trusted library allocation
page read and write
2B29000
trusted library allocation
page read and write
617F000
heap
page read and write
692C000
stack
page read and write
B9E6F8E000
stack
page read and write
88B0000
unkown
page read and write
2B21000
trusted library allocation
page read and write
7FF75F392000
unkown
page read and write
88C0000
unkown
page read and write
81C0000
unkown
page read and write
7FF5309C9000
unkown
page readonly
6F6D000
unkown
page read and write
2AC865B5000
heap
page read and write
2A11000
trusted library allocation
page read and write
2D28000
trusted library allocation
page read and write
7FF53050B000
unkown
page readonly
81C0000
unkown
page read and write
20A68DB7000
trusted library allocation
page read and write
3193000
trusted library allocation
page read and write
88B0000
unkown
page read and write
401000
unkown
page execute read
4A8E000
stack
page read and write
7FF7C0866000
trusted library allocation
page execute and read and write
5A0000
heap
page read and write
575000
heap
page read and write
5E70000
trusted library allocation
page read and write
9390000
unkown
page read and write
81C0000
unkown
page read and write
2ACA07F0000
heap
page read and write
66E000
stack
page read and write
1831C2F0000
heap
page read and write
B20000
unkown
page read and write
6078000
heap
page read and write
3005000
heap
page read and write
2B08000
trusted library allocation
page read and write
C000134000
direct allocation
page read and write
B120000
unkown
page read and write
8380000
unkown
page read and write
B660000
unkown
page read and write
38FA000
trusted library allocation
page read and write
2FFB000
heap
page read and write
9B60000
unkown
page read and write
88B0000
unkown
page read and write
B50000
unkown
page read and write
8380000
unkown
page read and write
FC000
stack
page read and write
321A000
trusted library allocation
page read and write
52DA0FF000
unkown
page read and write
43F3000
unkown
page read and write
460000
heap
page read and write
7FF75F3AE000
unkown
page write copy
29C9000
trusted library allocation
page read and write
C000036000
direct allocation
page read and write
FE92000
unkown
page read and write
83A0000
unkown
page read and write
20A68476000
trusted library allocation
page read and write
5DE0000
trusted library allocation
page read and write
81C0000
unkown
page read and write
24D0000
direct allocation
page execute and read and write
88B0000
unkown
page read and write
B9E627E000
stack
page read and write
81C0000
unkown
page read and write
2C97000
trusted library allocation
page read and write
A8A9000
stack
page read and write
7FF53058B000
unkown
page readonly
81C0000
unkown
page read and write
73D0000
unkown
page read and write
4356000
unkown
page read and write
19D000
stack
page read and write
88B0000
unkown
page read and write
54A0000
trusted library allocation
page read and write
302F000
unkown
page read and write
5668000
heap
page read and write
5684000
heap
page read and write
B9E5FFE000
stack
page read and write
544A000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF7C0784000
trusted library allocation
page read and write
8380000
unkown
page read and write
2A780810000
heap
page read and write
23B1B395000
heap
page read and write
FE9B000
unkown
page read and write
2598AF10000
heap
page read and write
9CAE000
unkown
page read and write
67D000
heap
page read and write
D81D000
stack
page read and write
C000118000
direct allocation
page read and write
7FF7C0950000
trusted library allocation
page execute and read and write
62C0000
trusted library allocation
page read and write
6280000
trusted library allocation
page read and write
8E80000
unkown
page readonly
55E5000
heap
page read and write
8380000
unkown
page read and write
7FF530273000
unkown
page readonly
4EB2000
trusted library allocation
page read and write
C01000
unkown
page readonly
D8B000
stack
page read and write
24CE000
stack
page read and write
E6C000
stack
page read and write
3177000
trusted library allocation
page read and write
7FF7C07BD000
trusted library allocation
page execute and read and write
7FF7C0A90000
trusted library allocation
page read and write
2CCD000
trusted library allocation
page read and write
3005000
heap
page read and write
B20000
unkown
page read and write
4FC0000
trusted library allocation
page read and write
8380000
unkown
page read and write
3000000
heap
page read and write
5E20000
trusted library allocation
page read and write
3177000
trusted library allocation
page read and write
B5E0000
heap
page read and write
54C0000
trusted library allocation
page read and write
2FEF000
heap
page read and write
7FF7C0850000
trusted library allocation
page read and write
81C0000
unkown
page read and write
CFA3000
unkown
page read and write
D167000
unkown
page read and write
7FF530410000
unkown
page readonly
39BF000
stack
page read and write
81C0000
unkown
page read and write
F6C000
stack
page read and write
7FF5304BF000
unkown
page readonly
7FF7C0BE4000
trusted library allocation
page read and write
4FE000
heap
page read and write
3000000
heap
page read and write
B40000
unkown
page read and write
6280000
trusted library allocation
page read and write
2A0F000
trusted library allocation
page read and write
1C0F2350000
trusted library allocation
page read and write
2CF8000
trusted library allocation
page read and write
2D40000
unkown
page read and write
7FF530949000
unkown
page readonly
8380000
unkown
page read and write
2CB6000
trusted library allocation
page read and write
B20000
unkown
page read and write
8900000
unkown
page read and write
36AE000
stack
page read and write
318E000
trusted library allocation
page read and write
B20000
unkown
page read and write
2AD5000
trusted library allocation
page read and write
55EC000
heap
page read and write
3196000
trusted library allocation
page read and write
4E8E000
trusted library allocation
page read and write
316E000
trusted library allocation
page read and write
8380000
unkown
page read and write
5DE0000
trusted library allocation
page read and write
7FF5308B8000
unkown
page readonly
81C0000
unkown
page read and write
3010000
heap
page read and write
8380000
unkown
page read and write
314F000
trusted library allocation
page read and write
B20000
unkown
page read and write
7509000
stack
page read and write
2A04000
trusted library allocation
page read and write
2870000
heap
page read and write
438E000
unkown
page read and write
81B0000
unkown
page read and write
9579000
unkown
page read and write
C000084000
direct allocation
page read and write
B620000
unkown
page read and write
2AC8646D000
heap
page read and write
EE6000
unkown
page execute and write copy
7FF530892000
unkown
page readonly
2CF2000
trusted library allocation
page read and write
193000
trusted library allocation
page read and write
27B0000
heap
page read and write
311F000
trusted library allocation
page read and write
5DDF000
trusted library allocation
page read and write
7FF5303DB000
unkown
page readonly
988C000
stack
page read and write
6078000
heap
page read and write
4F40000
trusted library allocation
page read and write
B9E63FC000
stack
page read and write
7FF52FE0C000
unkown
page readonly
81C0000
unkown
page read and write
81C0000
unkown
page read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
7008C000
unkown
page write copy
4E84000
trusted library allocation
page read and write
5458000
trusted library allocation
page read and write
88B0000
unkown
page read and write
55BB000
heap
page read and write
6181000
heap
page read and write
566000
heap
page read and write
8900000
unkown
page read and write
3057000
unkown
page read and write
9BF000
stack
page read and write
2598AF1F000
heap
page read and write
2B69000
trusted library allocation
page read and write
88B0000
unkown
page read and write
3B1E000
stack
page read and write
B9E5DFE000
stack
page read and write
6B0000
heap
page read and write
544A000
trusted library allocation
page read and write
3330000
heap
page read and write
73D0000
unkown
page read and write
B20000
unkown
page read and write
85B08FA000
stack
page read and write
8710000
unkown
page read and write
62C0000
trusted library allocation
page read and write
81D0000
unkown
page read and write
B20000
unkown
page read and write
70AF000
unkown
page read and write
578F000
stack
page read and write
3002000
heap
page read and write
C0003AC000
direct allocation
page read and write
8380000
unkown
page read and write
B9E6179000
stack
page read and write
98185FE000
stack
page read and write
8900000
unkown
page read and write
2C60000
trusted library allocation
page read and write
5C42000
trusted library allocation
page read and write
7FF7C0A20000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF7C0C50000
trusted library allocation
page read and write
65B75FF000
stack
page read and write
7FF75F9D9000
unkown
page read and write
1C0F5BF0000
heap
page read and write
4A5000
heap
page read and write
1C0F5B8C000
heap
page read and write
7FF75EE71000
unkown
page execute read
7FF52FDC3000
unkown
page readonly
2FEF000
heap
page read and write
B20000
unkown
page read and write
7FF70B8C0000
unkown
page readonly
3010000
heap
page read and write
20A687F0000
trusted library allocation
page read and write
85A0000
unkown
page read and write
88B0000
unkown
page read and write
59CC000
stack
page read and write
5DDF000
stack
page read and write
238F000
stack
page read and write
400000
unkown
page readonly
7FF530991000
unkown
page readonly
2B7C000
trusted library allocation
page read and write
8710000
unkown
page read and write
73D0000
unkown
page read and write
1C08040C000
trusted library allocation
page read and write
20A77961000
trusted library allocation
page read and write
2C40000
unkown
page read and write
C0003E8000
direct allocation
page read and write
3259000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF7C0990000
trusted library allocation
page read and write
314F000
trusted library allocation
page read and write
1C0F239E000
heap
page read and write
C00016C000
direct allocation
page read and write
7FF53084E000
unkown
page readonly
EE4D000
unkown
page read and write
7FF7C0AF0000
trusted library allocation
page read and write
88B0000
unkown
page read and write
615D000
trusted library allocation
page read and write
2840000
trusted library allocation
page read and write
4FD7000
heap
page execute and read and write
1831C120000
heap
page read and write
3025000
unkown
page read and write
D2C4000
unkown
page read and write
2AA1000
trusted library allocation
page read and write
23B1B30A000
direct allocation
page read and write
569E000
stack
page read and write
2B42000
trusted library allocation
page read and write
38BF000
stack
page read and write
315A000
trusted library allocation
page read and write
88B0000
unkown
page read and write
5441000
trusted library allocation
page read and write
8750000
unkown
page read and write
FF0000
heap
page read and write
7FF7C0AD0000
trusted library allocation
page read and write
3168000
trusted library allocation
page read and write
282F000
stack
page read and write
7087000
unkown
page read and write
C000307000
direct allocation
page read and write
8380000
unkown
page read and write
7750000
unkown
page read and write
7FF7C09C0000
trusted library allocation
page read and write
7002E000
unkown
page read and write
1C080471000
trusted library allocation
page read and write
23B1B344000
direct allocation
page read and write
81C0000
unkown
page read and write
405000
unkown
page readonly
1C0F3DB0000
trusted library allocation
page read and write
547C000
trusted library allocation
page read and write
8710000
unkown
page read and write
9E44000
unkown
page read and write
8710000
unkown
page read and write
544A000
trusted library allocation
page read and write
3115000
trusted library allocation
page read and write
2FF2000
heap
page read and write
4E40000
remote allocation
page read and write
88B0000
unkown
page read and write
B20000
unkown
page read and write
3550000
heap
page read and write
631E000
stack
page read and write
C00017A000
direct allocation
page read and write
7FF7C0990000
trusted library allocation
page execute and read and write
7FF53087E000
unkown
page readonly
318F000
trusted library allocation
page read and write
4EC6000
trusted library allocation
page read and write
645E000
stack
page read and write
3C6E000
stack
page read and write
BA3000
unkown
page write copy
54BF000
trusted library allocation
page read and write
C0003D8000
direct allocation
page read and write
7008B000
unkown
page read and write
4410000
unkown
page read and write
5458000
trusted library allocation
page read and write
4DC9000
unkown
page read and write
7FF530A02000
unkown
page readonly
8380000
unkown
page read and write
29DE000
trusted library allocation
page read and write
70B7000
unkown
page read and write
2FE9000
heap
page read and write
2FF2000
heap
page read and write
7FF75FA16000
unkown
page readonly
2CF6000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF53086D000
unkown
page readonly
2D31000
trusted library allocation
page read and write
401000
unkown
page execute read
8900000
unkown
page read and write
B2EC000
stack
page read and write
88B0000
unkown
page read and write
7FF5309E6000
unkown
page readonly
C00019A000
direct allocation
page read and write
81C0000
unkown
page read and write
73D0000
unkown
page read and write
20A000BC000
heap
page read and write
7FF7C083C000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
1C080756000
trusted library allocation
page read and write
7DF44D860000
unkown
page readonly
7FF7C0836000
trusted library allocation
page read and write
3121000
trusted library allocation
page read and write
35AE000
stack
page read and write
5AD0000
trusted library allocation
page read and write
B20000
unkown
page read and write
B9E5C7E000
stack
page read and write
3221000
trusted library allocation
page read and write
4EC0000
trusted library allocation
page read and write
1C0F7632000
heap
page read and write
298D000
trusted library allocation
page read and write
2CB0000
trusted library allocation
page read and write
12D0000
direct allocation
page read and write
23B1B2A0000
direct allocation
page read and write
2BB6000
trusted library allocation
page read and write
3127000
trusted library allocation
page read and write
D11A000
unkown
page read and write
7FF5305D3000
unkown
page readonly
1377000
heap
page read and write
5D7000
heap
page read and write
2AA7000
trusted library allocation
page read and write
3ACC000
trusted library allocation
page read and write
9E36000
unkown
page read and write
7FF7C0A00000
trusted library allocation
page read and write
5DF0000
trusted library allocation
page read and write
2A02000
trusted library allocation
page read and write
7FF53068B000
unkown
page readonly
3155000
trusted library allocation
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
26F84F75000
heap
page read and write
4F50000
trusted library allocation
page read and write
B9E5D7E000
stack
page read and write
7FF7C0B10000
trusted library allocation
page read and write
D36B000
unkown
page read and write
1C0F2290000
heap
page read and write
26F84F2B000
heap
page read and write
B9E5CFE000
stack
page read and write
20A7FA80000
heap
page read and write
88C0000
unkown
page read and write
B36B000
stack
page read and write
5668000
heap
page read and write
7FF5309D3000
unkown
page readonly
B40000
unkown
page read and write
81B0000
unkown
page read and write
62D0000
trusted library allocation
page read and write
20A6920A000
trusted library allocation
page read and write
217F000
stack
page read and write
2AC863E8000
heap
page read and write
7FF7C0BB0000
trusted library allocation
page read and write
3010000
heap
page read and write
510000
heap
page read and write
1C0F5C3B000
heap
page read and write
6D90000
unkown
page read and write
26E7000
unclassified section
page read and write
B20000
unkown
page read and write
B20000
unkown
page read and write
3161000
trusted library allocation
page read and write
73D0000
unkown
page read and write
88B0000
unkown
page read and write
9C9D000
stack
page read and write
7FF75F9EA000
unkown
page write copy
B20000
unkown
page read and write
876000
stack
page read and write
215F000
stack
page read and write
357C000
trusted library allocation
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
2F67000
heap
page read and write
20A67500000
trusted library allocation
page read and write
7849000
stack
page read and write
88B0000
unkown
page read and write
309A000
unkown
page read and write
82DB000
stack
page read and write
546F000
trusted library allocation
page read and write
B9E5F7D000
stack
page read and write
5441000
trusted library allocation
page read and write
5476000
trusted library allocation
page read and write
3000000
heap
page read and write
2B04000
trusted library allocation
page read and write
3177000
trusted library allocation
page read and write
2AA3000
trusted library allocation
page read and write
612D000
heap
page read and write
81C0000
unkown
page read and write
C50000
unkown
page readonly
55EC000
heap
page read and write
B9E710B000
stack
page read and write
C000160000
direct allocation
page read and write
2B5F000
trusted library allocation
page read and write
2A41000
trusted library allocation
page read and write
4C6000
unkown
page execute and write copy
D919000
stack
page read and write
81C0000
unkown
page read and write
7FF530A33000
unkown
page readonly
7FF7C083C000
trusted library allocation
page execute and read and write
8380000
unkown
page read and write
8380000
unkown
page read and write
2598AEB0000
heap
page read and write
7FF5304AA000
unkown
page readonly
2B27000
trusted library allocation
page read and write
3170000
trusted library allocation
page read and write
2AF1000
trusted library allocation
page read and write
2AC87DA0000
trusted library allocation
page read and write
7370000
unkown
page read and write
B20000
unkown
page read and write
3900000
heap
page read and write
2C40000
unkown
page read and write
140000
direct allocation
page read and write
20A674F0000
heap
page readonly
8710000
unkown
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
2B0C000
trusted library allocation
page read and write
301A000
unkown
page read and write
20A00049000
heap
page read and write
2B44000
trusted library allocation
page read and write
2A38000
trusted library allocation
page read and write
5479000
trusted library allocation
page read and write
7FF70B94D000
unkown
page readonly
16E000
stack
page read and write
3178000
trusted library allocation
page read and write
9492000
unkown
page read and write
81C0000
unkown
page read and write
7FF530A11000
unkown
page readonly
354E000
stack
page read and write
1C0F3CC0000
heap
page read and write
28E0000
heap
page read and write
1C0F5BEE000
heap
page read and write
2C12000
trusted library allocation
page read and write
5467000
trusted library allocation
page read and write
20A00000000
trusted library allocation
page read and write
88B0000
unkown
page read and write
8710000
unkown
page read and write
8380000
unkown
page read and write
4F40000
direct allocation
page execute and read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
AB8B000
stack
page read and write
88B0000
unkown
page read and write
316F000
trusted library allocation
page read and write
364E000
stack
page read and write
2890000
heap
page read and write
7FF53062D000
unkown
page readonly
22B5D88E000
heap
page read and write
CF9B000
stack
page read and write
98175F5000
stack
page read and write
318F000
trusted library allocation
page read and write
955E000
unkown
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
604B000
heap
page read and write
33AE000
stack
page read and write
3115000
trusted library allocation
page read and write
88B0000
unkown
page read and write
360F000
stack
page read and write
2C4B000
trusted library allocation
page read and write
B20000
unkown
page read and write
5441000
trusted library allocation
page read and write
2A81000
trusted library allocation
page read and write
2A51000
trusted library allocation
page read and write
3149000
trusted library allocation
page read and write
3870000
direct allocation
page execute and read and write
4EF0000
trusted library allocation
page read and write
5620000
heap
page read and write
1C08043E000
trusted library allocation
page read and write
2B06000
trusted library allocation
page read and write
3014000
unkown
page read and write
81C0000
unkown
page read and write
60000
direct allocation
page read and write
B20000
unkown
page read and write
81C0000
unkown
page read and write
26F86970000
heap
page read and write
5F0000
unkown
page readonly
5472000
trusted library allocation
page read and write
4E80000
trusted library allocation
page read and write
7A31000
unkown
page read and write
8380000
unkown
page read and write
5ED0000
heap
page read and write
3185000
trusted library allocation
page read and write
2FF2000
heap
page read and write
73D0000
unkown
page read and write
88B0000
unkown
page read and write
54B0000
trusted library allocation
page read and write
55D5000
heap
page read and write
6280000
trusted library allocation
page read and write
8DDE000
stack
page read and write
2C40000
unkown
page read and write
3000000
heap
page read and write
3168000
trusted library allocation
page read and write
2B57000
trusted library allocation
page read and write
73D0000
unkown
page read and write
2B99000
trusted library allocation
page read and write
5CE000
heap
page read and write
2C7C000
trusted library allocation
page read and write
1C0F3C90000
heap
page read and write
88B0000
unkown
page read and write
55B000
heap
page read and write
3249000
trusted library allocation
page read and write
20A69153000
trusted library allocation
page read and write
2991000
trusted library allocation
page read and write
2ABA000
trusted library allocation
page read and write
60000
direct allocation
page read and write
7FF530708000
unkown
page readonly
88B0000
unkown
page read and write
B20000
unkown
page read and write
20A00084000
heap
page read and write
B9E62FE000
stack
page read and write
3221000
trusted library allocation
page read and write
7FF530281000
unkown
page readonly
315D000
trusted library allocation
page read and write
C000302000
direct allocation
page read and write
8900000
unkown
page read and write
6101000
heap
page read and write
3C7C000
stack
page read and write
567C000
trusted library allocation
page read and write
81C0000
unkown
page read and write
8380000
unkown
page read and write
7FF7C0B40000
trusted library allocation
page read and write
1081000
unkown
page readonly
7FF7C0782000
trusted library allocation
page read and write
C00003F000
direct allocation
page read and write
949B000
unkown
page read and write
2BD8000
stack
page read and write
3075000
heap
page read and write
298F000
trusted library allocation
page read and write
C000348000
direct allocation
page read and write
C000192000
direct allocation
page read and write
758C000
stack
page read and write
81A0000
unkown
page read and write
6BEF000
stack
page read and write
B20000
unkown
page read and write
8380000
unkown
page read and write
3178000
trusted library allocation
page read and write
98179FE000
stack
page read and write
1F0000
heap
page read and write
4EF0000
trusted library allocation
page read and write
5599000
heap
page read and write
2598AEBC000
heap
page read and write
7C38000
stack
page read and write
3144000
trusted library allocation
page read and write
4E86000
trusted library allocation
page read and write
318E000
stack
page read and write
28BD000
stack
page read and write
980E000
stack
page read and write
C000400000
direct allocation
page read and write
C000050000
direct allocation
page read and write
81C0000
unkown
page read and write
7FF7C085C000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
23D0000
heap
page read and write
3007000
heap
page read and write
81C0000
unkown
page read and write
11BE000
heap
page read and write
5443000
trusted library allocation
page read and write
3158000
trusted library allocation
page read and write
7FF530743000
unkown
page readonly
E7000
trusted library allocation
page execute and read and write
2C62000
trusted library allocation
page read and write
20A67D4E000
trusted library allocation
page read and write
5D7000
heap
page read and write
B4000
trusted library allocation
page read and write
7FF7C0782000
trusted library allocation
page read and write
2FED000
heap
page read and write
6A2D000
stack
page read and write
7FF7C0980000
trusted library allocation
page read and write
3000000
heap
page read and write
6280000
trusted library allocation
page read and write
315F000
trusted library allocation
page read and write
3147000
trusted library allocation
page read and write
6100000
heap
page read and write
3149000
trusted library allocation
page read and write
70AD000
unkown
page read and write
7FF7C0A50000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF530A1C000
unkown
page readonly
62B0000
trusted library allocation
page read and write
20A67900000
trusted library allocation
page read and write
5668000
heap
page read and write
81C0000
unkown
page read and write
2A8E000
trusted library allocation
page read and write
88B0000
unkown
page read and write
B80000
unkown
page readonly
3157000
trusted library allocation
page read and write
8650000
unkown
page read and write
B20000
unkown
page read and write
3178000
trusted library allocation
page read and write
81A0000
unkown
page read and write
2940000
remote allocation
page read and write
88B0000
unkown
page read and write
8710000
unkown
page read and write
C0000
trusted library allocation
page read and write
E54E000
stack
page read and write
5E1E000
stack
page read and write
4F3E000
stack
page read and write
F3163F4000
stack
page read and write
2C66000
trusted library allocation
page read and write
23B1B376000
direct allocation
page read and write
324A000
trusted library allocation
page read and write
8380000
unkown
page read and write
4EE0000
trusted library allocation
page read and write
3082000
unkown
page read and write
7FF7C0A70000
trusted library allocation
page read and write
9819DFF000
stack
page read and write
6AEE000
stack
page read and write
2B3A000
trusted library allocation
page read and write
7390000
unkown
page read and write
5668000
heap
page read and write
9CE4000
unkown
page read and write
3086000
unkown
page read and write
6280000
trusted library allocation
page read and write
7FF7C07A4000
trusted library allocation
page read and write
1C0F2605000
heap
page read and write
EE10000
unkown
page read and write
7FF75EE71000
unkown
page execute read
2B82000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
7DF403C00000
trusted library allocation
page execute and read and write
2A90000
trusted library allocation
page read and write
8470000
unkown
page read and write
5458000
trusted library allocation
page read and write
B20000
unkown
page read and write
83A0000
unkown
page read and write
5486000
trusted library allocation
page read and write
8380000
unkown
page read and write
43CC000
unkown
page read and write
C000309000
direct allocation
page read and write
4FA000
heap
page read and write
5730000
heap
page read and write
7FF5306FB000
unkown
page readonly
7FF530877000
unkown
page readonly
2AF4000
trusted library allocation
page read and write
C0003F4000
direct allocation
page read and write
EE0000
unkown
page readonly
88B0000
unkown
page read and write
C000172000
direct allocation
page read and write
5EE000
stack
page read and write
3000000
heap
page read and write
362C000
trusted library allocation
page read and write
B20000
unkown
page read and write
212F000
stack
page read and write
7FF530952000
unkown
page readonly
114E000
heap
page read and write
1C0F58AF000
heap
page read and write
C000090000
direct allocation
page read and write
3239000
trusted library allocation
page read and write
7FF53093F000
unkown
page readonly
3010000
heap
page read and write
544E000
trusted library allocation
page read and write
B20000
unkown
page read and write
1831C310000
heap
page read and write
81DC000
stack
page read and write
23B60790000
direct allocation
page read and write
7FF7C07DC000
trusted library allocation
page execute and read and write
6280000
trusted library allocation
page read and write
EDF0000
heap
page read and write
566E000
heap
page read and write
48F8000
trusted library allocation
page read and write
544E000
trusted library allocation
page read and write
2A8D000
stack
page read and write
62E000
stack
page read and write
2598C9D5000
heap
page read and write
7FF7C0A00000
trusted library allocation
page read and write
8720000
unkown
page read and write
5458000
trusted library allocation
page read and write
314F000
trusted library allocation
page read and write
2ADD000
trusted library allocation
page read and write
410000
heap
page read and write
3170000
trusted library allocation
page read and write
20A7FC20000
heap
page execute and read and write
EE0000
unkown
page readonly
1C0F22D0000
heap
page read and write
B20000
unkown
page read and write
5DD0000
trusted library allocation
page read and write
8710000
unkown
page read and write
690000
unclassified section
page read and write
11E5000
heap
page read and write
4ED0000
trusted library allocation
page read and write
88B0000
unkown
page read and write
29E4000
trusted library allocation
page read and write
5496000
trusted library allocation
page read and write
88B0000
unkown
page read and write
3077000
heap
page read and write
B20000
unkown
page read and write
20A65B14000
heap
page read and write
29FC000
trusted library allocation
page read and write
4E80000
trusted library allocation
page read and write
29DC000
trusted library allocation
page read and write
7FF530910000
unkown
page readonly
88B0000
unkown
page read and write
20A000C9000
heap
page read and write
7FF7C07A4000
trusted library allocation
page read and write
7FF530346000
unkown
page readonly
4DFE000
stack
page read and write
2FFB000
heap
page read and write
4C5000
unkown
page execute and read and write
FE006FB000
stack
page read and write
56B3000
trusted library allocation
page read and write
81C0000
unkown
page read and write
20A65CD0000
heap
page read and write
7001C000
unkown
page write copy
88B0000
unkown
page read and write
2380000
heap
page read and write
B9E647C000
stack
page read and write
2B95000
trusted library allocation
page read and write
2FEF000
heap
page read and write
7FF7C0970000
trusted library allocation
page read and write
3010000
heap
page read and write
1C080444000
trusted library allocation
page read and write
8710000
unkown
page read and write
3158000
trusted library allocation
page read and write
2F78000
heap
page read and write
8380000
unkown
page read and write
37E5000
trusted library allocation
page read and write
3011000
heap
page read and write
4FC0000
trusted library allocation
page read and write
FF16000
unkown
page read and write
3168000
trusted library allocation
page read and write
73D0000
unkown
page read and write
73D0000
unkown
page read and write
C0001A4000
direct allocation
page read and write
7FF5304A0000
unkown
page readonly
190000
trusted library allocation
page read and write
2E3B000
stack
page read and write
4E8B000
trusted library allocation
page read and write
2FFF000
heap
page read and write
B20000
unkown
page read and write
7FF53059F000
unkown
page readonly
3189000
trusted library allocation
page read and write
EE3000
unkown
page write copy
7FF75F30E000
unkown
page write copy
B20000
unkown
page read and write
88C0000
unkown
page read and write
88B0000
unkown
page read and write
405000
unkown
page readonly
3158000
trusted library allocation
page read and write
4EF0000
trusted library allocation
page read and write
774A000
unkown
page read and write
8380000
unkown
page read and write
4E80000
trusted library allocation
page read and write
5FE1000
heap
page read and write
20A67510000
heap
page read and write
419000
unkown
page readonly
B20000
unkown
page read and write
318F000
trusted library allocation
page read and write
981D00E000
stack
page read and write
88B0000
unkown
page read and write
7240000
trusted library allocation
page read and write
B130000
unkown
page read and write
20A67D8C000
trusted library allocation
page read and write
3127000
trusted library allocation
page read and write
67D000
heap
page read and write
3145000
trusted library allocation
page read and write
26F84EB0000
heap
page read and write
2ACA3250000
heap
page read and write
6072000
heap
page read and write
5DE0000
trusted library allocation
page read and write
5E00000
trusted library allocation
page read and write
88B0000
unkown
page read and write
2AEB000
trusted library allocation
page read and write
5AF1000
heap
page read and write
37E2000
trusted library allocation
page read and write
4E80000
trusted library allocation
page read and write
B20000
unkown
page read and write
1C0F3D70000
heap
page read and write
7FF7C0A30000
trusted library allocation
page read and write
7DF44D880000
unkown
page readonly
29DA000
trusted library allocation
page read and write
20A65AED000
heap
page read and write
2B5D000
trusted library allocation
page read and write
3158000
trusted library allocation
page read and write
C00030C000
direct allocation
page read and write
7FF53075A000
unkown
page readonly
7750000
unkown
page read and write
4F40000
trusted library allocation
page read and write
981E80B000
stack
page read and write
29B5000
trusted library allocation
page read and write
2AD8000
stack
page read and write
3002000
heap
page read and write
2F78000
heap
page read and write
C0003EC000
direct allocation
page read and write
5DD0000
trusted library allocation
page read and write
B20000
unkown
page read and write
54A7000
trusted library allocation
page read and write
7BBD000
stack
page read and write
BA3000
unkown
page readonly
7FF7C0AA0000
trusted library allocation
page read and write
2B4C000
trusted library allocation
page read and write
5DF0000
trusted library allocation
page read and write
81C0000
unkown
page read and write
41C000
unkown
page read and write
7FF530822000
unkown
page readonly
C000140000
direct allocation
page read and write
5E00000
trusted library allocation
page read and write
D3FD000
unkown
page read and write
41C000
unkown
page read and write
2A1D000
trusted library allocation
page read and write
20A67B87000
trusted library allocation
page read and write
8380000
unkown
page read and write
1120000
direct allocation
page read and write
C000331000
direct allocation
page read and write
2B1F000
trusted library allocation
page read and write
81C0000
unkown
page read and write
20A65ACD000
heap
page read and write
C000800000
direct allocation
page read and write
317F000
trusted library allocation
page read and write
55CE000
heap
page read and write
88B0000
unkown
page read and write
7FF7C0784000
trusted library allocation
page read and write
7FF530435000
unkown
page readonly
2A1F000
trusted library allocation
page read and write
2B61000
trusted library allocation
page read and write
7FF530819000
unkown
page readonly
31A8000
trusted library allocation
page read and write
315F000
trusted library allocation
page read and write
4E60000
trusted library allocation
page read and write
549E000
trusted library allocation
page read and write
B20000
unkown
page read and write
7FF75F30C000
unkown
page read and write
4EF0000
trusted library allocation
page read and write
7FF530833000
unkown
page readonly
5E00000
trusted library allocation
page read and write
4F60000
heap
page execute and read and write
5544000
trusted library allocation
page read and write
7FF7C07AD000
trusted library allocation
page execute and read and write
8710000
unkown
page read and write
4460000
unkown
page read and write
3161000
trusted library allocation
page read and write
1C090079000
trusted library allocation
page read and write
8380000
unkown
page read and write
7FF530A81000
unkown
page readonly
8900000
unkown
page read and write
88B0000
unkown
page read and write
9D29000
unkown
page read and write
5B49000
heap
page read and write
8380000
unkown
page read and write
3259000
trusted library allocation
page read and write
6AAF000
stack
page read and write
6081000
heap
page read and write
55EC000
heap
page read and write
7FF7C08A0000
trusted library allocation
page execute and read and write
3A0B000
stack
page read and write
88B0000
unkown
page read and write
3213000
trusted library allocation
page read and write
3220000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF70B8C1000
unkown
page execute read
4B70000
heap
page read and write
88B0000
unkown
page read and write
29C3000
trusted library allocation
page read and write
7FF530413000
unkown
page readonly
26F1000
unclassified section
page readonly
8710000
unkown
page read and write
3000000
heap
page read and write
81C0000
unkown
page read and write
20A7FAF3000
heap
page read and write
6280000
trusted library allocation
page read and write
20A687AD000
trusted library allocation
page read and write
20A68F9E000
trusted library allocation
page read and write
5497000
trusted library allocation
page read and write
1120000
direct allocation
page read and write
88B0000
unkown
page read and write
5486000
trusted library allocation
page read and write
D2B0000
unkown
page read and write
5448000
trusted library allocation
page read and write
1831C110000
heap
page read and write
5596000
heap
page read and write
5E70000
trusted library allocation
page read and write
5E00000
trusted library allocation
page read and write
83A0000
unkown
page read and write
D173000
unkown
page read and write
7FF7C0B20000
trusted library allocation
page read and write
88B0000
unkown
page read and write
3262000
trusted library allocation
page read and write
825D000
stack
page read and write
7FF7C0AB0000
trusted library allocation
page read and write
7FDF0000
trusted library allocation
page execute and read and write
22B5D4B0000
heap
page read and write
9D30000
unkown
page read and write
5459000
trusted library allocation
page read and write
F7000
trusted library allocation
page execute and read and write
5471000
trusted library allocation
page read and write
7C40000
unkown
page read and write
2993000
trusted library allocation
page read and write
2AC864F0000
trusted library allocation
page read and write
180000
trusted library allocation
page read and write
2C84000
trusted library allocation
page read and write
DD2F000
stack
page read and write
20A00157000
heap
page read and write
3000000
heap
page read and write
6100000
heap
page read and write
5E10000
trusted library allocation
page read and write
FC0000
heap
page read and write
55EC000
heap
page read and write
C000374000
direct allocation
page read and write
3E1E000
trusted library allocation
page read and write
5E10000
trusted library allocation
page read and write
8380000
unkown
page read and write
6F63000
unkown
page read and write
2C40000
unkown
page read and write
544E000
trusted library allocation
page read and write
2C51000
trusted library allocation
page read and write
88B0000
unkown
page read and write
A480000
unkown
page read and write
8710000
unkown
page read and write
20A00010000
heap
page read and write
2ACA06F0000
heap
page read and write
65B7DFF000
stack
page read and write
65B7FFF000
stack
page read and write
239F000
stack
page read and write
29A6000
trusted library allocation
page read and write
544A000
trusted library allocation
page read and write
544E000
trusted library allocation
page read and write
3000000
heap
page read and write
402000
unkown
page readonly
3158000
trusted library allocation
page read and write
309E000
unkown
page read and write
3165000
trusted library allocation
page read and write
5467000
trusted library allocation
page read and write
7A00000
unkown
page read and write
C0003A8000
direct allocation
page read and write
C000378000
direct allocation
page read and write
B20000
unkown
page read and write
400000
unkown
page readonly
3010000
heap
page read and write
5687000
heap
page read and write
2598AF1D000
heap
page read and write
5743000
trusted library allocation
page read and write
23B1B200000
heap
page read and write
B20000
unkown
page read and write
7FF7C0856000
trusted library allocation
page read and write
8710000
unkown
page read and write
23B1B380000
direct allocation
page read and write
3021000
unkown
page read and write
8710000
unkown
page read and write
54C9000
trusted library allocation
page read and write
7FF7C0B70000
trusted library allocation
page read and write
544D000
trusted library allocation
page read and write
7FF7C07A0000
trusted library allocation
page read and write
5441000
trusted library allocation
page read and write
7FF70B9B2000
unkown
page write copy
C00019E000
direct allocation
page read and write
420000
heap
page read and write
110E000
stack
page read and write
BA0000
unkown
page readonly
3145000
trusted library allocation
page read and write
54E9000
trusted library allocation
page read and write
7FF7C0A60000
trusted library allocation
page read and write
2AA5000
trusted library allocation
page read and write
2C55000
trusted library allocation
page read and write
B20000
unkown
page read and write
8710000
unkown
page read and write
7FF530660000
unkown
page readonly
7FF7C07A2000
trusted library allocation
page read and write
88B0000
unkown
page read and write
545F000
trusted library allocation
page read and write
1C080410000
trusted library allocation
page read and write
4E4F000
stack
page read and write
B20000
unkown
page read and write
3177000
trusted library allocation
page read and write
20A7FC26000
heap
page execute and read and write
88B0000
unkown
page read and write
11C4000
heap
page read and write
88B0000
unkown
page read and write
31B6000
trusted library allocation
page read and write
C30000
unkown
page read and write
7FF7C0840000
trusted library allocation
page execute and read and write
2C20000
unkown
page read and write
7FF75F306000
unkown
page read and write
310F000
stack
page read and write
4F00000
trusted library allocation
page read and write
8380000
unkown
page read and write
5458000
trusted library allocation
page read and write
2FDC000
heap
page read and write
6100000
heap
page read and write
259A000
stack
page read and write
437A000
unkown
page read and write
5FE5000
heap
page read and write
54BF000
trusted library allocation
page read and write
88B0000
unkown
page read and write
83A0000
unkown
page read and write
3551000
heap
page read and write
2C7A000
trusted library allocation
page read and write
88B0000
unkown
page read and write
5590000
heap
page read and write
51F000
heap
page read and write
B20000
unkown
page read and write
2AC863BE000
heap
page read and write
90000
trusted library section
page read and write
B20000
unkown
page read and write
BA1000
unkown
page execute read
402000
unkown
page readonly
2FF1000
heap
page read and write
C000062000
direct allocation
page read and write
2C40000
unkown
page read and write
8790000
unkown
page read and write
7FF7C0790000
trusted library allocation
page read and write
1C0F46D3000
heap
page read and write
88B0000
unkown
page read and write
8900000
unkown
page read and write
4E80000
trusted library allocation
page read and write
7FF70B8C0000
unkown
page readonly
7FF530277000
unkown
page readonly
B20000
unkown
page read and write
29D2000
trusted library allocation
page read and write
5454000
trusted library allocation
page read and write
2598AF0C000
heap
page read and write
B20000
unkown
page read and write
7AEE000
stack
page read and write
B0F0000
unkown
page read and write
2CB2000
trusted library allocation
page read and write
29A8000
trusted library allocation
page read and write
323C000
trusted library allocation
page read and write
7FF75F3A3000
unkown
page write copy
4EAD000
trusted library allocation
page read and write
5E00000
trusted library allocation
page read and write
A48B000
unkown
page read and write
8710000
unkown
page read and write
7FF53058F000
unkown
page readonly
7FF70B94D000
unkown
page readonly
670000
heap
page read and write
8750000
unkown
page read and write
55F2000
heap
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
7FF530734000
unkown
page readonly
7FF7C0A60000
trusted library allocation
page read and write
170000
trusted library allocation
page execute and read and write
2FEF000
heap
page read and write
4E80000
trusted library allocation
page read and write
2989000
trusted library allocation
page read and write
315C000
trusted library allocation
page read and write
2AC87D60000
heap
page read and write
88B0000
unkown
page read and write
B40000
unkown
page read and write
7FE08000
trusted library allocation
page execute and read and write
C0000A0000
direct allocation
page read and write
8380000
unkown
page read and write
C0003DE000
direct allocation
page read and write
2AE7000
trusted library allocation
page read and write
344E000
stack
page read and write
2B10000
trusted library allocation
page read and write
7FF5305B2000
unkown
page readonly
1140000
heap
page read and write
FF5000
heap
page read and write
3238000
trusted library allocation
page read and write
56DF000
stack
page read and write
2FED000
heap
page read and write
B20000
unkown
page read and write
A47C000
unkown
page read and write
81C0000
unkown
page read and write
1C090001000
trusted library allocation
page read and write
2A65000
trusted library allocation
page read and write
314A000
trusted library allocation
page read and write
8380000
unkown
page read and write
B20000
unkown
page read and write
2AC97E61000
trusted library allocation
page read and write
B0C0000
unkown
page readonly
645000
heap
page read and write
835A000
stack
page read and write
4FC0000
trusted library allocation
page read and write
98191FE000
stack
page read and write
2ACA0695000
heap
page read and write
C0003D0000
direct allocation
page read and write
2C68000
trusted library allocation
page read and write
AAFE000
stack
page read and write
B20000
unkown
page read and write
2FEF000
heap
page read and write
20A00181000
heap
page read and write
88B0000
unkown
page read and write
8650000
unkown
page read and write
5599000
heap
page read and write
B20000
unkown
page read and write
522000
heap
page read and write
2FF4000
heap
page read and write
123D000
stack
page read and write
7FF7C0A80000
trusted library allocation
page read and write
C0003BE000
direct allocation
page read and write
8710000
unkown
page read and write
6280000
trusted library allocation
page read and write
7FF75F9E6000
unkown
page read and write
981B1FE000
stack
page read and write
2A7807D0000
heap
page read and write
3010000
heap
page read and write
81B0000
unkown
page read and write
4FC0000
trusted library allocation
page read and write
2B09000
trusted library allocation
page read and write
8380000
unkown
page read and write
144A000
heap
page read and write
7FF7C07B0000
trusted library allocation
page read and write
316A000
trusted library allocation
page read and write
7FF530980000
unkown
page readonly
7FF7C0AC0000
trusted library allocation
page read and write
3138000
trusted library allocation
page read and write
AB40000
unkown
page read and write
2C9D000
trusted library allocation
page read and write
29F3000
trusted library allocation
page read and write
313B000
trusted library allocation
page read and write
419000
unkown
page readonly
83A0000
unkown
page read and write
8380000
unkown
page read and write
6290000
trusted library allocation
page execute and read and write
F3183FE000
stack
page read and write
6EB000
heap
page read and write
557B000
trusted library allocation
page read and write
2D17000
trusted library allocation
page read and write
546A000
trusted library allocation
page read and write
BF0000
unkown
page read and write
1C080446000
trusted library allocation
page read and write
545B000
trusted library allocation
page read and write
2FEF000
heap
page read and write
FF54000
unkown
page read and write
7FF53029F000
unkown
page readonly
2A3C000
trusted library allocation
page read and write
605A000
heap
page read and write
2ACD000
trusted library allocation
page read and write
4EF0000
trusted library allocation
page read and write
31BB000
trusted library allocation
page read and write
2BF0000
unkown
page readonly
3110000
trusted library allocation
page read and write
B5B0000
unkown
page read and write
5DD0000
trusted library allocation
page read and write
8650000
unkown
page read and write
419000
unkown
page readonly
94B3000
unkown
page read and write
2C78000
trusted library allocation
page read and write
8710000
unkown
page read and write
C000184000
direct allocation
page read and write
4B7000
unkown
page readonly
7FF53080D000
unkown
page readonly
81C0000
unkown
page read and write
5E10000
trusted library allocation
page read and write
7FF530530000
unkown
page readonly
55F2000
heap
page read and write
20A77981000
trusted library allocation
page read and write
2FF5000
heap
page read and write
4400000
unkown
page read and write
1C0F5BC7000
heap
page read and write
88B0000
unkown
page read and write
6100000
heap
page read and write
863B000
stack
page read and write
B20000
unkown
page read and write
7FF530695000
unkown
page readonly
B9E6ECD000
stack
page read and write
5CA000
heap
page read and write
610000
heap
page read and write
2D0F000
trusted library allocation
page read and write
3158000
trusted library allocation
page read and write
8380000
unkown
page read and write
3178000
trusted library allocation
page read and write
1C0F240D000
heap
page read and write
2FF4000
heap
page read and write
C0003F2000
direct allocation
page read and write
4307000
unkown
page read and write
2FE5000
unkown
page read and write
B20000
unkown
page read and write
7FF5309F0000
unkown
page readonly
6DE000
heap
page execute and read and write
5FE7000
heap
page read and write
5AF000
heap
page read and write
2598C8F0000
heap
page read and write
5460000
trusted library allocation
page read and write
3000000
heap
page read and write
1C0F4721000
heap
page read and write
2598AF26000
heap
page read and write
2BAC000
trusted library allocation
page read and write
81D0000
unkown
page read and write
544A000
trusted library allocation
page read and write
FF0000
heap
page read and write
8380000
unkown
page read and write
B20000
unkown
page read and write
7FF75F96B000
unkown
page read and write
3118000
trusted library allocation
page read and write
2B65000
trusted library allocation
page read and write
55F0000
heap
page read and write
CC0000
unkown
page read and write
81C0000
unkown
page read and write
22B5D570000
heap
page read and write
598F000
stack
page read and write
2D13000
trusted library allocation
page read and write
318A000
trusted library allocation
page read and write
3158000
trusted library allocation
page read and write
20A67D2A000
trusted library allocation
page read and write
9818DFD000
stack
page read and write
88B0000
unkown
page read and write
ADD000
stack
page read and write
7FF530402000
unkown
page readonly
A92B000
stack
page read and write
D47A000
unkown
page read and write
88B0000
unkown
page read and write
4EF0000
trusted library allocation
page read and write
7FF53080A000
unkown
page readonly
95B9000
unkown
page read and write
2AC87E61000
trusted library allocation
page read and write
5AF1000
heap
page read and write
4C5000
unkown
page execute and write copy
20A00003000
trusted library allocation
page read and write
5445000
trusted library allocation
page read and write
88B0000
unkown
page read and write
6DB0000
unkown
page read and write
B20000
unkown
page read and write
11BE000
heap
page read and write
B20000
unkown
page read and write
7FF7C0B50000
trusted library allocation
page read and write
81C0000
unkown
page read and write
B5C0000
unkown
page readonly
88B0000
unkown
page read and write
5AF1000
heap
page read and write
2FE1000
heap
page read and write
2FEA000
unkown
page read and write
5990000
trusted library allocation
page read and write
137E000
heap
page read and write
300C000
unkown
page read and write
314A000
trusted library allocation
page read and write
566C000
heap
page read and write
8710000
unkown
page read and write
8710000
unkown
page read and write
5479000
trusted library allocation
page read and write
2270000
heap
page read and write
2AC863EA000
heap
page read and write
8380000
unkown
page read and write
8710000
unkown
page read and write
2FDC000
heap
page read and write
8380000
unkown
page read and write
2C80000
trusted library allocation
page read and write
315F000
trusted library allocation
page read and write
981ADFB000
stack
page read and write
C4000
trusted library allocation
page read and write
8380000
unkown
page read and write
24FF000
stack
page read and write
544F000
trusted library allocation
page read and write
981CFCD000
stack
page read and write
EE52000
unkown
page read and write
3002000
heap
page read and write
8380000
unkown
page read and write
7FF7C094E000
trusted library allocation
page read and write
65E000
stack
page read and write
5445000
trusted library allocation
page read and write
2ACA0816000
heap
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
11D9000
heap
page read and write
88B0000
unkown
page read and write
588F000
stack
page read and write
2EDB000
stack
page read and write
23FE000
stack
page read and write
5D2D000
stack
page read and write
3B6E000
stack
page read and write
7FF530712000
unkown
page readonly
2CFA000
trusted library allocation
page read and write
3155000
trusted library allocation
page read and write
3168000
trusted library allocation
page read and write
400000
unkown
page readonly
2210000
heap
page read and write
7FF5307CC000
unkown
page readonly
AF40000
unkown
page read and write
7FF4E0480000
trusted library allocation
page execute and read and write
C00001A000
direct allocation
page read and write
517000
heap
page read and write
2AFC000
trusted library allocation
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
D15B000
unkown
page read and write
1E7000
heap
page read and write
3158000
trusted library allocation
page read and write
8380000
unkown
page read and write
2C49000
trusted library allocation
page read and write
B20000
unkown
page read and write
BD0000
unkown
page readonly
73D0000
unkown
page read and write
81C0000
unkown
page read and write
2CF4000
trusted library allocation
page read and write
2C40000
unkown
page read and write
7FF7C09B0000
trusted library allocation
page read and write
AB40000
unkown
page read and write
3229000
trusted library allocation
page read and write
7FF5309DD000
unkown
page readonly
2FED000
heap
page read and write
8900000
unkown
page read and write
88B0000
unkown
page read and write
2C00000
unkown
page readonly
73D0000
unkown
page read and write
7FF53057E000
unkown
page readonly
20A69140000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
559000
heap
page read and write
20A6801A000
trusted library allocation
page read and write
5445000
trusted library allocation
page read and write
1831C4A4000
heap
page read and write
1C080424000
trusted library allocation
page read and write
2C3A000
trusted library allocation
page read and write
2A8A000
trusted library allocation
page read and write
94B1000
unkown
page read and write
88B0000
unkown
page read and write
5471000
trusted library allocation
page read and write
773A000
unkown
page read and write
23B1B244000
direct allocation
page read and write
5E70000
trusted library allocation
page read and write
5599000
heap
page read and write
B20000
unkown
page read and write
83A0000
unkown
page read and write
7FF7C07DC000
trusted library allocation
page execute and read and write
7FF70B8C1000
unkown
page execute read
7FF5304E6000
unkown
page readonly
8380000
unkown
page read and write
2281000
heap
page read and write
7FF5302A5000
unkown
page readonly
23B6062D000
direct allocation
page read and write
88B0000
unkown
page read and write
4CFD000
stack
page read and write
7FF7C0790000
trusted library allocation
page read and write
C0003E4000
direct allocation
page read and write
3B05000
trusted library allocation
page read and write
EB000
trusted library allocation
page execute and read and write
C000000000
direct allocation
page read and write
20A7FC50000
heap
page read and write
7FF5305D7000
unkown
page readonly
2FD1000
heap
page read and write
545F000
trusted library allocation
page read and write
20A690D1000
trusted library allocation
page read and write
4FC7000
trusted library allocation
page read and write
F316FFE000
stack
page read and write
11E8000
heap
page read and write
3348000
trusted library allocation
page read and write
323E000
trusted library allocation
page read and write
402000
unkown
page readonly
20A65ACF000
heap
page read and write
7FF5305F0000
unkown
page readonly
8380000
unkown
page read and write
3FE1000
unclassified section
page write copy
29B7000
trusted library allocation
page read and write
2A19000
trusted library allocation
page read and write
317D000
trusted library allocation
page read and write
7FF5302AA000
unkown
page readonly
2AC864D0000
trusted library allocation
page read and write
2FE9000
heap
page read and write
2A73000
trusted library allocation
page read and write
7FF7C09B0000
trusted library allocation
page execute and read and write
1C0F4742000
heap
page read and write
D0000
trusted library allocation
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
9E97000
unkown
page read and write
1C090019000
trusted library allocation
page read and write
7FF53033D000
unkown
page readonly
88B0000
unkown
page read and write
3006000
heap
page read and write
2A86000
trusted library allocation
page read and write
2728000
stack
page read and write
88B0000
unkown
page read and write
81C0000
unkown
page read and write
4F00000
trusted library allocation
page read and write
8380000
unkown
page read and write
2D2A000
trusted library allocation
page read and write
62B0000
heap
page read and write
26F84E70000
heap
page read and write
81C0000
unkown
page read and write
8380000
unkown
page read and write
308A000
unkown
page read and write
8380000
unkown
page read and write
5495000
trusted library allocation
page read and write
3D4C000
stack
page read and write
7FF7C09D0000
trusted library allocation
page read and write
18D000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
2A78084A000
heap
page read and write
B9E6E4E000
stack
page read and write
4E80000
trusted library allocation
page read and write
85B11FE000
stack
page read and write
B20000
unkown
page read and write
20A77C58000
trusted library allocation
page read and write
2FFB000
heap
page read and write
2FE3000
heap
page read and write
3217000
trusted library allocation
page read and write
5C3000
trusted library allocation
page read and write
55CC000
heap
page read and write
544A000
trusted library allocation
page read and write
88B0000
unkown
page read and write
3228000
trusted library allocation
page read and write
214F000
stack
page read and write
7A20000
unkown
page readonly
2A82000
trusted library allocation
page read and write
88C0000
unkown
page read and write
6CA000
heap
page read and write
20A67D90000
trusted library allocation
page read and write
D2AE000
unkown
page read and write
4E80000
trusted library allocation
page read and write
5668000
heap
page read and write
419000
unkown
page readonly
5D7000
heap
page read and write
7FF5307E8000
unkown
page readonly
7FF7C096B000
trusted library allocation
page read and write
A9F0000
unkown
page readonly
88B0000
unkown
page read and write
5BE000
heap
page read and write
2A8C000
trusted library allocation
page read and write
3138000
trusted library allocation
page read and write
B20000
unkown
page read and write
2A4F000
trusted library allocation
page read and write
81C0000
unkown
page read and write
A0000
trusted library allocation
page read and write
3010000
heap
page read and write
5481000
trusted library allocation
page read and write
20A000AB000
heap
page read and write
D899000
stack
page read and write
544D000
trusted library allocation
page read and write
9D34000
unkown
page read and write
981A9FB000
stack
page read and write
55F2000
heap
page read and write
8710000
unkown
page read and write
9CD6000
unkown
page read and write
54E1000
trusted library allocation
page read and write
8900000
unkown
page read and write
B20000
unkown
page read and write
4F40000
trusted library allocation
page read and write
4E84000
trusted library allocation
page read and write
39DD000
stack
page read and write
9E2B000
unkown
page read and write
3158000
trusted library allocation
page read and write
F3173FD000
stack
page read and write
971A000
unkown
page read and write
2B0E000
trusted library allocation
page read and write
318D000
trusted library allocation
page read and write
7FF75F312000
unkown
page read and write
7FF52FDCC000
unkown
page readonly
2D43000
trusted library allocation
page read and write
3221000
trusted library allocation
page read and write
354E000
stack
page read and write
88B0000
unkown
page read and write
7FF530475000
unkown
page readonly
7FF530849000
unkown
page readonly
7FF70B9B2000
unkown
page read and write
C00037E000
direct allocation
page read and write
5482000
trusted library allocation
page read and write
B20000
unkown
page read and write
2280000
heap
page read and write
7FF7C078D000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
6290000
trusted library allocation
page read and write
317F000
trusted library allocation
page read and write
5E80000
trusted library allocation
page read and write
81C0000
unkown
page read and write
7FF7C07CB000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
2F01000
remote allocation
page execute and read and write
544B000
trusted library allocation
page read and write
C00012C000
direct allocation
page read and write
2F60000
heap
page read and write
22B5D548000
heap
page read and write
FE007FF000
unkown
page read and write
3138000
trusted library allocation
page read and write
7FF530491000
unkown
page readonly
7FF530651000
unkown
page readonly
4EF0000
trusted library allocation
page read and write
3F50000
direct allocation
page read and write
1C080267000
trusted library allocation
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
B9E637E000
stack
page read and write
88B0000
unkown
page read and write
3050000
heap
page read and write
7FF7C0A70000
trusted library allocation
page read and write
2AE9000
trusted library allocation
page read and write
981A5FE000
stack
page read and write
1C0F23C9000
heap
page read and write
B20000
unkown
page read and write
EE4000
unkown
page read and write
CD000
trusted library allocation
page execute and read and write
670000
unclassified section
page read and write
8380000
unkown
page read and write
6083000
heap
page read and write
3035000
unkown
page read and write
81D0000
unkown
page read and write
3A81000
trusted library allocation
page read and write
6C2C000
stack
page read and write
7FF7C0A20000
trusted library allocation
page read and write
2AEF000
trusted library allocation
page read and write
566E000
heap
page read and write
2598AF27000
heap
page read and write
1C0F22B0000
heap
page read and write
7FF530897000
unkown
page readonly
65B73FC000
stack
page read and write
9817DFE000
stack
page read and write
7B30000
unkown
page readonly
B20000
unkown
page read and write
2A53000
trusted library allocation
page read and write
317F000
trusted library allocation
page read and write
55EC000
heap
page read and write
26E1000
unclassified section
page write copy
7FF7C0BD0000
trusted library allocation
page read and write
7FF7C0CD0000
trusted library allocation
page read and write
7FF5308F3000
unkown
page readonly
88B0000
unkown
page read and write
8380000
unkown
page read and write
85B0CFE000
stack
page read and write
5E70000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF5307A6000
unkown
page readonly
B20000
unkown
page read and write
55B3000
heap
page read and write
2F67000
heap
page read and write
5466000
trusted library allocation
page read and write
8380000
unkown
page read and write
3144000
trusted library allocation
page read and write
6F8D000
unkown
page read and write
3178000
trusted library allocation
page read and write
3011000
heap
page read and write
7FF530454000
unkown
page readonly
2FED000
heap
page read and write
2A78084B000
heap
page read and write
81C0000
unkown
page read and write
2A69000
trusted library allocation
page read and write
7FF7C0BF0000
trusted library allocation
page read and write
8900000
unkown
page read and write
8900000
unkown
page read and write
7FF75F9E6000
unkown
page write copy
7FF53099B000
unkown
page readonly
8380000
unkown
page read and write
81C0000
unkown
page read and write
20A65A98000
heap
page read and write
7FF530609000
unkown
page readonly
73D0000
unkown
page read and write
3229000
trusted library allocation
page read and write
4CE000
heap
page read and write
5E4E000
stack
page read and write
3168000
trusted library allocation
page read and write
36BF000
stack
page read and write
2A3E000
stack
page read and write
5470000
trusted library allocation
page read and write
CFA6000
unkown
page read and write
3450000
heap
page read and write
7FF7C0AE0000
trusted library allocation
page read and write
22B5D760000
heap
page read and write
2A780814000
heap
page read and write
20A674E0000
trusted library allocation
page read and write
3040000
heap
page read and write
313D000
trusted library allocation
page read and write
1290000
direct allocation
page read and write
E2000
trusted library allocation
page read and write
7FF7C08C0000
trusted library allocation
page execute and read and write
7FF530A05000
unkown
page readonly
51EE000
stack
page read and write
BA1000
unkown
page execute and write copy
B660000
unkown
page read and write
2A93000
trusted library allocation
page read and write
2D0D000
trusted library allocation
page read and write
E32F000
stack
page read and write
591F000
stack
page read and write
4F50000
trusted library allocation
page read and write
4E0E000
stack
page read and write
355D000
trusted library allocation
page read and write
7FF7C0920000
trusted library allocation
page read and write
2EA0000
unkown
page readonly
117000
heap
page read and write
4E9E000
trusted library allocation
page read and write
7FF530668000
unkown
page readonly
18E000
stack
page read and write
54BF000
trusted library allocation
page read and write
6290000
trusted library allocation
page read and write
7FF7C0A30000
trusted library allocation
page read and write
4EC0000
trusted library allocation
page read and write
23B605A4000
direct allocation
page read and write
7FF7C0CC0000
trusted library allocation
page read and write
7FF5307FE000
unkown
page readonly
2160000
heap
page read and write
6008000
heap
page read and write
8900000
unkown
page read and write
313E000
trusted library allocation
page read and write
81B0000
unkown
page read and write
2E80000
stack
page read and write
C0000
trusted library allocation
page read and write
23B1B240000
direct allocation
page read and write
62D0000
trusted library allocation
page read and write
405000
unkown
page readonly
5462000
trusted library allocation
page read and write
B20000
unkown
page read and write
2A7807B0000
heap
page read and write
7450000
unkown
page readonly
437D000
unkown
page read and write
81C0000
unkown
page read and write
65B77FF000
stack
page read and write
A460000
unkown
page read and write
22B5D540000
heap
page read and write
3000000
heap
page read and write
2B87000
trusted library allocation
page read and write
B20000
unkown
page read and write
8900000
unkown
page read and write
88B0000
unkown
page read and write
9730000
unkown
page read and write
2FED000
heap
page read and write
9E21000
unkown
page read and write
7FF7C0A80000
trusted library allocation
page read and write
3178000
trusted library allocation
page read and write
4E3D000
stack
page read and write
6D2D000
stack
page read and write
7FF530871000
unkown
page readonly
81C0000
unkown
page read and write
2B23000
trusted library allocation
page read and write
1C0F5B60000
heap
page read and write
2A780849000
heap
page read and write
88F000
stack
page read and write
81D0000
unkown
page read and write
2EB0000
unkown
page readonly
DAAE000
stack
page read and write
5668000
heap
page read and write
7250000
trusted library allocation
page read and write
5481000
trusted library allocation
page read and write
9486000
unkown
page read and write
533E000
stack
page read and write
88B0000
unkown
page read and write
2598C7F0000
heap
page read and write
B20000
unkown
page read and write
3165000
trusted library allocation
page read and write
7FF530905000
unkown
page readonly
88B0000
unkown
page read and write
C00015C000
direct allocation
page read and write
4B7000
unkown
page readonly
318A000
trusted library allocation
page read and write
B20000
unkown
page read and write
2BAE000
trusted library allocation
page read and write
3211000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF7C07B3000
trusted library allocation
page read and write
7FF7C0783000
trusted library allocation
page execute and read and write
81C0000
unkown
page read and write
C0000A5000
direct allocation
page read and write
318D000
trusted library allocation
page read and write
85B0FFD000
stack
page read and write
2AC86480000
heap
page read and write
1C0F46F0000
heap
page read and write
81D0000
unkown
page read and write
B20000
unkown
page read and write
83A0000
unkown
page read and write
B20000
unkown
page read and write
2A23000
trusted library allocation
page read and write
8710000
unkown
page read and write
957D000
unkown
page read and write
3563000
trusted library allocation
page read and write
314F000
trusted library allocation
page read and write
1C0F23A0000
heap
page read and write
7FF53065E000
unkown
page readonly
54AD000
trusted library allocation
page read and write
154F000
stack
page read and write
23D1000
heap
page read and write
500000
heap
page read and write
3070000
heap
page read and write
1C0F4830000
heap
page execute and read and write
5487000
trusted library allocation
page read and write
9E2D000
unkown
page read and write
88B0000
unkown
page read and write
2BA0000
trusted library allocation
page read and write
1C0F2360000
heap
page read and write
9A1F000
stack
page read and write
23B1B220000
heap
page read and write
120000
trusted library allocation
page read and write
1120000
direct allocation
page read and write
9B20000
unkown
page readonly
2FF6000
heap
page read and write
65B79FE000
stack
page read and write
81C0000
unkown
page read and write
B20000
unkown
page read and write
D155000
unkown
page read and write
2D30000
unkown
page readonly
AF30000
unkown
page read and write
32CE000
stack
page read and write
2987000
trusted library allocation
page read and write
B20000
unkown
page read and write
1F0000
heap
page read and write
9499000
unkown
page read and write
88B0000
unkown
page read and write
7FF7C0960000
trusted library allocation
page read and write
4EA6000
trusted library allocation
page read and write
1440000
heap
page read and write
7FF530408000
unkown
page readonly
4D3D000
stack
page read and write
385E000
stack
page read and write
7FF7C0830000
trusted library allocation
page read and write
7FF5308CC000
unkown
page readonly
C000305000
direct allocation
page read and write
88B0000
unkown
page read and write
38DE000
stack
page read and write
88B0000
unkown
page read and write
2FD2000
heap
page read and write
3010000
heap
page read and write
318F000
trusted library allocation
page read and write
2FE9000
heap
page read and write
2A7806D0000
heap
page read and write
43E3000
unkown
page read and write
7FF530514000
unkown
page readonly
2FEF000
heap
page read and write
7FF5303E8000
unkown
page readonly
659000
heap
page read and write
2ACA3240000
heap
page read and write
544D000
trusted library allocation
page read and write
81B0000
unkown
page read and write
2C40000
unkown
page read and write
5DE0000
trusted library allocation
page read and write
B20000
unkown
page read and write
45E000
stack
page read and write
B20000
unkown
page read and write
8380000
unkown
page read and write
140000
heap
page read and write
311F000
trusted library allocation
page read and write
2FDA000
heap
page read and write
83A0000
unkown
page read and write
9E3A000
unkown
page read and write
559B000
trusted library allocation
page read and write
7FF530665000
unkown
page readonly
55E5000
heap
page read and write
D63A000
unkown
page read and write
5464000
trusted library allocation
page read and write
3594000
trusted library allocation
page read and write
9495000
unkown
page read and write
D2B8000
unkown
page read and write
5AE0000
trusted library allocation
page read and write
2AC865B0000
heap
page read and write
B9E5EFE000
stack
page read and write
7FF5303DD000
unkown
page readonly
80000
heap
page read and write
9E8F000
unkown
page read and write
81C0000
unkown
page read and write
137E000
stack
page read and write
65B81FE000
stack
page read and write
85B12FE000
stack
page read and write
1C0F5880000
heap
page read and write
999F000
stack
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
B20000
unkown
page read and write
4EA1000
trusted library allocation
page read and write
7FF5309C3000
unkown
page readonly
D99A000
stack
page read and write
3A1D000
stack
page read and write
88B0000
unkown
page read and write
2598AE30000
heap
page read and write
D198000
unkown
page read and write
3190000
trusted library allocation
page read and write
4FC0000
trusted library allocation
page read and write
8360000
unkown
page readonly
5563000
trusted library allocation
page read and write
7FF53044A000
unkown
page readonly
65B85FE000
stack
page read and write
5E10000
trusted library allocation
page read and write
88B0000
unkown
page read and write
2598AF35000
heap
page read and write
2940000
remote allocation
page read and write
2ABE000
trusted library allocation
page read and write
6141000
heap
page read and write
2F30000
heap
page read and write
6100000
heap
page read and write
2B6B000
trusted library allocation
page read and write
88B0000
unkown
page read and write
4F3E000
stack
page read and write
8710000
unkown
page read and write
2250000
heap
page read and write
2A1B000
trusted library allocation
page read and write
7FF530A6E000
unkown
page readonly
400000
unkown
page readonly
B20000
unkown
page read and write
5544000
trusted library allocation
page read and write
8380000
unkown
page read and write
AF2D000
stack
page read and write
2598C9D0000
heap
page read and write
7FF7C0940000
trusted library allocation
page read and write
5FDF000
stack
page read and write
5458000
trusted library allocation
page read and write
7FF530A60000
unkown
page readonly
88B0000
unkown
page read and write
81C0000
unkown
page read and write
316F000
trusted library allocation
page read and write
2870000
heap
page read and write
8380000
unkown
page read and write
5E70000
trusted library allocation
page read and write
32B4000
trusted library allocation
page read and write
2ACB000
trusted library allocation
page read and write
4342000
unkown
page read and write
3FA1000
unclassified section
page execute read
8380000
unkown
page read and write
318A000
trusted library allocation
page read and write
5668000
heap
page read and write
C000146000
direct allocation
page read and write
7FF53066D000
unkown
page readonly
20A002F0000
heap
page read and write
6FEE000
stack
page read and write
9C000
stack
page read and write
601F000
stack
page read and write
878F000
stack
page read and write
7FF75F304000
unkown
page write copy
88B0000
unkown
page read and write
B20000
unkown
page read and write
313D000
trusted library allocation
page read and write
2598AD20000
heap
page read and write
2598C8C2000
heap
page read and write
C00005D000
direct allocation
page read and write
2738000
stack
page read and write
5BDE000
stack
page read and write
7FF7C0C60000
trusted library allocation
page read and write
8380000
unkown
page read and write
2B47000
trusted library allocation
page read and write
9B30000
unkown
page readonly
7FF53079E000
unkown
page readonly
7FF7C0C10000
trusted library allocation
page read and write
B20000
unkown
page read and write
976A000
unkown
page read and write
2593000
heap
page read and write
4FD0000
heap
page execute and read and write
8380000
unkown
page read and write
65B7BFE000
stack
page read and write
2F38000
heap
page read and write
EE02000
heap
page read and write
4C80000
unkown
page write copy
3155000
trusted library allocation
page read and write
2AC86550000
heap
page read and write
5521000
heap
page read and write
3001000
heap
page read and write
88B0000
unkown
page read and write
6F69000
unkown
page read and write
2FF1000
heap
page read and write
B20000
unkown
page read and write
5683000
heap
page read and write
133F000
stack
page read and write
C0002C8000
direct allocation
page read and write
6F7E000
unkown
page read and write
7FF53080F000
unkown
page readonly
2FE9000
heap
page read and write
5599000
heap
page read and write
FE008FF000
stack
page read and write
3168000
trusted library allocation
page read and write
311A000
trusted library allocation
page read and write
5DE0000
trusted library allocation
page read and write
323F000
trusted library allocation
page read and write
8380000
unkown
page read and write
7FF530884000
unkown
page readonly
7FF527C9F000
unkown
page readonly
7FF75F313000
unkown
page write copy
7FF530565000
unkown
page readonly
C000136000
direct allocation
page read and write
81C0000
unkown
page read and write
3168000
trusted library allocation
page read and write
20A00145000
heap
page read and write
548E000
trusted library allocation
page read and write
2A95000
trusted library allocation
page read and write
54C7000
trusted library allocation
page read and write
5A9E000
stack
page read and write
1C0F2600000
heap
page read and write
C000100000
direct allocation
page read and write
8380000
unkown
page read and write
41C000
unkown
page write copy
2FD5000
heap
page read and write
8380000
unkown
page read and write
2FD5000
heap
page read and write
8380000
unkown
page read and write
C0008EC000
direct allocation
page read and write
2A26000
trusted library allocation
page read and write
5456000
trusted library allocation
page read and write
546A000
trusted library allocation
page read and write
7460000
unkown
page read and write
2AD1000
trusted library allocation
page read and write
2AFE000
trusted library allocation
page read and write
B0000
trusted library allocation
page read and write
83A0000
unkown
page read and write
D360000
unkown
page read and write
7FF7C0860000
trusted library allocation
page execute and read and write
1C08066A000
trusted library allocation
page read and write
C0001C2000
direct allocation
page read and write
55E5000
heap
page read and write
4E92000
trusted library allocation
page read and write
8380000
unkown
page read and write
B9E5E7D000
stack
page read and write
88B0000
unkown
page read and write
2BB2000
trusted library allocation
page read and write
7FF7C07FC000
trusted library allocation
page execute and read and write
C0004DE000
direct allocation
page read and write
88C0000
unkown
page read and write
1C0F75C0000
heap
page read and write
13E000
stack
page read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
400000
unkown
page execute and read and write
2FED000
heap
page read and write
EE70000
unkown
page read and write
5668000
heap
page read and write
19D000
stack
page read and write
2A60000
trusted library allocation
page execute and read and write
9D2D000
unkown
page read and write
54A5000
trusted library allocation
page read and write
4430000
unkown
page read and write
3DBB000
stack
page read and write
70078000
unkown
page readonly
2CEE000
trusted library allocation
page read and write
7FF5302A1000
unkown
page readonly
5DE0000
trusted library allocation
page read and write
C00008D000
direct allocation
page read and write
2FEF000
heap
page read and write
7270000
unkown
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
5C9000
trusted library allocation
page execute and read and write
7FF7C0950000
trusted library allocation
page execute and read and write
B20000
unkown
page read and write
3218000
trusted library allocation
page read and write
5441000
trusted library allocation
page read and write
88B0000
unkown
page read and write
B20000
unkown
page read and write
301D000
heap
page read and write
7FF7C0D00000
trusted library allocation
page read and write
7FF530437000
unkown
page readonly
37AF000
stack
page read and write
8380000
unkown
page read and write
C000057000
direct allocation
page read and write
20A67D37000
trusted library allocation
page read and write
4BE000
stack
page read and write
20A678D0000
trusted library allocation
page read and write
B20000
unkown
page read and write
381E000
stack
page read and write
8380000
unkown
page read and write
2D11000
trusted library allocation
page read and write
81D0000
unkown
page read and write
5487000
trusted library allocation
page read and write
3147000
trusted library allocation
page read and write
420000
heap
page read and write
7FF530989000
unkown
page readonly
94B7000
unkown
page read and write
3010000
heap
page read and write
313D000
trusted library allocation
page read and write
3178000
trusted library allocation
page read and write
6FFD1000
unkown
page execute read
1290000
direct allocation
page read and write
3151000
trusted library allocation
page read and write
7FF7C0C4B000
trusted library allocation
page read and write
5CC000
trusted library allocation
page execute and read and write
544A000
trusted library allocation
page read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
81A0000
unkown
page read and write
314D000
trusted library allocation
page read and write
253C000
stack
page read and write
405000
unkown
page readonly
7FF7C09C0000
trusted library allocation
page read and write
6100000
heap
page read and write
80000
trusted library section
page read and write
952D000
unkown
page read and write
402000
unkown
page readonly
1C080438000
trusted library allocation
page read and write
4D31000
unkown
page read and write
3244000
trusted library allocation
page read and write
3128000
trusted library allocation
page read and write
7FF7C0980000
trusted library allocation
page read and write
7FF7C0A40000
trusted library allocation
page read and write
1C08043C000
trusted library allocation
page read and write
2AC87E50000
heap
page read and write
3144000
trusted library allocation
page read and write
35B4000
trusted library allocation
page read and write
7FF7C07C0000
trusted library allocation
page read and write
98181FE000
stack
page read and write
3150000
trusted library allocation
page read and write
7FF530536000
unkown
page readonly
D2A1000
unkown
page read and write
54BE000
trusted library allocation
page read and write
2C40000
unkown
page read and write
9E38000
unkown
page read and write
B20000
unkown
page read and write
81C0000
unkown
page read and write
70CE000
unkown
page read and write
B20000
unkown
page read and write
5448000
trusted library allocation
page read and write
7FF5308C1000
unkown
page readonly
5E70000
trusted library allocation
page read and write
8380000
unkown
page read and write
7689000
stack
page read and write
9E07000
unkown
page read and write
C000041000
direct allocation
page read and write
8710000
unkown
page read and write
595E000
stack
page read and write
8900000
unkown
page read and write
F3167FF000
stack
page read and write
2C99000
trusted library allocation
page read and write
2A78082A000
heap
page read and write
3037000
unkown
page read and write
981D40E000
stack
page read and write
65F000
heap
page read and write
7FF75F3AE000
unkown
page write copy
3328000
stack
page read and write
2AC86360000
heap
page read and write
FF5000
heap
page read and write
F317BFF000
stack
page read and write
C000166000
direct allocation
page read and write
1831C4A0000
heap
page read and write
3158000
trusted library allocation
page read and write
5460000
trusted library allocation
page read and write
127D000
stack
page read and write
7FF530A76000
unkown
page readonly
54BF000
trusted library allocation
page read and write
C0003EE000
direct allocation
page read and write
5650000
trusted library allocation
page read and write
8DE000
heap
page read and write
981E40C000
stack
page read and write
7FF5302B2000
unkown
page readonly
5476000
trusted library allocation
page read and write
81C0000
unkown
page read and write
29AE000
trusted library allocation
page read and write
5668000
heap
page read and write
B20000
unkown
page read and write
23B1B335000
direct allocation
page read and write
7FF7C0D10000
trusted library allocation
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
2D49000
trusted library allocation
page read and write
70040000
unkown
page readonly
5668000
heap
page read and write
7FF5307D0000
unkown
page readonly
2D3F000
trusted library allocation
page read and write
EE0A000
heap
page read and write
8380000
unkown
page read and write
8E7A000
stack
page read and write
81C0000
unkown
page read and write
7DF000
stack
page read and write
B20000
unkown
page read and write
3FE7000
unclassified section
page read and write
5467000
trusted library allocation
page read and write
5DE0000
remote allocation
page read and write
7FF70B8C0000
unkown
page readonly
2F4B000
heap
page read and write
33CE000
stack
page read and write
2598C9D9000
heap
page read and write
88C0000
unkown
page read and write
2A84000
trusted library allocation
page read and write
83A0000
unkown
page read and write
50D000
heap
page execute and read and write
88B0000
unkown
page read and write
7FF530944000
unkown
page readonly
20A7FB07000
heap
page read and write
5AE0000
trusted library allocation
page read and write
2B63000
trusted library allocation
page read and write
7FF53081D000
unkown
page readonly
B20000
unkown
page read and write
401000
unkown
page execute read
5AE7000
trusted library allocation
page read and write
2C4F000
trusted library allocation
page read and write
2AED000
trusted library allocation
page read and write
2FF6000
heap
page read and write
20A00056000
heap
page read and write
315F000
trusted library allocation
page read and write
547A000
trusted library allocation
page read and write
D2E5000
unkown
page read and write
2598AE00000
heap
page read and write
4FC0000
trusted library allocation
page read and write
9D56000
unkown
page read and write
87D6000
unkown
page read and write
313E000
trusted library allocation
page read and write
88B0000
unkown
page read and write
23B1B108000
heap
page read and write
81A0000
unkown
page read and write
88B0000
unkown
page read and write
7FF7C0931000
trusted library allocation
page read and write
544F000
trusted library allocation
page read and write
6290000
trusted library allocation
page read and write
7DF403BE0000
trusted library allocation
page execute and read and write
D2C8000
unkown
page read and write
8380000
unkown
page read and write
2A780845000
heap
page read and write
2FF7000
heap
page read and write
8380000
unkown
page read and write
2C40000
unkown
page read and write
C000274000
direct allocation
page read and write
7FDF0000
trusted library allocation
page execute and read and write
8380000
unkown
page read and write
8710000
unkown
page read and write
3140000
trusted library allocation
page read and write
7DF403BF0000
trusted library allocation
page execute and read and write
8900000
unkown
page read and write
C0003AE000
direct allocation
page read and write
54CA000
trusted library allocation
page read and write
8380000
unkown
page read and write
5458000
trusted library allocation
page read and write
7FF5307AC000
unkown
page readonly
85B0AFF000
stack
page read and write
400000
unkown
page readonly
7FF530433000
unkown
page readonly
31B9000
trusted library allocation
page read and write
C0005E2000
direct allocation
page read and write
D3B1000
unkown
page read and write
11F1000
heap
page read and write
3000000
heap
page read and write
2B03000
trusted library allocation
page read and write
3634000
trusted library allocation
page read and write
8650000
unkown
page read and write
13BA000
stack
page read and write
B9E59FE000
stack
page read and write
29B0000
trusted library allocation
page read and write
2C8F000
stack
page read and write
7FF7C0836000
trusted library allocation
page read and write
5540000
heap
page read and write
88B0000
unkown
page read and write
62C0000
trusted library allocation
page read and write
8690000
stack
page read and write
2C34000
trusted library allocation
page read and write
7FF530524000
unkown
page readonly
2ACA0800000
heap
page read and write
2FFA000
heap
page read and write
2CF0000
trusted library allocation
page read and write
3119000
trusted library allocation
page read and write
CFA0000
unkown
page read and write
2AEA000
trusted library allocation
page read and write
23B607A0000
direct allocation
page read and write
1831C12A000
heap
page read and write
2AE7000
trusted library allocation
page read and write
AE20000
unkown
page read and write
7FF75F310000
unkown
page read and write
5495000
trusted library allocation
page read and write
7BF000
stack
page read and write
4420000
unkown
page read and write
73C1000
unkown
page read and write
8380000
unkown
page read and write
4FC0000
trusted library allocation
page read and write
7FF7C0920000
trusted library allocation
page read and write
2D2C000
trusted library allocation
page read and write
C0001A6000
direct allocation
page read and write
7FF7C0A50000
trusted library allocation
page read and write
1C08008E000
trusted library allocation
page read and write
3228000
trusted library allocation
page read and write
7FF7C0AB0000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7AF0000
unkown
page readonly
2CA1000
trusted library allocation
page read and write
545F000
trusted library allocation
page read and write
569000
heap
page read and write
3145000
trusted library allocation
page read and write
8380000
unkown
page read and write
11E9000
heap
page read and write
363C000
trusted library allocation
page read and write
8710000
unkown
page read and write
88B0000
unkown
page read and write
7FF530A7B000
unkown
page readonly
548D000
trusted library allocation
page read and write
6280000
trusted library allocation
page read and write
5445000
trusted library allocation
page read and write
8710000
unkown
page read and write
88B0000
unkown
page read and write
432A000
trusted library allocation
page read and write
8380000
unkown
page read and write
8380000
unkown
page read and write
7FF5307EF000
unkown
page readonly
C0002B2000
direct allocation
page read and write
55E5000
heap
page read and write
8650000
unkown
page read and write
7FF53090B000
unkown
page readonly
B20000
unkown
page read and write
14EE000
stack
page read and write
6A4435B000
stack
page read and write
8900000
unkown
page read and write
2AC86462000
heap
page read and write
B20000
unkown
page read and write
5A0000
heap
page read and write
88B0000
unkown
page read and write
3007000
heap
page read and write
81C0000
unkown
page read and write
5668000
heap
page read and write
20A7FA8E000
heap
page read and write
7FF5309FB000
unkown
page readonly
88B0000
unkown
page read and write
5668000
heap
page read and write
958F000
unkown
page read and write
4E84000
trusted library allocation
page read and write
85B13FB000
stack
page read and write
B20000
unkown
page read and write
7FF5307A1000
unkown
page readonly
134F000
heap
page read and write
5C6000
trusted library allocation
page execute and read and write
5E20000
trusted library allocation
page read and write
1110000
direct allocation
page read and write
3155000
trusted library allocation
page read and write
3010000
heap
page read and write
5498000
trusted library allocation
page read and write
5486000
trusted library allocation
page read and write
20A77991000
trusted library allocation
page read and write
2AC87DE0000
heap
page execute and read and write
C0000AC000
direct allocation
page read and write
B20000
unkown
page read and write
D18F000
unkown
page read and write
2A78084B000
heap
page read and write
5591000
heap
page read and write
7FF5304E9000
unkown
page readonly
3177000
trusted library allocation
page read and write
73D0000
unkown
page read and write
314A000
trusted library allocation
page read and write
7717000
stack
page read and write
9A9F000
stack
page read and write
7FF5309D1000
unkown
page readonly
81A0000
unkown
page read and write
5E70000
trusted library allocation
page read and write
7FF75F3A5000
unkown
page read and write
B0BA000
stack
page read and write
B150000
unkown
page read and write
88B0000
unkown
page read and write
C0002DC000
direct allocation
page read and write
8380000
unkown
page read and write
8380000
unkown
page read and write
7FF530815000
unkown
page readonly
F317FFE000
stack
page read and write
3115000
trusted library allocation
page read and write
8380000
unkown
page read and write
8380000
unkown
page read and write
7FF7C0B00000
trusted library allocation
page read and write
88C0000
unkown
page read and write
5DE0000
trusted library allocation
page read and write
3033000
unkown
page read and write
2AC86380000
heap
page read and write
7FF530985000
unkown
page readonly
3B0F000
stack
page read and write
9D16000
unkown
page read and write
22B5D4A0000
heap
page read and write
8710000
unkown
page read and write
3158000
trusted library allocation
page read and write
118B000
heap
page read and write
29C7000
trusted library allocation
page read and write
B20000
unkown
page read and write
851F000
stack
page read and write
7FF7C0AA0000
trusted library allocation
page read and write
29FA000
trusted library allocation
page read and write
5AC9000
stack
page read and write
7FF53088E000
unkown
page readonly
23B1B100000
heap
page read and write
2598C8F1000
heap
page read and write
7FF5306FE000
unkown
page readonly
19C000
trusted library allocation
page execute and read and write
4E80000
trusted library allocation
page read and write
7FF530935000
unkown
page readonly
278E000
stack
page read and write
20A67D1B000
trusted library allocation
page read and write
81C0000
unkown
page read and write
4F0000
heap
page read and write
4B7000
unkown
page readonly
83A0000
unkown
page read and write
2B7E000
trusted library allocation
page read and write
2B0A000
trusted library allocation
page read and write
3145000
trusted library allocation
page read and write
B20000
unkown
page read and write
2940000
remote allocation
page read and write
7FF5309FD000
unkown
page readonly
7FF7C0B60000
trusted library allocation
page read and write
B20000
unkown
page read and write
7FF7C0AF3000
trusted library allocation
page read and write
5E70000
trusted library allocation
page read and write
7FF7C0C90000
trusted library allocation
page execute and read and write
7FF70B94D000
unkown
page readonly
4E60000
trusted library allocation
page read and write
3188000
trusted library allocation
page read and write
6A6E000
stack
page read and write
273D000
stack
page read and write
88B0000
unkown
page read and write
B20000
unkown
page read and write
55D2000
heap
page read and write
7FF75F304000
unkown
page read and write
2AC86555000
heap
page read and write
8380000
unkown
page read and write
B20000
unkown
page read and write
23B1B30D000
direct allocation
page read and write
55EC000
heap
page read and write
7FF75F94D000
unkown
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
7FF75F9E7000
unkown
page write copy
5458000
trusted library allocation
page read and write
54A8000
trusted library allocation
page read and write
3098000
unkown
page read and write
8380000
unkown
page read and write
20A77C5A000
trusted library allocation
page read and write
3218000
trusted library allocation
page read and write
3010000
heap
page read and write
B20000
unkown
page read and write
2FF5000
heap
page read and write
88B0000
unkown
page read and write
3146000
trusted library allocation
page read and write
88B0000
unkown
page read and write
8900000
unkown
page read and write
7FF53094D000
unkown
page readonly
C000002000
direct allocation
page read and write
54A1000
trusted library allocation
page read and write
B20000
unkown
page read and write
81C0000
unkown
page read and write
81A0000
unkown
page read and write
85B0DFE000
stack
page read and write
81C0000
unkown
page read and write
2FED000
heap
page read and write
3EBE000
stack
page read and write
81C0000
unkown
page read and write
81C0000
unkown
page read and write
88B0000
unkown
page read and write
7FF7C0B28000
trusted library allocation
page read and write
20A77C45000
trusted library allocation
page read and write
81C0000
unkown
page read and write
1C0F21B0000
heap
page read and write
5445000
trusted library allocation
page read and write
9E9E000
unkown
page read and write
B20000
unkown
page read and write
7FF75EE70000
unkown
page readonly
7FF7C079B000
trusted library allocation
page read and write
20A7FB6B000
heap
page read and write
20A67D3B000
trusted library allocation
page read and write
C4000
trusted library allocation
page read and write
88B0000
unkown
page read and write
15EF000
stack
page read and write
2A17000
trusted library allocation
page read and write
680000
direct allocation
page read and write
258E000
stack
page read and write
23B60621000
direct allocation
page read and write
2C32000
trusted library allocation
page read and write
7FF5304B8000
unkown
page readonly
C00013C000
direct allocation
page read and write
C00011E000
direct allocation
page read and write
5668000
heap
page read and write
606C000
heap
page read and write
8710000
unkown
page read and write
2C20000
unkown
page read and write
43FC000
unkown
page read and write
7FF530440000
unkown
page readonly
3000000
heap
page read and write
7FF7C0BE2000
trusted library allocation
page read and write
22B5D4D0000
heap
page read and write
2FFB000
heap
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
5470000
trusted library allocation
page read and write
40B000
unkown
page execute read
2C2F000
trusted library allocation
page read and write
8710000
unkown
page read and write
B620000
unkown
page read and write
22B5D5A5000
heap
page read and write
7690000
unkown
page read and write
286C000
stack
page read and write
5DE0000
remote allocation
page read and write
7FF7C0970000
trusted library allocation
page execute and read and write
314A000
trusted library allocation
page read and write
54B8000
trusted library allocation
page read and write
B9E60F8000
stack
page read and write
7FF5305CF000
unkown
page readonly
298B000
trusted library allocation
page read and write
C000052000
direct allocation
page read and write
318D000
trusted library allocation
page read and write
5445000
trusted library allocation
page read and write
EE6000
unkown
page execute and read and write
AA7D000
stack
page read and write
78D0000
unkown
page readonly
94B5000
unkown
page read and write
23B6062F000
direct allocation
page read and write
5441000
trusted library allocation
page read and write
23B60741000
direct allocation
page read and write
88B0000
unkown
page read and write
7FF5303E0000
unkown
page readonly
3168000
trusted library allocation
page read and write
28F1000
trusted library allocation
page read and write
4FBE000
stack
page read and write
561B000
trusted library allocation
page read and write
3249000
trusted library allocation
page read and write
2CBA000
trusted library allocation
page read and write
3A85000
trusted library allocation
page read and write
C0002D2000
direct allocation
page read and write
B20000
unkown
page read and write
5470000
trusted library allocation
page read and write
2ADF000
trusted library allocation
page read and write
88B0000
unkown
page read and write
5488000
trusted library allocation
page read and write
379E000
stack
page read and write
659000
heap
page read and write
52EF000
stack
page read and write
4396000
unkown
page read and write
5476000
trusted library allocation
page read and write
3158000
trusted library allocation
page read and write
20A77C53000
trusted library allocation
page read and write
C000296000
direct allocation
page read and write
81C0000
unkown
page read and write
B20000
unkown
page read and write
3011000
heap
page read and write
269F000
stack
page read and write
8900000
unkown
page read and write
8710000
unkown
page read and write
7FF53082E000
unkown
page readonly
1447000
heap
page read and write
7FF530A48000
unkown
page readonly
1C0F3CB0000
heap
page execute and read and write
7FF53060D000
unkown
page readonly
23B1B248000
direct allocation
page read and write
22B5D880000
heap
page read and write
5D5000
heap
page read and write
2D2E000
trusted library allocation
page read and write
88B0000
unkown
page read and write
5440000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
AE7D000
unkown
page read and write
4C0000
heap
page read and write
5DE0000
trusted library allocation
page read and write
26F84E80000
heap
page read and write
20A67961000
trusted library allocation
page read and write
55E5000
heap
page read and write
C0001DA000
direct allocation
page read and write
83A0000
unkown
page read and write
3D0F000
stack
page read and write
543E000
stack
page read and write
3155000
trusted library allocation
page read and write
7FF530511000
unkown
page readonly
641D000
stack
page read and write
350E000
stack
page read and write
313B000
trusted library allocation
page read and write
20A7FB17000
heap
page read and write
88B0000
unkown
page read and write
55EC000
heap
page read and write
88B0000
unkown
page read and write
2B06000
trusted library allocation
page read and write
26A1000
unclassified section
page execute read
55F2000
heap
page read and write
3138000
trusted library allocation
page read and write
7FF530447000
unkown
page readonly
1C0F2100000
unkown
page readonly
C0001B4000
direct allocation
page read and write
20A65A90000
heap
page read and write
20A67585000
heap
page read and write
2B3E000
trusted library allocation
page read and write
3031000
unkown
page read and write
C000028000
direct allocation
page read and write
2598AF14000
heap
page read and write
3F4D000
stack
page read and write
625C000
stack
page read and write
991E000
stack
page read and write
60000
direct allocation
page execute and read and write
5AD0000
trusted library allocation
page read and write
7FF7C0B14000
trusted library allocation
page read and write
7FF75F38D000
unkown
page read and write
2C64000
trusted library allocation
page read and write
605D000
stack
page read and write
2FD5000
heap
page read and write
5481000
trusted library allocation
page read and write
981CBCE000
stack
page read and write
5623000
trusted library allocation
page read and write
C000086000
direct allocation
page read and write
2CEC000
trusted library allocation
page read and write
2AC97E67000
trusted library allocation
page read and write
7DF44D861000
unkown
page execute read
2C17000
trusted library allocation
page read and write
8380000
unkown
page read and write
29AC000
trusted library allocation
page read and write
7FF75F38E000
unkown
page write copy
7FF7C078D000
trusted library allocation
page execute and read and write
7FF52FDD7000
unkown
page readonly
4E40000
remote allocation
page read and write
FD0000
heap
page read and write
85B09FF000
stack
page read and write
3018000
unkown
page read and write
5DE0000
trusted library allocation
page read and write
2DAC000
trusted library allocation
page read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
3251000
trusted library allocation
page read and write
D1B6000
unkown
page read and write
B9E6F0E000
stack
page read and write
2ABC000
trusted library allocation
page read and write
29D8000
stack
page read and write
700A0000
unkown
page readonly
2590000
heap
page read and write
2860000
heap
page execute and read and write
90000
trusted library section
page read and write
B20000
unkown
page read and write
23B1B010000
heap
page read and write
88B0000
unkown
page read and write
29ED000
trusted library allocation
page read and write
88B0000
unkown
page read and write
2A21000
trusted library allocation
page read and write
1C0F4640000
heap
page read and write
8710000
unkown
page read and write
7FF5309A1000
unkown
page readonly
5990000
trusted library allocation
page read and write
9CC2000
unkown
page read and write
7FF5309D5000
unkown
page readonly
1831C145000
heap
page read and write
B20000
unkown
page read and write
C000066000
direct allocation
page read and write
2AC863BB000
heap
page read and write
7FF530687000
unkown
page readonly
5497000
trusted library allocation
page read and write
5687000
heap
page read and write
7FF530486000
unkown
page readonly
7FF7C0793000
trusted library allocation
page read and write
7FF52FD2D000
unkown
page readonly
401000
unkown
page execute read
35B0000
heap
page read and write
2D0B000
trusted library allocation
page read and write
81C0000
unkown
page read and write
1C080396000
trusted library allocation
page read and write
7FF5304E3000
unkown
page readonly
D2ED000
unkown
page read and write
37BF000
stack
page read and write
402000
unkown
page readonly
81C0000
unkown
page read and write
8460000
unkown
page readonly
2C40000
unkown
page read and write
2CB8000
trusted library allocation
page read and write
5560000
heap
page read and write
2C40000
unkown
page read and write
6081000
heap
page read and write
3155000
trusted library allocation
page read and write
6074000
heap
page read and write
88B0000
unkown
page read and write
2C40000
unkown
page read and write
2FED000
heap
page read and write
670000
direct allocation
page execute and read and write
548E000
trusted library allocation
page read and write
5DE6000
trusted library allocation
page read and write
9B1E000
stack
page read and write
88B0000
unkown
page read and write
947B000
unkown
page read and write
2FD6000
heap
page read and write
60C1000
heap
page read and write
B20000
unkown
page read and write
3178000
trusted library allocation
page read and write
12F0000
heap
page read and write
2B80000
trusted library allocation
page read and write
11C2000
heap
page read and write
3168000
trusted library allocation
page read and write
8900000
unkown
page read and write
23B60750000
direct allocation
page read and write
3B3E000
trusted library allocation
page read and write
568000
heap
page read and write
7FF7C0A12000
trusted library allocation
page read and write
7FF7C0783000
trusted library allocation
page execute and read and write
7FF70B9B2000
unkown
page read and write
5613000
trusted library allocation
page read and write
5B5000
heap
page read and write
BA0000
unkown
page readonly
2B13000
trusted library allocation
page read and write
20A69144000
trusted library allocation
page read and write
C0001BB000
direct allocation
page read and write
51A000
heap
page read and write
8750000
unkown
page read and write
1C0F5F82000
trusted library allocation
page read and write
6D85000
stack
page read and write
20A7F965000
heap
page read and write
C0005DE000
direct allocation
page read and write
54CB000
trusted library allocation
page read and write
3115000
trusted library allocation
page read and write
2C40000
unkown
page read and write
2A06000
trusted library allocation
page read and write
1C0F2102000
unkown
page readonly
C000158000
direct allocation
page read and write
8CF9000
stack
page read and write
8BE000
stack
page read and write
88B0000
unkown
page read and write
C000156000
direct allocation
page read and write
2ACA1970000
heap
page read and write
3118000
trusted library allocation
page read and write
81B0000
unkown
page read and write
3138000
trusted library allocation
page read and write
88B0000
unkown
page read and write
8380000
unkown
page read and write
5E10000
trusted library allocation
page read and write
7FF5305F6000
unkown
page readonly
2C7E000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF5304A2000
unkown
page readonly
70030000
unkown
page readonly
314A000
trusted library allocation
page read and write
2F62000
heap
page read and write
B20000
unkown
page read and write
313A000
trusted library allocation
page read and write
7FF530917000
unkown
page readonly
2AC86340000
heap
page read and write
1C080922000
trusted library allocation
page read and write
1C0F5BF8000
heap
page read and write
2FE6000
heap
page read and write
2FDC000
heap
page read and write
7001B000
unkown
page read and write
3187000
trusted library allocation
page read and write
5668000
heap
page read and write
88B0000
unkown
page read and write
81C0000
unkown
page read and write
88B0000
unkown
page read and write
660000
direct allocation
page read and write
88B0000
unkown
page read and write
7FF7C0B30000
trusted library allocation
page read and write
2F86000
heap
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
88B0000
unkown
page read and write
947E000
unkown
page read and write
FED3000
unkown
page read and write
2FDF000
heap
page read and write
2FF8000
heap
page read and write
948A000
unkown
page read and write
1C0F239B000
heap
page read and write
C000284000
direct allocation
page read and write
2AF3000
trusted library allocation
page read and write
8380000
unkown
page read and write
6CE000
heap
page read and write
2980000
heap
page read and write
88B0000
unkown
page read and write
8710000
unkown
page read and write
400000
unkown
page readonly
C00005B000
direct allocation
page read and write
7FF7C0B19000
trusted library allocation
page read and write
135C000
heap
page read and write
B9E59B2000
stack
page read and write
2C1D000
trusted library allocation
page read and write
2A67000
trusted library allocation
page read and write
2FD5000
heap
page read and write
7FF7C0B10000
trusted library allocation
page read and write
20A68B86000
trusted library allocation
page read and write
8750000
unkown
page read and write
2FD5000
heap
page read and write
B20000
unkown
page read and write
114A000
heap
page read and write
2A3A000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF530873000
unkown
page readonly
4FC0000
trusted library allocation
page read and write
20A7FD70000
heap
page execute and read and write
3151000
trusted library allocation
page read and write
5597000
heap
page read and write
20A779CA000
trusted library allocation
page read and write
5FE0000
heap
page read and write
36CC000
trusted library allocation
page read and write
88B0000
unkown
page read and write
34C0000
heap
page read and write
218E000
stack
page read and write
3175000
trusted library allocation
page read and write
2BB4000
trusted library allocation
page read and write
55E5000
heap
page read and write
81C0000
unkown
page read and write
65F000
heap
page read and write
F3187FE000
stack
page read and write
661000
heap
page read and write
3FF1000
unclassified section
page readonly
20A65D10000
trusted library allocation
page read and write
8900000
unkown
page read and write
4C5000
unkown
page execute and write copy
11B3000
heap
page read and write
5486000
trusted library allocation
page read and write
2FF2000
heap
page read and write
43C5000
unkown
page read and write
2ACA3254000
heap
page read and write
7FF530676000
unkown
page readonly
5476000
trusted library allocation
page read and write
41C000
unkown
page write copy
3155000
trusted library allocation
page read and write
143E000
stack
page read and write
13A6000
heap
page read and write
2A0D000
trusted library allocation
page read and write
7DF44D8A1000
unkown
page execute read
3011000
heap
page read and write
2AC863A5000
heap
page read and write
314F000
trusted library allocation
page read and write
8710000
unkown
page read and write
5E20000
trusted library allocation
page read and write
52DA1FF000
stack
page read and write
120000
trusted library allocation
page read and write
79C1000
unkown
page read and write
8380000
unkown
page read and write
FD0000
heap
page read and write
305D000
unkown
page read and write
20A65C70000
heap
page read and write
55EC000
trusted library allocation
page read and write
315C000
trusted library allocation
page read and write
2FF8000
heap
page read and write
4ED0000
trusted library allocation
page read and write
88B0000
unkown
page read and write
C00003D000
direct allocation
page read and write
54B9000
trusted library allocation
page read and write
2AC87D80000
heap
page read and write
CFF4000
unkown
page read and write
3000000
heap
page read and write
5441000
trusted library allocation
page read and write
8710000
unkown
page read and write
B20000
unkown
page read and write
2A780820000
heap
page read and write
81C0000
unkown
page read and write
88B0000
unkown
page read and write
2EB0000
remote allocation
page execute and read and write
98189FA000
stack
page read and write
2598C7F1000
heap
page read and write
9CA0000
unkown
page read and write
20A65AD7000
heap
page read and write
7FF75F3AC000
unkown
page read and write
957F000
unkown
page read and write
29E0000
trusted library allocation
page read and write
2AF1000
trusted library allocation
page read and write
2FF7000
heap
page read and write
8380000
unkown
page read and write
7FF5309B9000
unkown
page readonly
28FE000
stack
page read and write
81C0000
unkown
page read and write
C0002C0000
direct allocation
page read and write
81A0000
unkown
page read and write
B20000
unkown
page read and write
23B1B346000
direct allocation
page read and write
7FF53046F000
unkown
page readonly
D544000
unkown
page read and write
23B1B338000
direct allocation
page read and write
B20000
unkown
page read and write
302D000
unkown
page read and write
67AF000
stack
page read and write
1280000
direct allocation
page read and write
B20000
unkown
page read and write
1168000
heap
page read and write
B20000
unkown
page read and write
20A65D00000
trusted library section
page read and write
88B0000
unkown
page read and write
B40000
unkown
page read and write
7FF530A0E000
unkown
page readonly
88B0000
unkown
page read and write
C0002A5000
direct allocation
page read and write
B20000
unkown
page read and write
1C0F5B8A000
heap
page read and write
81C0000
unkown
page read and write
2598C7E0000
heap
page read and write
1C0F2381000
heap
page read and write
7FF530417000
unkown
page readonly
7FF7C0AC0000
trusted library allocation
page read and write
8710000
unkown
page read and write
653000
heap
page read and write
70EE000
stack
page read and write
8710000
unkown
page read and write
88B0000
unkown
page read and write
1C0F7626000
heap
page read and write
23BF000
stack
page read and write
7FF53089D000
unkown
page readonly
7FF7C0B67000
trusted library allocation
page read and write
1362000
heap
page read and write
88B0000
unkown
page read and write
7FF53053A000
unkown
page readonly
2AC4000
trusted library allocation
page read and write
2FFA000
heap
page read and write
2B4A000
trusted library allocation
page read and write
7008C000
unkown
page write copy
2FA0000
unkown
page read and write
88B0000
unkown
page read and write
7FF7C0B30000
trusted library allocation
page read and write
B20000
unkown
page read and write
318A000
trusted library allocation
page read and write
3239000
trusted library allocation
page read and write
FB000
trusted library allocation
page execute and read and write
2FED000
heap
page read and write
7FF7C09A0000
trusted library allocation
page read and write
2B8F000
stack
page read and write
11B3000
heap
page read and write
2996000
trusted library allocation
page read and write
6FFD0000
unkown
page readonly
3155000
trusted library allocation
page read and write
3119000
trusted library allocation
page read and write
9581000
unkown
page read and write
C000132000
direct allocation
page read and write
B20000
unkown
page read and write
7FF7C0940000
trusted library allocation
page execute and read and write
23B1B390000
heap
page read and write
C3000
trusted library allocation
page execute and read and write
2C40000
unkown
page read and write
1110000
direct allocation
page read and write
2FED000
heap
page read and write
23B606F0000
direct allocation
page read and write
6280000
trusted library allocation
page read and write
EE3000
unkown
page readonly
5458000
trusted library allocation
page read and write
5482000
trusted library allocation
page read and write
2F86000
heap
page read and write
29E6000
trusted library allocation
page read and write
CFB0000
unkown
page read and write
B20000
unkown
page read and write
C000162000
direct allocation
page read and write
88B0000
unkown
page read and write
7FF5305BB000
unkown
page readonly
7609000
stack
page read and write
7FF5304E0000
unkown
page readonly
318F000
trusted library allocation
page read and write
7FF70B8C1000
unkown
page execute read
2A6B000
trusted library allocation
page read and write
23B1B2C1000
direct allocation
page read and write
2AE1000
trusted library allocation
page read and write
1831C330000
heap
page read and write
BA6000
unkown
page execute and write copy
94CA000
unkown
page read and write
B20000
unkown
page read and write
4CA000
heap
page read and write
88B0000
unkown
page read and write
FF1B000
unkown
page read and write
5674000
heap
page read and write
391F000
trusted library allocation
page read and write
617E000
heap
page read and write
7FF7C0A90000
trusted library allocation
page read and write
29B2000
trusted library allocation
page read and write
2FFB000
heap
page read and write
55E5000
heap
page read and write
B20000
unkown
page read and write
2A780920000
heap
page read and write
5486000
trusted library allocation
page read and write
B3000
trusted library allocation
page execute and read and write
3144000
trusted library allocation
page read and write
8380000
unkown
page read and write
2CCB000
trusted library allocation
page read and write
130000
trusted library allocation
page read and write
676E000
stack
page read and write
88B0000
unkown
page read and write
67D000
heap
page read and write
A4D3000
unkown
page read and write
6186000
heap
page read and write
C0003E2000
direct allocation
page read and write
313E000
trusted library allocation
page read and write
7FF7C0866000
trusted library allocation
page execute and read and write
546A000
trusted library allocation
page read and write
3239000
trusted library allocation
page read and write
2CBC000
trusted library allocation
page read and write
8380000
unkown
page read and write
7FF7C0AF0000
trusted library allocation
page read and write
C00004D000
direct allocation
page read and write
7FF5308C5000
unkown
page readonly
400000
unkown
page execute and read and write
8710000
unkown
page read and write
2AD7000
trusted library allocation
page read and write
4C6000
unkown
page execute and write copy
81C0000
unkown
page read and write
515000
heap
page read and write
400000
unkown
page readonly
94A3000
unkown
page read and write
544A000
trusted library allocation
page read and write
8380000
unkown
page read and write
B20000
unkown
page read and write
2598AF2B000
heap
page read and write
70C9000
unkown
page read and write
88B0000
unkown
page read and write
94DC000
unkown
page read and write
402000
unkown
page readonly
3173000
trusted library allocation
page read and write
2AC87DD0000
heap
page execute and read and write
21BE000
stack
page read and write
D432000
unkown
page read and write
1C0F5B6C000
heap
page read and write
3138000
trusted library allocation
page read and write
73D0000
unkown
page read and write
7FF70B9B2000
unkown
page write copy
20A65D35000
heap
page read and write
6078000
heap
page read and write
4A0000
heap
page read and write
7FF70B8C0000
unkown
page readonly
C44A2FD000
stack
page read and write
52D9DBB000
stack
page read and write
8380000
unkown
page read and write
DDA9000
stack
page read and write
B20000
unkown
page read and write
BD000
trusted library allocation
page execute and read and write
2FF8000
heap
page read and write
9003000
unkown
page read and write
3140000
trusted library allocation
page read and write
8D00000
unkown
page read and write
8710000
unkown
page read and write
7FF7C0B80000
trusted library allocation
page read and write
2FF1000
heap
page read and write
7B10000
unkown
page readonly
7FF7C0962000
trusted library allocation
page read and write
20A0004C000
heap
page read and write
315C000
trusted library allocation
page read and write
5441000
trusted library allocation
page read and write
6F94000
unkown
page read and write
8710000
unkown
page read and write
55EC000
heap
page read and write
98195FE000
stack
page read and write
5668000
heap
page read and write
2D15000
trusted library allocation
page read and write
4328000
unkown
page read and write
7FF75F9DE000
unkown
page read and write
28A8000
trusted library allocation
page read and write
B20000
unkown
page read and write
319B000
trusted library allocation
page read and write
5445000
trusted library allocation
page read and write
7FF530290000
unkown
page readonly
2A6D000
trusted library allocation
page read and write
544A000
trusted library allocation
page read and write
7FF5309D7000
unkown
page readonly
3269000
trusted library allocation
page read and write
D46D000
unkown
page read and write
8431000
unkown
page read and write
70041000
unkown
page execute read
94A9000
unkown
page read and write
7FF75FA16000
unkown
page readonly
20A6900C000
trusted library allocation
page read and write
B20000
unkown
page read and write
8380000
unkown
page read and write
73D0000
unkown
page read and write
65F000
heap
page read and write
5497000
trusted library allocation
page read and write
401000
unkown
page execute read
78CD000
stack
page read and write
EE00000
heap
page read and write
5BE000
heap
page read and write
1290000
direct allocation
page read and write
2AA9000
trusted library allocation
page read and write
8380000
unkown
page read and write
7FF7C0930000
trusted library allocation
page execute and read and write
980000
heap
page read and write
B20000
unkown
page read and write
3011000
heap
page read and write
5E10000
trusted library allocation
page read and write
6290000
trusted library allocation
page read and write
544F000
trusted library allocation
page read and write
2BB0000
trusted library allocation
page read and write
C0001C8000
direct allocation
page read and write
A0000
trusted library section
page read and write
7FF7C07AD000
trusted library allocation
page execute and read and write
7FF75F305000
unkown
page write copy
81A0000
unkown
page read and write
55EC000
heap
page read and write
7FF530946000
unkown
page readonly
8380000
unkown
page read and write
B20000
unkown
page read and write
5599000
heap
page read and write
7FF7C0A10000
trusted library allocation
page read and write
889000
heap
page read and write
1C0F5C20000
heap
page read and write
23B60660000
direct allocation
page read and write
88B0000
unkown
page read and write
5441000
trusted library allocation
page read and write
29A4000
trusted library allocation
page read and write
8380000
unkown
page read and write
2D70000
unkown
page read and write
2CA3000
trusted library allocation
page read and write
23B605E0000
direct allocation
page read and write
8900000
unkown
page read and write
2FED000
heap
page read and write
4E40000
remote allocation
page read and write
7FF5304D8000
unkown
page readonly
81C0000
unkown
page read and write
88B0000
unkown
page read and write
2AC0000
trusted library allocation
page read and write
7FF7C09E0000
trusted library allocation
page read and write
7FF75F30B000
unkown
page write copy
309C000
unkown
page read and write
4BCE000
stack
page read and write
7FF7C0AE0000
trusted library allocation
page read and write
3005000
heap
page read and write
20A67950000
heap
page execute and read and write
29FE000
trusted library allocation
page read and write
B9E6DFF000
stack
page read and write
8380000
unkown
page read and write
3C70000
heap
page read and write
3163000
trusted library allocation
page read and write
B5A0000
unkown
page read and write
480000
direct allocation
page execute and read and write
1C0F47E0000
trusted library allocation
page read and write
81D0000
unkown
page read and write
7FF53074F000
unkown
page readonly
B20000
unkown
page read and write
EE1000
unkown
page execute read
1C0F4873000
heap
page execute and read and write
400000
unkown
page readonly
6C0000
heap
page read and write
9D58000
unkown
page read and write
B9E6078000
stack
page read and write
5DF0000
trusted library allocation
page execute and read and write
88B0000
unkown
page read and write
2A34000
trusted library allocation
page read and write
BA4000
unkown
page read and write
4BF0000
heap
page read and write
8380000
unkown
page read and write
5465000
trusted library allocation
page read and write
7FF530A65000
unkown
page readonly
81C0000
unkown
page read and write
20A689E2000
trusted library allocation
page read and write
8380000
unkown
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
3011000
heap
page read and write
5DD0000
trusted library allocation
page read and write
2C3D000
trusted library allocation
page read and write
5471000
trusted library allocation
page read and write
88B0000
unkown
page read and write
2C9B000
trusted library allocation
page read and write
6071000
heap
page read and write
5744000
trusted library allocation
page read and write
7FF7C0CE0000
trusted library allocation
page read and write
7FF7C0CF0000
trusted library allocation
page execute and read and write
55F2000
heap
page read and write
8710000
unkown
page read and write
3046000
unkown
page read and write
544F000
trusted library allocation
page read and write
88B0000
unkown
page read and write
DEAC000
stack
page read and write
B20000
unkown
page read and write
1C0F765A000
heap
page read and write
3140000
trusted library allocation
page read and write
28BC000
stack
page read and write
2A09000
trusted library allocation
page read and write
88B0000
unkown
page read and write
841C000
stack
page read and write
88B0000
unkown
page read and write
40B000
unkown
page execute read
20A690FF000
trusted library allocation
page read and write
7FF5308A8000
unkown
page readonly
38F1000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF7C0B74000
trusted library allocation
page read and write
88B0000
unkown
page read and write
5490000
trusted library allocation
page read and write
7FF5308D3000
unkown
page readonly
5668000
heap
page read and write
28A0000
trusted library allocation
page read and write
F2000
trusted library allocation
page read and write
D2A5000
unkown
page read and write
29AA000
trusted library allocation
page read and write
C000046000
direct allocation
page read and write
3157000
trusted library allocation
page read and write
83A0000
unkown
page read and write
7FF7C0B40000
trusted library allocation
page read and write
313A000
trusted library allocation
page read and write
B20000
unkown
page read and write
5BE000
heap
page read and write
4EB5000
trusted library allocation
page read and write
7FF7C0BE0000
trusted library allocation
page execute and read and write
3179000
trusted library allocation
page read and write
313D000
trusted library allocation
page read and write
B20000
unkown
page read and write
23B1B2D5000
direct allocation
page read and write
1C0F5BE1000
heap
page read and write
12F8000
heap
page read and write
81C0000
unkown
page read and write
7FF7C0AD0000
trusted library allocation
page read and write
7FF7C07AB000
trusted library allocation
page execute and read and write
7FF7C08A0000
trusted library allocation
page execute and read and write
4E70000
trusted library allocation
page read and write
6280000
trusted library allocation
page read and write
5477000
trusted library allocation
page read and write
CE5000
heap
page read and write
B20000
unkown
page read and write
88B0000
unkown
page read and write
8650000
unkown
page read and write
614000
heap
page read and write
3251000
trusted library allocation
page read and write
4EE0000
trusted library allocation
page read and write
73B0000
unkown
page read and write
2598AF30000
heap
page read and write
7FF7C0B50000
trusted library allocation
page read and write
3178000
trusted library allocation
page read and write
315E000
trusted library allocation
page read and write
70078000
unkown
page readonly
548F000
trusted library allocation
page read and write
FF94000
unkown
page read and write
88B0000
unkown
page read and write
8D00000
unkown
page read and write
2A55000
trusted library allocation
page read and write
2C53000
trusted library allocation
page read and write
20A77971000
trusted library allocation
page read and write
8380000
unkown
page read and write
8710000
unkown
page read and write
2AB0000
trusted library allocation
page read and write
B20000
unkown
page read and write
700A0000
unkown
page readonly
8380000
unkown
page read and write
B20000
unkown
page read and write
981A1FD000
stack
page read and write
6186000
heap
page read and write
5477000
trusted library allocation
page read and write
2FD9000
heap
page read and write
2D50000
unkown
page readonly
88B0000
unkown
page read and write
313A000
trusted library allocation
page read and write
5458000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
5AF0000
heap
page read and write
4F7E000
stack
page read and write
7FF530846000
unkown
page readonly
81C0000
unkown
page read and write
544F000
trusted library allocation
page read and write
23B605A1000
direct allocation
page read and write
7FF7C09D0000
trusted library allocation
page read and write
2AC86260000
heap
page read and write
401000
unkown
page execute read
DE2D000
stack
page read and write
7FF7C09F0000
trusted library allocation
page read and write
772A000
unkown
page read and write
88B0000
unkown
page read and write
2FF8000
heap
page read and write
1C0F3CE0000
trusted library section
page readonly
8380000
unkown
page read and write
1C0F2315000
heap
page read and write
3147000
trusted library allocation
page read and write
7FF7C0C70000
trusted library allocation
page read and write
9DC1000
unkown
page read and write
315E000
trusted library allocation
page read and write
7380000
unkown
page read and write
7FF7C0C80000
trusted library allocation
page read and write
7FF53034E000
unkown
page readonly
4FC0000
trusted library allocation
page read and write
EF0000
heap
page read and write
1E5000
heap
page read and write
2C1F000
trusted library allocation
page read and write
23B1B32F000
direct allocation
page read and write
4E50000
trusted library allocation
page execute and read and write
2AF6000
trusted library allocation
page read and write
655D000
stack
page read and write
7DF44D870000
unkown
page readonly
88B0000
unkown
page read and write
7FF7C0CA0000
trusted library allocation
page read and write
F3177FD000
stack
page read and write
2B25000
trusted library allocation
page read and write
B20000
unkown
page read and write
1C0F3C95000
heap
page read and write
4E3F000
stack
page read and write
6280000
heap
page execute and read and write
EE1000
unkown
page execute and write copy
CF0000
unkown
page readonly
88B0000
unkown
page read and write
7FF5307F8000
unkown
page readonly
2FE9000
heap
page read and write
1C0F46E0000
heap
page read and write
2A9D000
trusted library allocation
page read and write
7FF7C0BC0000
trusted library allocation
page read and write
3187000
trusted library allocation
page read and write
1C0F410C000
heap
page read and write
7FF75F9EA000
unkown
page write copy
3149000
trusted library allocation
page read and write
300C000
heap
page read and write
83A0000
unkown
page read and write
7FF53051E000
unkown
page readonly
81C0000
unkown
page read and write
7FF7C0B2C000
trusted library allocation
page read and write
7230000
trusted library allocation
page read and write
3B7C000
stack
page read and write
8380000
unkown
page read and write
88B0000
unkown
page read and write
2C40000
unkown
page read and write
2FF2000
heap
page read and write
2AC87F08000
trusted library allocation
page read and write
87000
heap
page read and write
1C0F46D0000
heap
page read and write
88B0000
unkown
page read and write
7750000
unkown
page read and write
88B0000
unkown
page read and write
29CC000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF5303FF000
unkown
page readonly
BA6000
unkown
page execute and read and write
2A70000
heap
page execute and read and write
20A65CF0000
trusted library section
page read and write
88B0000
unkown
page read and write
7FF7C0830000
trusted library allocation
page read and write
8380000
unkown
page read and write
2ACF000
trusted library allocation
page read and write
250A000
stack
page read and write
81C0000
unkown
page read and write
3168000
trusted library allocation
page read and write
5457000
trusted library allocation
page read and write
2AE4000
trusted library allocation
page read and write
4B7000
unkown
page readonly
7FF527CA5000
unkown
page readonly
9C000
stack
page read and write
5490000
trusted library allocation
page read and write
B60000
unkown
page read and write
A4E4000
unkown
page read and write
6F74000
unkown
page read and write
C000070000
direct allocation
page read and write
C000116000
direct allocation
page read and write
659000
heap
page read and write
20A67580000
heap
page read and write
8380000
unkown
page read and write
8380000
unkown
page read and write
8D00000
unkown
page read and write
389F000
stack
page read and write
7FF5303AC000
unkown
page readonly
34C4000
heap
page read and write
5AD5000
trusted library allocation
page read and write
5458000
trusted library allocation
page read and write
C0005DC000
direct allocation
page read and write
54E000
stack
page read and write
401000
unkown
page execute read
8380000
unkown
page read and write
81A0000
unkown
page read and write
374E000
stack
page read and write
73D0000
unkown
page read and write
8650000
unkown
page read and write
8380000
unkown
page read and write
670000
heap
page read and write
A420000
unkown
page read and write
1C0F4870000
heap
page execute and read and write
55EB000
trusted library allocation
page read and write
B9E708C000
stack
page read and write
2E7A000
stack
page read and write
5B9F000
stack
page read and write
4D0000
heap
page read and write
1120000
direct allocation
page read and write
81C0000
unkown
page read and write
B20000
unkown
page read and write
B20000
unkown
page read and write
7FF7C0886000
trusted library allocation
page execute and read and write
5464000
trusted library allocation
page read and write
B20000
unkown
page read and write
B20000
unkown
page read and write
4EF0000
trusted library allocation
page read and write
547D000
trusted library allocation
page read and write
580000
unkown
page readonly
3121000
trusted library allocation
page read and write
59E000
stack
page read and write
88B0000
unkown
page read and write
4450000
unkown
page read and write
81C0000
unkown
page read and write
7FF530928000
unkown
page readonly
3165000
trusted library allocation
page read and write
88B0000
unkown
page read and write
7FF530A5B000
unkown
page readonly
There are 3634 hidden memdumps, click here to show them.