IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Temp\3530.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\6E8A.exe
PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7C81.exe
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\rentry-script.ps1
ASCII text, with CRLF line terminators
modified
 malicious
C:\Users\user\AppData\Roaming\sashibt
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\sashibt:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\6E8A.exe.log
CSV text
dropped
C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache
data
modified
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_iphtavot.cdr.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jeqrphl1.chf.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v21r2jvc.u1m.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zmwgc4wp.1qc.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\lumma.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
C:\Users\user\AppData\Local\Temp\venom.zip
Zip archive data, at least v2.0 to extract, compression method=deflate
dropped
There are 6 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\sashibt
C:\Users\user\AppData\Roaming\sashibt
 malicious
C:\Users\user\AppData\Roaming\sashibt
C:\Users\user\AppData\Roaming\sashibt
 malicious
C:\Users\user\AppData\Local\Temp\3530.exe
C:\Users\user\AppData\Local\Temp\3530.exe
 malicious
C:\Users\user\AppData\Local\Temp\7C81.exe
C:\Users\user\AppData\Local\Temp\7C81.exe
 malicious
C:\Users\user\AppData\Local\Temp\6E8A.exe
C:\Users\user\AppData\Local\Temp\6E8A.exe
 malicious
C:\Users\user\AppData\Local\Temp\6E8A.exe
"C:\Users\user\AppData\Local\Temp\6E8A.exe" -HOSTRUNAS
malicious
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1"
malicious
C:\Users\user\AppData\Local\Temp\3530.exe
"C:\Users\user\AppData\Local\Temp\3530.exe"
malicious
C:\Users\user\AppData\Local\Temp\3530.exe
"C:\Users\user\AppData\Local\Temp\3530.exe"
malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 6 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://100xmargin.com/tmp/index.php
malicious
http://olinsw.ws/tmp/index.php
malicious
http://wgdnb4rc.xyz/tmp/index.php
malicious
https://107.173.160.137/
107.173.160.137
 malicious
http://mzxn.ru/tmp/index.php
125.7.253.10
 malicious
lariatedzugspd.shop
malicious
callosallsaospz.shop
malicious
https://167.235.128.153/
167.235.128.153
 malicious
https://funrecipebooks.com/setups.exe
162.0.235.84
 malicious
liernessfornicsa.shop
malicious
https://107.173.160.139/
107.173.160.139
 malicious
shepherdlyopzc.shop
malicious
upknittsoappz.shop
malicious
https://mussangroup.com/wp-content/images/pic1.jpg
185.149.100.242
 malicious
outpointsozp.shop
malicious
unseaffarignsk.shop
malicious
https://word.office.comon
unknown
http://html4/loose.dtd
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://callosallsaospz.shop/api
188.114.96.3
https://duckduckgo.com/ac/?q=
unknown
https://callosallsaospz.shop/apicnmamaa
unknown
https://powerpoint.office.comcember
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
unknown
https://rentry.co/microgods/raw
104.26.3.16
http://ocsps.ssl.com0?
unknown
https://contoso.com/License
unknown
http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt0
unknown
https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
unknown
http://cert.ssl.com/SSL.com-timeStamping-I-RSA-R1.cer0Q
unknown
http://ocsps.ssl.com0
unknown
http://store4.gofile.io
unknown
http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
unknown
https://excel.office.com
unknown
http://.css
unknown
http://schemas.micro
unknown
https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip
31.14.70.245
http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0
unknown
https://callosallsaospz.shop/bO
unknown
http://x1.c.lencr.org/0
unknown
http://x1.i.lencr.org/0
unknown
https://callosallsaospz.shop/e
unknown
https://contoso.com/
unknown
https://nuget.org/nuget.exe
unknown
https://www.ssl.com/repository0
unknown
http://ocsps.ssl.com0_
unknown
https://callosallsaospz.shop/b
unknown
https://callosallsaospz.shop/apioro
unknown
https://callosallsaospz.shop/m
unknown
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
unknown
https://callosallsaospz.shop/h
unknown
https://callosallsaospz.shop/i
unknown
https://support.mozilla.org/products/firefoxgro.all
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://.jpg
unknown
https://rentry.co
unknown
http://www.oberhumer.com
unknown
https://callosallsaospz.shop/o
unknown
https://wns.windows.com/)s
unknown
http://www.autoitscript.com/autoit3/J
unknown
http://nuget.org/NuGet.exe
unknown
http://pesterbdd.com/images/Pester.png
unknown
https://callosallsaospz.shop/D
unknown
https://store4.gofile.io
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
https://callosallsaospz.shop/apiQbd
unknown
https://go.micro
unknown
https://callosallsaospz.shop/apisF
unknown
https://contoso.com/Icon
unknown
https://callosallsaospz.shop/apiem
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://crl.rootca1.amazontrust.com/rootca1.crl0
unknown
http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
https://callosallsaospz.shop///
unknown
https://callosallsaospz.shop/apiyy
unknown
https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
unknown
https://outlook.com
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://github.com/Pester/Pester
unknown
http://crls.ssl.com/ssl.com-rsa-RootCA.crl0
unknown
https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
unknown
http://crls.ssl.com/SSL.com-timeStamping-I-RSA-R1.crl0
unknown
https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
unknown
https://android.notify.windows.com/iOS
unknown
https://store4.gofile.io/download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip
31.14.70.245
http://crt.rootca1.amazontrust.com/rootca1.cer0?
unknown
http://rentry.co
unknown
https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
unknown
https://api.msn.com/
unknown
https://aka.ms/pscore68
unknown
http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0
unknown
http://crl.v
unknown
https://callosallsaospz.shop/
unknown
https://callosallsaospz.shop/0
unknown
There are 86 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
funrecipebooks.com
162.0.235.84
 malicious
rentry.co
104.26.3.16
 malicious
mzxn.ru
186.145.236.93
 malicious
liernessfornicsa.shop
172.67.213.85
 malicious
mussangroup.com
185.149.100.242
 malicious
callosallsaospz.shop
188.114.96.3
 malicious
206.23.85.13.in-addr.arpa
unknown
 malicious
store4.gofile.io
31.14.70.245

IPs

IP
Domain
Country
Malicious
77.221.157.163
unknown
Russian Federation
malicious
107.173.160.139
unknown
United States
malicious
107.173.160.137
unknown
United States
malicious
162.0.235.84
funrecipebooks.com
Canada
malicious
109.172.114.212
unknown
Russian Federation
malicious
64.190.113.113
unknown
United States
malicious
125.7.253.10
unknown
Korea Republic of
malicious
177.222.41.236
unknown
Bolivia
malicious
186.145.236.93
mzxn.ru
Colombia
malicious
104.26.3.16
rentry.co
United States
malicious
167.235.128.153
unknown
United States
malicious
188.114.96.3
callosallsaospz.shop
European Union
malicious
185.149.100.242
mussangroup.com
Turkey
malicious
31.14.70.245
store4.gofile.io
Virgin Islands (BRITISH)
There are 4 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Update#7936_8yUscnjrUY
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000050246
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020474
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000B006E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@explorerframe.dll,-13137
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
@explorerframe.dll,-13138
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000080472
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\nysbaf\NccQngn\Ybpny\Grzc\3530.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000020488
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003047E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000030492
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\nysbaf\NccQngn\Ybpny\Grzc\3530.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\6E8A_RASMANCS
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
There are 245 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2600000
direct allocation
page read and write
 malicious
C00065C000
direct allocation
page read and write
 malicious
7FF7D5140000
unkown
page readonly
 malicious
40C1000
unclassified section
page read and write
 malicious
2621000
unclassified section
page read and write
 malicious
4090000
direct allocation
page read and write
 malicious
7FF7D5140000
unkown
page readonly
 malicious
40B1000
unclassified section
page read and write
 malicious
25F0000
direct allocation
page read and write
 malicious
885000
heap
page read and write
865000
heap
page read and write
82F000
heap
page read and write
AE1D000
stack
page read and write
68B2D85000
stack
page read and write
1380000
heap
page read and write
99C0000
unkown
page read and write
9430000
unkown
page read and write
87E1000
unkown
page read and write
1170000
unkown
page read and write
C44F000
stack
page read and write
A39C000
unkown
page read and write
21FA302D000
heap
page read and write
700000
heap
page read and write
3250000
unkown
page read and write
1170000
unkown
page read and write
7FF5D75FF000
unkown
page readonly
237821A0000
heap
page read and write
2598E690000
heap
page read and write
22A4D2C0000
heap
page read and write
4D69000
trusted library allocation
page read and write
85C000
heap
page read and write
830000
heap
page read and write
7FF5D7458000
unkown
page readonly
263D000
heap
page execute and read and write
4B3A000
trusted library allocation
page read and write
1170000
unkown
page read and write
7FF5D76C8000
unkown
page readonly
768E000
unkown
page read and write
3290000
unkown
page read and write
7FF848DED000
trusted library allocation
page execute and read and write
CDBE5FE000
stack
page read and write
3250000
unkown
page read and write
9430000
unkown
page read and write
7FF849040000
trusted library allocation
page read and write
76F8000
unkown
page read and write
4B3A000
trusted library allocation
page read and write
1230000
unkown
page read and write
7FF5D7396000
unkown
page readonly
9700000
unkown
page read and write
C0003B4000
direct allocation
page read and write
9430000
unkown
page read and write
21FA3037000
heap
page read and write
9430000
unkown
page read and write
9780000
unkown
page read and write
7FF5D76CD000
unkown
page readonly
1230000
unkown
page read and write
F66D000
stack
page read and write
7FF5D7292000
unkown
page readonly
21FA14D4000
heap
page read and write
2A985CE000
stack
page read and write
C16FFFE000
stack
page read and write
5479000
unkown
page read and write
3090000
unkown
page read and write
1230000
unkown
page read and write
3230000
unkown
page read and write
C669000
unkown
page read and write
21F85E13000
heap
page execute and read and write
3080000
unkown
page read and write
4AAF000
trusted library allocation
page read and write
7FF5D776D000
unkown
page readonly
1170000
unkown
page read and write
94AB000
stack
page read and write
4AB2000
trusted library allocation
page read and write
1170000
unkown
page read and write
21F87C6B000
trusted library allocation
page read and write
9430000
unkown
page read and write
A8F000
stack
page read and write
7FF5D75D6000
unkown
page readonly
8A00000
unkown
page read and write
C0000D4000
direct allocation
page read and write
885000
heap
page read and write
3270000
unkown
page read and write
7FF5D7691000
unkown
page readonly
7FF5D7404000
unkown
page readonly
E4CC000
stack
page read and write
C00000A000
direct allocation
page read and write
1230000
unkown
page read and write
3080000
unkown
page read and write
7FF848E0D000
trusted library allocation
page execute and read and write
C0000F4000
direct allocation
page read and write
7FF5D71CC000
unkown
page readonly
7FF5D7797000
unkown
page readonly
9820000
unkown
page read and write
401000
unkown
page execute read
8850000
unkown
page read and write
86E0000
unkown
page readonly
3230000
unkown
page read and write
3230000
unkown
page read and write
3080000
unkown
page read and write
3080000
unkown
page read and write
498E000
stack
page read and write
7FF5D7065000
unkown
page readonly
4BA1000
trusted library allocation
page read and write
3250000
unkown
page read and write
C000028000
direct allocation
page read and write
26EE000
stack
page read and write
7FF848FC6000
trusted library allocation
page read and write
9820000
unkown
page read and write
42B0000
heap
page read and write
3080000
unkown
page read and write
22A36822000
trusted library allocation
page read and write
C0001DE000
direct allocation
page read and write
3080000
unkown
page read and write
3250000
unkown
page read and write
859000
heap
page read and write
6E0000
heap
page read and write
21F87C4D000
trusted library allocation
page read and write
86B000
heap
page read and write
294F000
stack
page read and write
9780000
unkown
page read and write
7631000
unkown
page read and write
2550000
heap
page read and write
3080000
unkown
page read and write
7FF8490D0000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
82E000
heap
page read and write
22A33200000
heap
page read and write
3250000
unkown
page read and write
4AB0000
unkown
page read and write
35BD000
unkown
page read and write
2598CDB0000
heap
page read and write
3230000
unkown
page read and write
3080000
unkown
page read and write
3489000
stack
page read and write
9B2C000
unkown
page read and write
22A332EA000
heap
page read and write
3220000
unkown
page read and write
7FF5D6A4B000
unkown
page readonly
C000050000
direct allocation
page read and write
3290000
unkown
page read and write
21F87821000
trusted library allocation
page read and write
9700000
unkown
page read and write
22ADEC62000
direct allocation
page read and write
A384000
unkown
page read and write
C81C000
unkown
page read and write
2A973FE000
stack
page read and write
7FF5D77D2000
unkown
page readonly
7FF5D781A000
unkown
page readonly
88E000
heap
page read and write
C0003F0000
direct allocation
page read and write
3240000
unkown
page read and write
35C1000
unkown
page read and write
4AC9000
trusted library allocation
page read and write
3220000
unkown
page read and write
400000
unkown
page readonly
C0003BE000
direct allocation
page read and write
21FA3140000
heap
page read and write
C9B9000
unkown
page read and write
1230000
unkown
page read and write
25F0000
direct allocation
page read and write
836000
heap
page read and write
7FF848EA0000
trusted library allocation
page read and write
C16E7F5000
stack
page read and write
7FF5D7289000
unkown
page readonly
9B0B000
unkown
page read and write
4ACF000
trusted library allocation
page read and write
7FF5D76AF000
unkown
page readonly
21F85EB5000
heap
page read and write
4ACD000
trusted library allocation
page read and write
C000026000
direct allocation
page read and write
C000192000
direct allocation
page read and write
A3C3000
unkown
page read and write
7FF7D5096000
unkown
page read and write
7FF848FE0000
trusted library allocation
page read and write
F6C0000
heap
page read and write
7FF5D7394000
unkown
page readonly
21F85E60000
heap
page read and write
856000
heap
page read and write
3080000
unkown
page read and write
2598E710000
heap
page read and write
9A90000
unkown
page read and write
7FF5D75D9000
unkown
page readonly
4AA4000
trusted library allocation
page read and write
D8D000
stack
page read and write
1170000
unkown
page read and write
3230000
unkown
page read and write
C000428000
direct allocation
page read and write
7FF7A0A1D000
unkown
page readonly
C000146000
direct allocation
page read and write
21F87C33000
trusted library allocation
page read and write
7FF5D74B8000
unkown
page readonly
7FF5D738E000
unkown
page readonly
9780000
unkown
page read and write
7DD0000
heap
page read and write
3250000
unkown
page read and write
99B4000
unkown
page read and write
21FA301E000
heap
page read and write
8DD0000
unkown
page read and write
DC808FD000
stack
page read and write
EF0000
heap
page read and write
C000338000
direct allocation
page read and write
84A000
heap
page read and write
885000
heap
page read and write
7FF5D7236000
unkown
page readonly
3530000
unkown
page read and write
7FF5D7360000
unkown
page readonly
C000124000
direct allocation
page read and write
22AE3F60000
direct allocation
page read and write
1230000
unkown
page read and write
35CD000
unkown
page read and write
AA1A000
unkown
page read and write
4B32000
trusted library allocation
page read and write
7FF5D749B000
unkown
page readonly
10E0000
stack
page read and write
1230000
unkown
page read and write
C0000B6000
direct allocation
page read and write
7FF5D7534000
unkown
page readonly
7FF5D7284000
unkown
page readonly
22A332AA000
heap
page read and write
C00042F000
direct allocation
page read and write
1170000
unkown
page read and write
3220000
unkown
page read and write
874000
heap
page read and write
C0002C6000
direct allocation
page read and write
AA04000
unkown
page read and write
3400000
unkown
page read and write
7FF7D509C000
unkown
page read and write
22A4D460000
heap
page execute and read and write
33B0000
unkown
page readonly
82E000
heap
page read and write
7FF848E03000
trusted library allocation
page execute and read and write
35C9000
unkown
page read and write
C0000D2000
direct allocation
page read and write
21F87DDD000
trusted library allocation
page read and write
C00005D000
direct allocation
page read and write
7FF8491A0000
trusted library allocation
page read and write
21FA3079000
heap
page read and write
35E4000
unkown
page read and write
C000416000
direct allocation
page read and write
1230000
unkown
page read and write
7A4000
heap
page read and write
21F85BA2000
heap
page read and write
4AC3000
trusted library allocation
page read and write
22A4D490000
heap
page read and write
9430000
unkown
page read and write
1170000
unkown
page read and write
C000116000
direct allocation
page read and write
4AE5000
trusted library allocation
page read and write
C000112000
direct allocation
page read and write
9430000
unkown
page read and write
C000286000
direct allocation
page read and write
4AFE000
trusted library allocation
page read and write
4AE5000
trusted library allocation
page read and write
874000
heap
page read and write
4A9B000
trusted library allocation
page read and write
22ADEC70000
direct allocation
page read and write
C0000A0000
direct allocation
page read and write
1230000
unkown
page read and write
2598E620000
heap
page read and write
9430000
unkown
page read and write
7FF5D7604000
unkown
page readonly
259A9AB0000
heap
page read and write
1170000
unkown
page read and write
7FF848E1D000
trusted library allocation
page execute and read and write
4AA0000
unkown
page read and write
9780000
unkown
page read and write
8360000
unkown
page read and write
3090000
unkown
page read and write
3080000
unkown
page read and write
1230000
unkown
page read and write
7FF5D751F000
unkown
page readonly
7FF5D7398000
unkown
page readonly
22ADE930000
heap
page read and write
C7C6000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
9820000
unkown
page read and write
C0000B0000
direct allocation
page read and write
550000
heap
page read and write
C65E000
unkown
page read and write
9820000
unkown
page read and write
9430000
unkown
page read and write
1230000
unkown
page read and write
3230000
unkown
page read and write
841000
heap
page read and write
49C2000
unkown
page read and write
853E000
stack
page read and write
830000
heap
page read and write
7DF4F2480000
unkown
page readonly
3230000
unkown
page read and write
22A4534E000
trusted library allocation
page read and write
4AA1000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
21F85B2E000
heap
page read and write
2F7E000
stack
page read and write
7FF8490B0000
trusted library allocation
page read and write
7FF5D743F000
unkown
page readonly
7FF5D7452000
unkown
page readonly
7FF5D7764000
unkown
page readonly
C0000AE000
direct allocation
page read and write
4A9F000
trusted library allocation
page read and write
7FF848EC0000
trusted library allocation
page execute and read and write
22ADEC5F000
direct allocation
page read and write
7AA0000
unkown
page read and write
1230000
unkown
page read and write
1230000
unkown
page read and write
85D000
heap
page read and write
21F87663000
heap
page read and write
3230000
unkown
page read and write
A0A9000
stack
page read and write
7FF5D7407000
unkown
page readonly
22A34CB0000
trusted library allocation
page read and write
C0000F2000
direct allocation
page read and write
CDBE9FE000
stack
page read and write
21F87C5C000
trusted library allocation
page read and write
22A36A8C000
trusted library allocation
page read and write
3250000
unkown
page read and write
7FF5D72D3000
unkown
page readonly
864000
heap
page read and write
3250000
unkown
page read and write
3080000
unkown
page read and write
3080000
unkown
page read and write
7FF5D772C000
unkown
page readonly
1B961138000
heap
page read and write
7FF848FD0000
trusted library allocation
page execute and read and write
2EB1000
unkown
page read and write
7FF849242000
trusted library allocation
page read and write
3080000
unkown
page read and write
1170000
unkown
page read and write
98FD000
stack
page read and write
401000
unkown
page execute read
7FF7D50A3000
unkown
page write copy
9430000
unkown
page read and write
4AC5000
trusted library allocation
page read and write
431000
unkown
page read and write
4AB5000
trusted library allocation
page read and write
3220000
unkown
page read and write
9430000
unkown
page read and write
7FF7D4C01000
unkown
page execute read
9780000
unkown
page read and write
4AE5000
trusted library allocation
page read and write
19D000
stack
page read and write
C000060000
direct allocation
page read and write
7FF5D7391000
unkown
page readonly
9580000
unkown
page read and write
8DD0000
unkown
page read and write
8900000
unkown
page read and write
9AAC000
unkown
page read and write
1230000
unkown
page read and write
C48B000
unkown
page read and write
7FF848DE3000
trusted library allocation
page execute and read and write
3260000
unkown
page read and write
1230000
unkown
page read and write
68B13FB000
stack
page read and write
C0009DA000
direct allocation
page read and write
2448000
unkown
page readonly
3250000
unkown
page read and write
C0002A4000
direct allocation
page read and write
3220000
unkown
page read and write
4AB4000
trusted library allocation
page read and write
3220000
unkown
page read and write
E6CD000
stack
page read and write
9579000
stack
page read and write
4AAF000
trusted library allocation
page read and write
A28D000
unkown
page read and write
C00012E000
direct allocation
page read and write
13A0000
unkown
page readonly
9279000
stack
page read and write
3230000
unkown
page read and write
1230000
unkown
page read and write
22A332A4000
heap
page read and write
9780000
unkown
page read and write
1230000
unkown
page read and write
4A9D000
trusted library allocation
page read and write
BEA0000
unkown
page readonly
3230000
unkown
page read and write
9AA0000
unkown
page read and write
A408000
unkown
page read and write
10634000
unkown
page read and write
3250000
unkown
page read and write
1170000
unkown
page read and write
3230000
unkown
page read and write
E10000
unkown
page readonly
3220000
unkown
page read and write
3080000
unkown
page read and write
1230000
unkown
page read and write
87E000
heap
page read and write
9780000
unkown
page read and write
21FA126F000
heap
page read and write
1281000
unkown
page readonly
3220000
unkown
page read and write
7FF5D716B000
unkown
page readonly
3230000
unkown
page read and write
7FF848E96000
trusted library allocation
page read and write
3230000
unkown
page read and write
1230000
unkown
page read and write
879000
heap
page read and write
9430000
unkown
page read and write
8946000
unkown
page read and write
C1707FE000
stack
page read and write
C000426000
direct allocation
page read and write
1170000
unkown
page read and write
7FF5D748A000
unkown
page readonly
22A34DE0000
heap
page read and write
7FF5D7799000
unkown
page readonly
10774000
unkown
page read and write
3230000
unkown
page read and write
9A96000
unkown
page read and write
C000382000
direct allocation
page read and write
9C000
stack
page read and write
22A4D695000
heap
page read and write
7FF7D4C00000
unkown
page readonly
3500000
stack
page read and write
1230000
unkown
page read and write
1230000
unkown
page read and write
9430000
unkown
page read and write
C0BA000
stack
page read and write
841000
heap
page read and write
C8C2000
unkown
page read and write
3240000
unkown
page read and write
25E0000
direct allocation
page execute and read and write
4A71000
unkown
page read and write
3220000
unkown
page read and write
7FF848FB0000
trusted library allocation
page execute and read and write
7FF5D723F000
unkown
page readonly
C16EBFF000
stack
page read and write
7FF848EB6000
trusted library allocation
page read and write
1170000
unkown
page read and write
7DF4F2470000
unkown
page readonly
4A40000
unkown
page read and write
7FF848DFD000
trusted library allocation
page execute and read and write
7FF848E9C000
trusted library allocation
page execute and read and write
87C000
heap
page read and write
3030000
unkown
page read and write
4B02000
trusted library allocation
page read and write
E84D000
stack
page read and write
3120000
unkown
page read and write
22A34CB3000
trusted library allocation
page read and write
87E000
heap
page read and write
22AE3FC0000
direct allocation
page read and write
21FA17F4000
heap
page read and write
7FF415C80000
trusted library allocation
page execute and read and write
4A8E000
stack
page read and write
3220000
unkown
page read and write
7FF5D769E000
unkown
page readonly
F56D000
stack
page read and write
C000059000
direct allocation
page read and write
4B2B000
trusted library allocation
page read and write
9430000
unkown
page read and write
3040000
unkown
page read and write
9820000
unkown
page read and write
7FF5D7722000
unkown
page readonly
3220000
unkown
page read and write
864000
heap
page read and write
7FF7D511D000
unkown
page read and write
9820000
unkown
page read and write
1B962AE1000
heap
page read and write
3080000
unkown
page read and write
21F85B59000
heap
page read and write
3270000
unkown
page read and write
A9E9000
unkown
page read and write
9430000
unkown
page read and write
259A7140000
heap
page read and write
1B962AE0000
heap
page read and write
259A9AB2000
heap
page read and write
7FF5D705D000
unkown
page readonly
3250000
unkown
page read and write
7FF5D776F000
unkown
page readonly
9430000
unkown
page read and write
58E6000
trusted library allocation
page read and write
7FF5D77B9000
unkown
page readonly
7FF848F80000
trusted library allocation
page read and write
7FF848EB0000
trusted library allocation
page read and write
7FF5D77DA000
unkown
page readonly
3080000
unkown
page read and write
9820000
unkown
page read and write
F5EE000
stack
page read and write
1170000
unkown
page read and write
88E000
heap
page read and write
3230000
unkown
page read and write
7FF7D5776000
unkown
page write copy
3290000
unkown
page read and write
9820000
unkown
page read and write
9700000
unkown
page read and write
3250000
unkown
page read and write
30A0000
unkown
page read and write
3240000
unkown
page read and write
3080000
unkown
page read and write
1170000
unkown
page read and write
22A36A74000
trusted library allocation
page read and write
9780000
unkown
page read and write
10E0000
unkown
page read and write
5463000
unkown
page read and write
3270000
unkown
page read and write
856000
heap
page read and write
21F87B38000
trusted library allocation
page read and write
848000
heap
page read and write
844000
heap
page read and write
22A4D686000
heap
page read and write
3220000
unkown
page read and write
1200000
unkown
page read and write
4A16000
unkown
page read and write
9580000
unkown
page read and write
7FF848E04000
trusted library allocation
page read and write
C0003F6000
direct allocation
page read and write
7FF7A0990000
unkown
page readonly
9820000
unkown
page read and write
19D000
stack
page read and write
9580000
unkown
page read and write
7FF7A0A82000
unkown
page write copy
4AC6000
trusted library allocation
page read and write
68AF3FD000
stack
page read and write
7FF7D50A1000
unkown
page write copy
C00001A000
direct allocation
page read and write
7FF7D511F000
unkown
page read and write
874000
heap
page read and write
2598CBD0000
heap
page read and write
9430000
unkown
page read and write
A9DF000
unkown
page read and write
7FF7D576E000
unkown
page read and write
1230000
unkown
page read and write
7AB000
heap
page read and write
7FF7A0A1D000
unkown
page readonly
21FA0040000
trusted library section
page read and write
7FF849060000
trusted library allocation
page read and write
4ADE000
trusted library allocation
page read and write
9470000
unkown
page read and write
A39F000
unkown
page read and write
1170000
unkown
page read and write
C460000
unkown
page read and write
7AC0000
unkown
page read and write
7FF5D7593000
unkown
page readonly
9700000
unkown
page read and write
362D000
unkown
page read and write
7FF848E5C000
trusted library allocation
page execute and read and write
22A4D376000
heap
page read and write
7FF5D7591000
unkown
page readonly
1170000
unkown
page read and write
DB0000
remote allocation
page read and write
9430000
unkown
page read and write
7FF5D71DA000
unkown
page readonly
7FF848EE6000
trusted library allocation
page execute and read and write
41F000
unkown
page readonly
22A36E78000
trusted library allocation
page read and write
7FF7D5776000
unkown
page read and write
3260000
unkown
page read and write
22A36A14000
trusted library allocation
page read and write
855000
heap
page read and write
7FF5D75F9000
unkown
page readonly
3220000
unkown
page read and write
68AEFFC000
stack
page read and write
7FF7D513E000
unkown
page write copy
21FA14D1000
heap
page read and write
9430000
unkown
page read and write
9430000
unkown
page read and write
3040000
unkown
page read and write
9470000
unkown
page read and write
9430000
unkown
page read and write
BE90000
unkown
page read and write
4C7A000
trusted library allocation
page read and write
1230000
unkown
page read and write
22A34E50000
heap
page read and write
35B0000
unkown
page read and write
3080000
unkown
page read and write
7DF4F24A1000
unkown
page execute read
49D6000
unkown
page read and write
7FF849300000
trusted library allocation
page read and write
1230000
unkown
page read and write
21F87D25000
trusted library allocation
page read and write
690000
heap
page read and write
1B961070000
heap
page read and write
C5F8000
unkown
page read and write
8DD0000
unkown
page read and write
9470000
unkown
page read and write
7FF5D72DF000
unkown
page readonly
7FF5D770F000
unkown
page readonly
9470000
unkown
page read and write
8942000
unkown
page read and write
7FF849160000
trusted library allocation
page read and write
9780000
unkown
page read and write
7FF848DF2000
trusted library allocation
page read and write
22A4D650000
heap
page read and write
9820000
unkown
page read and write
7FF5D6BEF000
unkown
page readonly
7FF5D706E000
unkown
page readonly
45B000
stack
page read and write
21F87C62000
trusted library allocation
page read and write
1B96112B000
heap
page read and write
3250000
unkown
page read and write
1230000
unkown
page read and write
10734000
unkown
page read and write
C00004D000
direct allocation
page read and write
C653000
unkown
page read and write
3240000
unkown
page read and write
BE70000
unkown
page readonly
2598CD00000
heap
page read and write
9780000
unkown
page read and write
B220000
unkown
page read and write
C000148000
direct allocation
page read and write
22A33272000
heap
page read and write
1383000
heap
page read and write
22A33230000
heap
page read and write
21FA0122000
heap
page read and write
C000057000
direct allocation
page read and write
7DF4F2461000
unkown
page execute read
7FF8490A0000
trusted library allocation
page read and write
9430000
unkown
page read and write
AA40000
unkown
page read and write
3080000
unkown
page read and write
BE49000
stack
page read and write
9430000
unkown
page read and write
7FF7A0991000
unkown
page execute read
B980000
unkown
page readonly
7FF7A0A82000
unkown
page read and write
A313000
unkown
page read and write
4AAF000
trusted library allocation
page read and write
9820000
unkown
page read and write
7FF5D69BB000
unkown
page readonly
41F000
unkown
page readonly
9430000
unkown
page read and write
7FF5D7784000
unkown
page readonly
C0002AE000
direct allocation
page read and write
53DA000
trusted library allocation
page read and write
3250000
unkown
page read and write
9700000
unkown
page read and write
7FF5D744E000
unkown
page readonly
7FF5D7837000
unkown
page readonly
7FF5D77F0000
unkown
page readonly
9430000
unkown
page read and write
1170000
unkown
page read and write
9430000
unkown
page read and write
C000385000
direct allocation
page read and write
7FF849110000
trusted library allocation
page read and write
257E000
stack
page read and write
88E000
heap
page read and write
9A6A000
unkown
page read and write
9820000
unkown
page read and write
22ADEC57000
direct allocation
page read and write
1F0000
heap
page read and write
2723000
heap
page read and write
4CD9000
trusted library allocation
page read and write
2598CB00000
heap
page read and write
4A95000
trusted library allocation
page read and write
3230000
unkown
page read and write
3050000
unkown
page read and write
1230000
unkown
page read and write
3230000
unkown
page read and write
8C39000
stack
page read and write
3240000
unkown
page read and write
88E000
heap
page read and write
8380000
unkown
page read and write
21FA00B0000
heap
page read and write
7FF7A0A82000
unkown
page read and write
1230000
unkown
page read and write
C0000E4000
direct allocation
page read and write
7FF5D764F000
unkown
page readonly
8E4E000
stack
page read and write
85D000
heap
page read and write
4ADA000
unkown
page read and write
4B02000
trusted library allocation
page read and write
2660000
heap
page execute and read and write
7A6000
heap
page read and write
8810000
unkown
page read and write
1230000
unkown
page read and write
22ADEC30000
direct allocation
page read and write
C16EFFF000
stack
page read and write
3080000
unkown
page read and write
7FF7D5777000
unkown
page write copy
88E000
heap
page read and write
1170000
unkown
page read and write
7FF848E1B000
trusted library allocation
page execute and read and write
4AEA000
unkown
page read and write
9780000
unkown
page read and write
1230000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
4986000
unkown
page read and write
7FF849244000
trusted library allocation
page read and write
9430000
unkown
page read and write
9A8E000
unkown
page read and write
21FA1480000
heap
page read and write
406F4B000
stack
page read and write
2A976BF000
stack
page read and write
3080000
unkown
page read and write
3220000
unkown
page read and write
7FF5D72D7000
unkown
page readonly
88E000
heap
page read and write
4AE3000
trusted library allocation
page read and write
2598E715000
heap
page read and write
B950000
unkown
page readonly
3220000
unkown
page read and write
874000
heap
page read and write
C5FA000
unkown
page read and write
7FF7A0A82000
unkown
page write copy
7FF848E1D000
trusted library allocation
page execute and read and write
AFBE000
stack
page read and write
7FF5D7641000
unkown
page readonly
4AB0000
trusted library allocation
page read and write
1170000
unkown
page read and write
1230000
unkown
page read and write
4AB3000
trusted library allocation
page read and write
4B01000
trusted library allocation
page read and write
9430000
stack
page read and write
7FF5D6BDB000
unkown
page readonly
9700000
stack
page read and write
7FF5D7425000
unkown
page readonly
4A90000
unkown
page read and write
3250000
unkown
page read and write
9780000
unkown
page read and write
884000
heap
page read and write
4AA4000
trusted library allocation
page read and write
2598CB77000
heap
page read and write
338B000
stack
page read and write
3250000
unkown
page read and write
1230000
unkown
page read and write
875000
heap
page read and write
7FF7D5135000
unkown
page read and write
C00003F000
direct allocation
page read and write
2A97ABB000
stack
page read and write
30A0000
unkown
page read and write
2A9874D000
stack
page read and write
88E000
heap
page read and write
833000
heap
page read and write
9A72000
unkown
page read and write
9430000
unkown
page read and write
C605000
unkown
page read and write
41F000
unkown
page readonly
1B9610B0000
heap
page read and write
1270000
unkown
page read and write
7FF7D5095000
unkown
page write copy
262A000
heap
page read and write
22A36824000
trusted library allocation
page read and write
3090000
unkown
page read and write
7FF5D66E8000
unkown
page readonly
83A000
heap
page read and write
9430000
unkown
page read and write
9700000
unkown
page read and write
C000344000
direct allocation
page read and write
7FF7D5133000
unkown
page write copy
9430000
unkown
page read and write
2730000
heap
page read and write
4AF5000
trusted library allocation
page read and write
7FF5D752F000
unkown
page readonly
4A97000
trusted library allocation
page read and write
7FF5D74F2000
unkown
page readonly
9820000
unkown
page read and write
874000
heap
page read and write
22A34DB0000
trusted library allocation
page read and write
9C000
stack
page read and write
C00029A000
direct allocation
page read and write
C0001C2000
direct allocation
page read and write
7FF848E00000
trusted library allocation
page read and write
7FF849050000
trusted library allocation
page read and write
4B2B000
trusted library allocation
page read and write
25DE000
stack
page read and write
1170000
unkown
page read and write
7FF5D6AB6000
unkown
page readonly
1170000
unkown
page read and write
C615000
unkown
page read and write
1170000
unkown
page read and write
A220000
unkown
page read and write
9820000
unkown
page read and write
68AEBFF000
stack
page read and write
B7DC000
stack
page read and write
7FF848FF0000
trusted library allocation
page execute and read and write
1000000
heap
page read and write
7B80000
unkown
page readonly
35F4000
unkown
page read and write
7FF7A0991000
unkown
page execute read
4ABC000
trusted library allocation
page read and write
22A4D678000
heap
page read and write
3230000
unkown
page read and write
9820000
unkown
page read and write
856000
heap
page read and write
C00013C000
direct allocation
page read and write
25F0000
heap
page read and write
7FF848F9A000
trusted library allocation
page read and write
3250000
unkown
page read and write
9430000
unkown
page read and write
7FF5D7703000
unkown
page readonly
7FF5D71F9000
unkown
page readonly
84BB000
stack
page read and write
1230000
unkown
page read and write
9820000
unkown
page read and write
852000
heap
page read and write
884000
heap
page read and write
21FA0230000
heap
page read and write
9820000
unkown
page read and write
2A97A3B000
stack
page read and write
C000086000
direct allocation
page read and write
3250000
unkown
page read and write
4380000
heap
page read and write
22A36989000
trusted library allocation
page read and write
7FF5D7760000
unkown
page readonly
22A36A95000
trusted library allocation
page read and write
22A4D317000
heap
page read and write
87D000
heap
page read and write
3050000
unkown
page read and write
9430000
unkown
page read and write
1170000
unkown
page read and write
7FF848EB0000
trusted library allocation
page execute and read and write
94F4000
unkown
page read and write
9430000
unkown
page read and write
3110000
unkown
page readonly
E8CD000
stack
page read and write
75F8000
unkown
page read and write
10E0000
unkown
page read and write
C0001E4000
direct allocation
page read and write
82E000
heap
page read and write
2660000
heap
page read and write
1230000
unkown
page read and write
7FF5D728E000
unkown
page readonly
7FF5D75A6000
unkown
page readonly
8DD0000
unkown
page read and write
1170000
unkown
page read and write
7C70000
unkown
page readonly
2A986CC000
stack
page read and write
C000420000
direct allocation
page read and write
7FF5D71EF000
unkown
page readonly
1170000
unkown
page read and write
A12F000
stack
page read and write
7FF5D778A000
unkown
page readonly
7FF5D72D0000
unkown
page readonly
C000002000
direct allocation
page read and write
3050000
unkown
page read and write
7FF5D7682000
unkown
page readonly
A9FD000
unkown
page read and write
7E60000
unkown
page read and write
49FD000
unkown
page read and write
864000
heap
page read and write
1230000
unkown
page read and write
9430000
unkown
page read and write
3240000
unkown
page read and write
8D3B000
stack
page read and write
7FF5D723C000
unkown
page readonly
1170000
unkown
page read and write
942E000
stack
page read and write
12D0000
unkown
page readonly
423000
unkown
page write copy
7FF848EA6000
trusted library allocation
page read and write
852000
heap
page read and write
21F87C40000
trusted library allocation
page read and write
7FF5D77A8000
unkown
page readonly
41F000
unkown
page readonly
C0000F0000
direct allocation
page read and write
7FF7D5094000
unkown
page read and write
87D000
heap
page read and write
C00000C000
direct allocation
page read and write
9679000
stack
page read and write
4AA4000
trusted library allocation
page read and write
7460000
unkown
page read and write
3040000
unkown
page read and write
4A95000
trusted library allocation
page read and write
877000
heap
page read and write
85F000
heap
page read and write
7FF849320000
trusted library allocation
page read and write
874000
heap
page read and write
9820000
unkown
page read and write
7FF7A0991000
unkown
page execute read
7FF8492B0000
trusted library allocation
page read and write
1230000
unkown
page read and write
7FF5D76F5000
unkown
page readonly
CA47000
unkown
page read and write
4C6A000
trusted library allocation
page read and write
4D0A000
trusted library allocation
page read and write
8E30000
unkown
page read and write
9430000
unkown
page read and write
3250000
unkown
page read and write
C472000
unkown
page read and write
7FF7D5122000
unkown
page read and write
3250000
unkown
page read and write
C000072000
direct allocation
page read and write
C00032E000
direct allocation
page read and write
4ABA000
trusted library allocation
page read and write
695000
heap
page read and write
1170000
unkown
page read and write
7FF5D77E3000
unkown
page readonly
3230000
unkown
page read and write
7FA000
heap
page read and write
7FF7A0990000
unkown
page readonly
1170000
unkown
page read and write
22ADEC95000
heap
page read and write
B85A000
stack
page read and write
9470000
unkown
page read and write
3080000
unkown
page read and write
C00005B000
direct allocation
page read and write
4AC0000
trusted library allocation
page read and write
1170000
unkown
page read and write
7FF5D774A000
unkown
page readonly
3240000
unkown
page read and write
3250000
unkown
page read and write
3090000
unkown
page read and write
7FF7A0A82000
unkown
page read and write
2560000
heap
page read and write
7FF848E2B000
trusted library allocation
page execute and read and write
9B41000
unkown
page read and write
3250000
unkown
page read and write
2598CB4B000
heap
page read and write
C61D000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
82F000
heap
page read and write
3080000
unkown
page read and write
8380000
unkown
page read and write
3050000
unkown
page read and write
C000024000
direct allocation
page read and write
9820000
unkown
page read and write
7FF849340000
trusted library allocation
page read and write
4A9F000
trusted library allocation
page read and write
884000
heap
page read and write
21F85D40000
trusted library allocation
page read and write
860000
heap
page read and write
1230000
unkown
page read and write
7FF5D7077000
unkown
page readonly
9820000
unkown
page read and write
C0002CE000
direct allocation
page read and write
CDBE3FC000
stack
page read and write
1170000
unkown
page read and write
7FF8492AB000
trusted library allocation
page read and write
1230000
unkown
page read and write
9470000
unkown
page read and write
4381000
heap
page read and write
A33F000
unkown
page read and write
7FF7A0990000
unkown
page readonly
1170000
unkown
page read and write
9D67000
unkown
page read and write
7FF848E03000
trusted library allocation
page read and write
3080000
unkown
page read and write
400000
unkown
page execute and read and write
21F87C96000
trusted library allocation
page read and write
9820000
unkown
page read and write
423000
unkown
page read and write
1170000
unkown
page read and write
41C1000
heap
page read and write
9820000
unkown
page read and write
874000
heap
page read and write
7FF5D729E000
unkown
page readonly
9780000
unkown
page read and write
C5F0000
unkown
page read and write
3250000
unkown
page read and write
4AFA000
unkown
page read and write
3080000
unkown
page read and write
7B60000
unkown
page readonly
22A36808000
trusted library allocation
page read and write
21F85AF0000
heap
page read and write
7FF849090000
trusted library allocation
page read and write
85F000
heap
page read and write
85F000
heap
page read and write
C0002E2000
direct allocation
page read and write
26FE000
heap
page read and write
1230000
unkown
page read and write
7FF5D74A6000
unkown
page readonly
7FF5D71BF000
unkown
page readonly
21F87810000
heap
page read and write
1360000
unkown
page readonly
21FA0235000
heap
page read and write
3290000
unkown
page read and write
4AE5000
trusted library allocation
page read and write
7FF5D7792000
unkown
page readonly
7FF849080000
trusted library allocation
page read and write
3220000
unkown
page read and write
1230000
unkown
page read and write
7FF5D7450000
unkown
page readonly
7FF5D77A4000
unkown
page readonly
281F000
stack
page read and write
7609000
unkown
page read and write
9780000
unkown
page read and write
9430000
unkown
page read and write
3250000
unkown
page read and write
4B00000
unkown
page read and write
A9A0000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
9470000
unkown
page read and write
3250000
unkown
page read and write
22A4D6CF000
heap
page read and write
7FF8490E0000
trusted library allocation
page read and write
2A9757D000
stack
page read and write
7693000
unkown
page read and write
259A7143000
heap
page read and write
21F85A20000
unkown
page readonly
3250000
unkown
page read and write
C0001BE000
direct allocation
page read and write
7FF5D76DA000
unkown
page readonly
7FF5D71E0000
unkown
page readonly
1B961154000
heap
page read and write
9470000
unkown
page read and write
4AE2000
trusted library allocation
page read and write
3240000
unkown
page read and write
C000046000
direct allocation
page read and write
30A0000
unkown
page read and write
7FF848DE2000
trusted library allocation
page read and write
7FF5D71E6000
unkown
page readonly
87D000
heap
page read and write
484E000
stack
page read and write
22A3329E000
heap
page read and write
1230000
unkown
page read and write
C000068000
direct allocation
page read and write
A2B5000
unkown
page read and write
4D65000
trusted library allocation
page read and write
798000
heap
page read and write
82E000
heap
page read and write
22A369AC000
trusted library allocation
page read and write
1230000
unkown
page read and write
22A33460000
trusted library section
page read and write
9820000
unkown
page read and write
1C200B50000
heap
page read and write
864000
heap
page read and write
1170000
unkown
page read and write
3080000
unkown
page read and write
1230000
unkown
page read and write
C0001AA000
direct allocation
page read and write
9780000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
423000
unkown
page read and write
864000
heap
page read and write
7FF5D6ABD000
unkown
page readonly
1170000
unkown
page read and write
41F000
unkown
page readonly
4ED4000
trusted library allocation
page read and write
C9E9000
unkown
page read and write
22AE3DA1000
direct allocation
page read and write
7FF8490B0000
trusted library allocation
page read and write
3290000
unkown
page read and write
4AAA000
trusted library allocation
page read and write
1B962CC0000
heap
page read and write
3220000
unkown
page read and write
9780000
unkown
page read and write
C00008E000
direct allocation
page read and write
21F85E40000
heap
page read and write
22AE3E70000
direct allocation
page read and write
3250000
unkown
page read and write
3080000
unkown
page read and write
2598CCE0000
heap
page read and write
7FF849072000
trusted library allocation
page read and write
2A974FF000
stack
page read and write
7FB000
heap
page read and write
10E0000
unkown
page read and write
8F49000
stack
page read and write
21F85D00000
heap
page read and write
1170000
unkown
page read and write
21F87C46000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
7FF849070000
trusted library allocation
page read and write
2EC0000
unkown
page readonly
2448000
unkown
page readonly
3220000
unkown
page read and write
7FF7D513E000
unkown
page write copy
2550000
direct allocation
page execute and read and write
9430000
unkown
page read and write
30C0000
unkown
page read and write
4AC1000
trusted library allocation
page read and write
9E2E000
stack
page read and write
7FF7D50A2000
unkown
page read and write
1B9610D0000
heap
page read and write
1160000
unkown
page read and write
7FF5D77E9000
unkown
page readonly
1230000
unkown
page read and write
7FF5D732D000
unkown
page readonly
7B00000
unkown
page readonly
9430000
unkown
page read and write
4AAE000
trusted library allocation
page read and write
C0001CC000
direct allocation
page read and write
7FF848FD0000
trusted library allocation
page read and write
7FF849130000
trusted library allocation
page read and write
9780000
unkown
page read and write
86B000
heap
page read and write
7FF848E13000
trusted library allocation
page read and write
7FF849020000
trusted library allocation
page read and write
2448000
unkown
page readonly
7FF848FF0000
trusted library allocation
page read and write
22A332E5000
heap
page read and write
21F85B2C000
heap
page read and write
9780000
unkown
page read and write
1230000
unkown
page read and write
3250000
unkown
page read and write
68B318E000
stack
page read and write
259A7160000
heap
page read and write
9700000
unkown
page read and write
85D000
heap
page read and write
3250000
unkown
page read and write
9430000
unkown
page read and write
1170000
unkown
page read and write
7FF848E90000
trusted library allocation
page read and write
3260000
unkown
page read and write
7FF5D75EE000
unkown
page readonly
9820000
unkown
page read and write
85D000
heap
page read and write
855000
heap
page read and write
3220000
unkown
page read and write
9780000
unkown
page read and write
7FF7D57A6000
unkown
page readonly
7DF4F2471000
unkown
page execute read
3080000
unkown
page read and write
9430000
unkown
page read and write
7FF7A0991000
unkown
page execute read
C00038B000
direct allocation
page read and write
844000
heap
page read and write
86B000
heap
page read and write
22ADE890000
heap
page read and write
7FF5D7215000
unkown
page readonly
4AB9000
trusted library allocation
page read and write
856000
heap
page read and write
3090000
unkown
page read and write
3230000
unkown
page read and write
3240000
unkown
page read and write
3090000
unkown
page read and write
87D000
heap
page read and write
22A334C0000
trusted library allocation
page read and write
35B5000
unkown
page read and write
A1AF000
stack
page read and write
C000422000
direct allocation
page read and write
2448000
unkown
page readonly
7FF5D7740000
unkown
page readonly
22A35229000
trusted library allocation
page read and write
9A76000
unkown
page read and write
9430000
unkown
page read and write
7FF7D56DD000
unkown
page read and write
3230000
unkown
page read and write
4ABB000
trusted library allocation
page read and write
22A451B0000
trusted library allocation
page read and write
7FF849150000
trusted library allocation
page read and write
1B96112D000
heap
page read and write
21F877F0000
heap
page execute and read and write
1395000
heap
page read and write
BF3E000
stack
page read and write
28EF000
stack
page read and write
22AE3DF9000
direct allocation
page read and write
1250000
unkown
page read and write
9470000
unkown
page read and write
1230000
unkown
page read and write
1C200C8B000
heap
page read and write
4AA4000
trusted library allocation
page read and write
1230000
unkown
page read and write
9700000
unkown
page read and write
4ADA000
trusted library allocation
page read and write
1230000
unkown
page read and write
7FF849110000
trusted library allocation
page read and write
852000
heap
page read and write
866000
heap
page read and write
82F000
heap
page read and write
400000
unkown
page readonly
AAA9000
unkown
page read and write
7FF5D762F000
unkown
page readonly
68B3D8D000
stack
page read and write
4ACB000
trusted library allocation
page read and write
2448000
unkown
page readonly
7FF849100000
trusted library allocation
page read and write
3080000
unkown
page read and write
87E000
heap
page read and write
7FF5D7272000
unkown
page readonly
2598CBB8000
heap
page read and write
855000
heap
page read and write
C00034A000
direct allocation
page read and write
3250000
unkown
page read and write
22AE4000000
direct allocation
page read and write
8CB8000
stack
page read and write
B03B000
stack
page read and write
9820000
unkown
page read and write
23780830000
heap
page read and write
7637000
unkown
page read and write
3220000
unkown
page read and write
7FF5D7429000
unkown
page readonly
C000074000
direct allocation
page read and write
7FF8491C0000
trusted library allocation
page read and write
9820000
unkown
page read and write
856000
heap
page read and write
10E0000
unkown
page read and write
2564000
heap
page read and write
3250000
unkown
page read and write
9700000
unkown
page read and write
831000
heap
page read and write
21F9789A000
trusted library allocation
page read and write
3250000
unkown
page read and write
7FF5D7639000
unkown
page readonly
4B19000
trusted library allocation
page read and write
877000
heap
page read and write
3250000
unkown
page read and write
91F0000
unkown
page readonly
7FF7A0990000
unkown
page readonly
4AB4000
trusted library allocation
page read and write
2650000
heap
page read and write
21FA1533000
heap
page read and write
9430000
unkown
page read and write
9A92000
unkown
page read and write
1170000
unkown
page read and write
22A33440000
heap
page read and write
22A334A0000
trusted library allocation
page read and write
21F85BD6000
heap
page read and write
4A9F000
trusted library allocation
page read and write
3250000
unkown
page read and write
C496000
unkown
page read and write
7DF4F2491000
unkown
page execute read
C170BFE000
stack
page read and write
E54D000
stack
page read and write
9430000
unkown
page read and write
3240000
unkown
page read and write
3220000
unkown
page read and write
C000800000
direct allocation
page read and write
7DC0000
unkown
page readonly
9780000
unkown
page read and write
B4BF000
stack
page read and write
874000
heap
page read and write
75E0000
unkown
page read and write
7FF5D75CB000
unkown
page readonly
7FF848E10000
trusted library allocation
page read and write
21FA16A0000
heap
page read and write
3090000
unkown
page read and write
7FF5D7262000
unkown
page readonly
4AB3000
trusted library allocation
page read and write
2A9864B000
stack
page read and write
7FF5D7488000
unkown
page readonly
874000
heap
page read and write
494F000
stack
page read and write
3250000
unkown
page read and write
4A9F000
trusted library allocation
page read and write
7FF5D758D000
unkown
page readonly
4AC1000
trusted library allocation
page read and write
855000
heap
page read and write
7D8000
heap
page read and write
8ECE000
stack
page read and write
A02E000
stack
page read and write
7FF5D770A000
unkown
page readonly
9820000
unkown
page read and write
4B2B000
trusted library allocation
page read and write
7FF8490E0000
trusted library allocation
page read and write
9430000
unkown
page read and write
7DF4F2481000
unkown
page execute read
2610000
unclassified section
page read and write
7FF5D779E000
unkown
page readonly
4150000
heap
page read and write
9430000
unkown
page read and write
C47F000
unkown
page read and write
22A34DB3000
trusted library allocation
page read and write
95FB000
stack
page read and write
3080000
unkown
page read and write
4AB5000
trusted library allocation
page read and write
259A7176000
heap
page read and write
3250000
unkown
page read and write
22AE3E06000
direct allocation
page read and write
C46F000
unkown
page read and write
A2D7000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
3220000
unkown
page read and write
9430000
unkown
page read and write
4AE7000
trusted library allocation
page read and write
3220000
unkown
page read and write
431000
unkown
page read and write
1230000
unkown
page read and write
87D000
heap
page read and write
7FF848FA0000
trusted library allocation
page read and write
3250000
unkown
page read and write
84D000
heap
page read and write
4100000
heap
page read and write
4AC3000
trusted library allocation
page read and write
35D1000
unkown
page read and write
3220000
unkown
page read and write
35FA000
unkown
page read and write
3220000
unkown
page read and write
3230000
unkown
page read and write
C977000
unkown
page read and write
1B961155000
heap
page read and write
2598CB4E000
heap
page read and write
3250000
unkown
page read and write
7FF5D774C000
unkown
page readonly
2598CB35000
heap
page read and write
7FF5D7257000
unkown
page readonly
7C6000
heap
page read and write
7FF849040000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
3080000
unkown
page read and write
259A7150000
heap
page read and write
DB0000
remote allocation
page read and write
9470000
unkown
page read and write
8931000
unkown
page read and write
3080000
unkown
page read and write
7FF5D719C000
unkown
page readonly
1B96114A000
heap
page read and write
C0001F2000
direct allocation
page read and write
B0BD000
stack
page read and write
259E000
stack
page read and write
74D000
stack
page read and write
9700000
unkown
page read and write
E74D000
stack
page read and write
7FF8490C0000
trusted library allocation
page read and write
1170000
unkown
page read and write
4A91000
trusted library allocation
page read and write
C000134000
direct allocation
page read and write
2598CB18000
heap
page read and write
2620000
heap
page read and write
9430000
unkown
page read and write
F0C000
heap
page read and write
3080000
unkown
page read and write
85F000
heap
page read and write
21F85B0B000
heap
page read and write
859000
heap
page read and write
C7CB000
unkown
page read and write
C3CD000
stack
page read and write
7FF848F20000
trusted library allocation
page execute and read and write
10E0000
unkown
page read and write
1170000
unkown
page read and write
7FF5D72CE000
unkown
page readonly
884000
heap
page read and write
7FF848FCB000
trusted library allocation
page read and write
259A8250000
heap
page read and write
C000480000
direct allocation
page read and write
21FA1537000
heap
page read and write
C16F7FD000
stack
page read and write
3050000
unkown
page read and write
26F0000
heap
page read and write
C00014C000
direct allocation
page read and write
8DD0000
unkown
page read and write
83A000
heap
page read and write
C0003FE000
direct allocation
page read and write
8B79000
unkown
page read and write
C000412000
direct allocation
page read and write
8870000
unkown
page readonly
7FF5D7385000
unkown
page readonly
21FA0101000
heap
page read and write
8E30000
unkown
page read and write
7FF5D76E8000
unkown
page readonly
C0002EC000
direct allocation
page read and write
85D000
heap
page read and write
1230000
unkown
page read and write
85BE000
stack
page read and write
3240000
unkown
page read and write
9430000
unkown
page read and write
1170000
unkown
page read and write
A233000
unkown
page read and write
1B962CC9000
heap
page read and write
9430000
unkown
page read and write
22ADE880000
heap
page read and write
C0001C4000
direct allocation
page read and write
35D3000
unkown
page read and write
1B962BE1000
heap
page read and write
22A34DC0000
heap
page execute and read and write
7FF5D76D7000
unkown
page readonly
1E4000
heap
page read and write
9430000
unkown
page read and write
830000
heap
page read and write
3250000
unkown
page read and write
22A36A8F000
trusted library allocation
page read and write
3040000
unkown
page read and write
7FF7D5094000
unkown
page write copy
4B19000
trusted library allocation
page read and write
9470000
unkown
page read and write
9430000
unkown
page read and write
C000004000
direct allocation
page read and write
1170000
unkown
page read and write
C00019A000
direct allocation
page read and write
7FF5D6BE4000
unkown
page readonly
68AF7F4000
stack
page read and write
22ADE8B0000
heap
page read and write
3240000
unkown
page read and write
9A80000
unkown
page read and write
4B0D000
trusted library allocation
page read and write
7FF5D72BD000
unkown
page readonly
88E000
heap
page read and write
9780000
unkown
page read and write
22A34E54000
heap
page read and write
1170000
unkown
page read and write
25E0000
direct allocation
page execute and read and write
7FF7A0A1D000
unkown
page readonly
AA10000
unkown
page read and write
8FD9000
stack
page read and write
23782000000
heap
page read and write
1170000
unkown
page read and write
30C0000
unkown
page read and write
1230000
unkown
page read and write
7FF849020000
trusted library allocation
page read and write
C0003C8000
direct allocation
page read and write
7E3000
heap
page read and write
858000
heap
page read and write
C00011E000
direct allocation
page read and write
2A9793E000
stack
page read and write
2598E640000
trusted library allocation
page read and write
2448000
unkown
page readonly
49FA000
unkown
page read and write
1170000
unkown
page read and write
C00011C000
direct allocation
page read and write
852000
heap
page read and write
1B96113D000
heap
page read and write
3250000
unkown
page read and write
7C31000
unkown
page read and write
7FF7A0A1D000
unkown
page readonly
3220000
unkown
page read and write
7FF849000000
trusted library allocation
page execute and read and write
85D000
heap
page read and write
88E000
heap
page read and write
4B46000
trusted library allocation
page read and write
7C6000
heap
page read and write
423000
unkown
page write copy
423000
unkown
page write copy
22A367D2000
trusted library allocation
page read and write
22A33470000
trusted library section
page read and write
9430000
unkown
page read and write
790000
heap
page read and write
C97B000
unkown
page read and write
4A9B000
trusted library allocation
page read and write
1230000
unkown
page read and write
C16F3FF000
stack
page read and write
7FF848EBC000
trusted library allocation
page execute and read and write
9430000
unkown
page read and write
877000
heap
page read and write
21FA16A4000
heap
page read and write
7E58000
stack
page read and write
3250000
unkown
page read and write
3240000
unkown
page read and write
2598CD70000
trusted library allocation
page read and write
C00028E000
direct allocation
page read and write
7FF849140000
trusted library allocation
page read and write
9780000
unkown
page read and write
C000064000
direct allocation
page read and write
1230000
unkown
page read and write
9C000
stack
page read and write
2A9783C000
stack
page read and write
879000
heap
page read and write
3260000
unkown
page read and write
9700000
unkown
page read and write
7CB0000
unkown
page readonly
7FF7D509E000
unkown
page write copy
7AE0000
unkown
page read and write
AAA0000
unkown
page read and write
7FF849190000
trusted library allocation
page read and write
761E000
unkown
page read and write
3230000
unkown
page read and write
9580000
unkown
page read and write
7FF848EC6000
trusted library allocation
page execute and read and write
7FF848F90000
trusted library allocation
page read and write
4AC5000
trusted library allocation
page read and write
3260000
unkown
page read and write
2599E787000
trusted library allocation
page read and write
4AED000
trusted library allocation
page read and write
21F87C30000
trusted library allocation
page read and write
7FF5D75AF000
unkown
page readonly
3080000
unkown
page read and write
C000036000
direct allocation
page read and write
7FF5D7230000
unkown
page readonly
E7CD000
stack
page read and write
7FF5D7482000
unkown
page readonly
7FF5D74FA000
unkown
page readonly
7FF849050000
trusted library allocation
page read and write
3290000
unkown
page read and write
4B92000
trusted library allocation
page read and write
9430000
unkown
page read and write
87D000
heap
page read and write
3250000
unkown
page read and write
3240000
unkown
page read and write
22A353D2000
trusted library allocation
page read and write
2580000
heap
page read and write
3230000
unkown
page read and write
7C90000
unkown
page read and write
30C0000
unkown
page read and write
A286000
unkown
page read and write
7FF5D7669000
unkown
page readonly
1E0000
heap
page read and write
7605000
unkown
page read and write
21FA14D9000
heap
page read and write
7DF4F2460000
unkown
page readonly
7FF5D75DF000
unkown
page readonly
4A9B000
trusted library allocation
page read and write
1230000
unkown
page read and write
1170000
unkown
page read and write
9820000
unkown
page read and write
C000184000
direct allocation
page read and write
21F85A22000
unkown
page readonly
8890000
unkown
page readonly
1170000
unkown
page read and write
3040000
unkown
page read and write
7FF7D509B000
unkown
page write copy
1230000
unkown
page read and write
7FF5D77CD000
unkown
page readonly
3250000
unkown
page read and write
9780000
unkown
page read and write
C000066000
direct allocation
page read and write
2A97679000
stack
page read and write
E00000
unkown
page readonly
1230000
unkown
page read and write
9820000
unkown
page read and write
C621000
unkown
page read and write
25AE000
stack
page read and write
21F85D65000
heap
page read and write
7FF5D7438000
unkown
page readonly
AA97000
unkown
page read and write
8A46000
unkown
page read and write
9430000
unkown
page read and write
7618000
unkown
page read and write
3170000
unkown
page read and write
106F6000
unkown
page read and write
3250000
unkown
page read and write
C035000
stack
page read and write
22ADEC37000
direct allocation
page read and write
1230000
unkown
page read and write
2A97273000
stack
page read and write
893D000
unkown
page read and write
33F0000
unkown
page read and write
4AB7000
trusted library allocation
page read and write
4A91000
trusted library allocation
page read and write
21FA00D0000
heap
page read and write
22A3698B000
trusted library allocation
page read and write
9430000
unkown
page read and write
9780000
unkown
page read and write
68B03FE000
stack
page read and write
4A95000
trusted library allocation
page read and write
1230000
unkown
page read and write
19D000
stack
page read and write
C000000000
direct allocation
page read and write
C908000
unkown
page read and write
21F85AD0000
heap
page read and write
1230000
unkown
page read and write
3250000
unkown
page read and write
1067B000
unkown
page read and write
7FF5D720F000
unkown
page readonly
21FA151A000
heap
page read and write
7FF8490A0000
trusted library allocation
page read and write
7FF5D77F7000
unkown
page readonly
4ADE000
trusted library allocation
page read and write
7FF5D71EA000
unkown
page readonly
9430000
unkown
page read and write
82F000
heap
page read and write
7D8000
heap
page read and write
3250000
unkown
page read and write
4AD4000
trusted library allocation
page read and write
3250000
unkown
page read and write
7FF5D72FB000
unkown
page readonly
7FF849100000
trusted library allocation
page read and write
7FF5D71D7000
unkown
page readonly
107B0000
unkown
page read and write
7FF848FE9000
trusted library allocation
page read and write
3250000
unkown
page read and write
22ADE8E8000
direct allocation
page read and write
C5F4000
unkown
page read and write
21F85D60000
heap
page read and write
84C000
heap
page read and write
10E0000
unkown
page read and write
400000
unkown
page execute and read and write
2FF9000
stack
page read and write
3240000
unkown
page read and write
C0000EC000
direct allocation
page read and write
C000196000
direct allocation
page read and write
A40E000
unkown
page read and write
4160000
heap
page read and write
7FF5D7462000
unkown
page readonly
2598CD90000
trusted library allocation
page read and write
9820000
unkown
page read and write
400000
unkown
page execute and read and write
84A000
heap
page read and write
7FF5D7523000
unkown
page readonly
40BF000
stack
page read and write
7FA000
heap
page read and write
22ADE920000
direct allocation
page read and write
864000
heap
page read and write
697000
heap
page read and write
8963000
unkown
page read and write
7FF5D75B3000
unkown
page readonly
2530000
heap
page read and write
760F000
unkown
page read and write
1B96112F000
heap
page read and write
4ACC000
trusted library allocation
page read and write
C000062000
direct allocation
page read and write
9430000
unkown
page read and write
84C000
heap
page read and write
3250000
unkown
page read and write
7FF5D75C1000
unkown
page readonly
9700000
unkown
page read and write
22A36A89000
trusted library allocation
page read and write
1230000
unkown
page read and write
7FF5D765F000
unkown
page readonly
3240000
unkown
page read and write
7FF5D7336000
unkown
page readonly
4AB5000
trusted library allocation
page read and write
10E0000
unkown
page read and write
22AE3DFB000
direct allocation
page read and write
C0002B9000
direct allocation
page read and write
22ADE8E4000
direct allocation
page read and write
3050000
unkown
page read and write
87E000
heap
page read and write
9700000
unkown
page read and write
9430000
unkown
page read and write
C24E000
stack
page read and write
7FF5D7808000
unkown
page readonly
7AB0000
unkown
page read and write
22A332BE000
heap
page read and write
C000052000
direct allocation
page read and write
8DD0000
unkown
page read and write
C00037E000
direct allocation
page read and write
7FF5D720A000
unkown
page readonly
9470000
unkown
page read and write
BDC0000
unkown
page read and write
A251000
unkown
page read and write
35CF000
unkown
page read and write
22ADEC6C000
direct allocation
page read and write
768C000
unkown
page read and write
10E0000
unkown
page read and write
21FA00C0000
heap
page read and write
4A9E000
trusted library allocation
page read and write
85F000
heap
page read and write
3250000
unkown
page read and write
22A334D4000
heap
page read and write
7FF848DF4000
trusted library allocation
page read and write
22A36836000
trusted library allocation
page read and write
1230000
unkown
page read and write
87C000
heap
page read and write
3140000
unkown
page read and write
4BD2000
trusted library allocation
page read and write
8380000
unkown
page read and write
9A8C000
unkown
page read and write
9820000
unkown
page read and write
1170000
unkown
page read and write
877000
heap
page read and write
22A36A98000
trusted library allocation
page read and write
10E0000
unkown
page read and write
7FF7D577A000
unkown
page write copy
9AA8000
unkown
page read and write
84D000
heap
page read and write
3250000
unkown
page read and write
2A9747D000
stack
page read and write
836000
heap
page read and write
41B0000
heap
page read and write
7C80000
unkown
page read and write
1230000
unkown
page read and write
C000400000
direct allocation
page read and write
9430000
unkown
page read and write
4A12000
unkown
page read and write
9820000
unkown
page read and write
CDBEFFF000
stack
page read and write
7FF5D75F2000
unkown
page readonly
4B1E000
trusted library allocation
page read and write
8E30000
unkown
page read and write
362A000
unkown
page read and write
7FF5D710B000
unkown
page readonly
2A9854F000
stack
page read and write
9700000
unkown
page read and write
C0001C8000
direct allocation
page read and write
7FF5D7700000
unkown
page readonly
4AB7000
trusted library allocation
page read and write
7FF848EAC000
trusted library allocation
page execute and read and write
2598E770000
heap
page execute and read and write
3250000
unkown
page read and write
DB0000
remote allocation
page read and write
7FF5D7795000
unkown
page readonly
C0003C2000
direct allocation
page read and write
22A4D467000
heap
page execute and read and write
6DE000
stack
page read and write
879000
heap
page read and write
9430000
unkown
page read and write
40B000
unkown
page execute read
96FE000
stack
page read and write
9430000
unkown
page read and write
22A36DB2000
trusted library allocation
page read and write
85F000
heap
page read and write
7B20000
unkown
page read and write
9780000
unkown
page read and write
7FF849310000
trusted library allocation
page read and write
7FF5D7244000
unkown
page readonly
7435000
stack
page read and write
22A36B30000
trusted library allocation
page read and write
1170000
unkown
page read and write
3250000
unkown
page read and write
2A9848E000
stack
page read and write
C1CC000
stack
page read and write
262E000
heap
page read and write
779E000
unkown
page read and write
7FF849030000
trusted library allocation
page read and write
1230000
unkown
page read and write
7FF5D71AF000
unkown
page readonly
1B962CC8000
heap
page read and write
7FF5D73F5000
unkown
page readonly
9430000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
2378073B000
heap
page read and write
9430000
unkown
page read and write
22ADE8E0000
direct allocation
page read and write
760D000
unkown
page read and write
2653000
heap
page read and write
7FF7D57A6000
unkown
page readonly
7FF849080000
trusted library allocation
page read and write
C806000
unkown
page read and write
4AE4000
trusted library allocation
page read and write
106FB000
unkown
page read and write
7FF5D7558000
unkown
page readonly
3250000
unkown
page read and write
9AC3000
unkown
page read and write
C483000
unkown
page read and write
9780000
unkown
page read and write
C0001A8000
direct allocation
page read and write
21F87A87000
trusted library allocation
page read and write
35D5000
unkown
page read and write
7FF848DFB000
trusted library allocation
page read and write
879000
heap
page read and write
9820000
unkown
page read and write
C5FD000
unkown
page read and write
1230000
unkown
page read and write
1230000
unkown
page read and write
9430000
unkown
page read and write
3080000
unkown
page read and write
864000
heap
page read and write
3250000
unkown
page read and write
7FF7A0991000
unkown
page execute read
1C200C60000
heap
page read and write
7FF7A0A1D000
unkown
page readonly
7FF7D511E000
unkown
page write copy
3080000
unkown
page read and write
22AE4010000
direct allocation
page read and write
3220000
unkown
page read and write
21FA14AF000
heap
page read and write
7FF5D75F6000
unkown
page readonly
1230000
unkown
page read and write
3050000
unkown
page read and write
3220000
unkown
page read and write
1C2026E0000
heap
page read and write
22A369B1000
trusted library allocation
page read and write
7DBC000
stack
page read and write
22ADE938000
heap
page read and write
7FF5D777A000
unkown
page readonly
22ADEC80000
direct allocation
page read and write
1F0000
heap
page read and write
C9E6000
unkown
page read and write
7FF848E4C000
trusted library allocation
page execute and read and write
7FF5D77EB000
unkown
page readonly
4B15000
trusted library allocation
page read and write
7FF5D745B000
unkown
page readonly
CDBE7FF000
stack
page read and write
25CE000
stack
page read and write
C00055E000
direct allocation
page read and write
4CEE000
stack
page read and write
21F85D70000
trusted library allocation
page read and write
1230000
unkown
page read and write
21F85CE0000
heap
page read and write
3230000
unkown
page read and write
49A8000
unkown
page read and write
BFB8000
stack
page read and write
1230000
unkown
page read and write
C000130000
direct allocation
page read and write
1230000
unkown
page read and write
7FF7D4C01000
unkown
page execute read
9780000
unkown
page read and write
864000
heap
page read and write
3220000
unkown
page read and write
87D000
heap
page read and write
1B962AD0000
heap
page read and write
1170000
unkown
page read and write
21FA17FD000
heap
page read and write
4BF2000
trusted library allocation
page read and write
511000
remote allocation
page execute and read and write
1170000
unkown
page read and write
3040000
unkown
page read and write
88E000
heap
page read and write
5330000
unkown
page write copy
1170000
unkown
page read and write
9430000
unkown
page read and write
21F87BB9000
trusted library allocation
page read and write
12B0000
unkown
page read and write
BB10000
heap
page read and write
3040000
unkown
page read and write
9700000
unkown
page read and write
7E3000
heap
page read and write
C62D000
unkown
page read and write
1230000
unkown
page read and write
10689000
unkown
page read and write
8DCB000
stack
page read and write
1230000
unkown
page read and write
2598CE40000
heap
page read and write
7FF848EA0000
trusted library allocation
page execute and read and write
3250000
unkown
page read and write
8E30000
unkown
page read and write
9780000
unkown
page read and write
8DD0000
unkown
page read and write
9EAC000
stack
page read and write
87D000
heap
page read and write
870000
heap
page read and write
7FF5D7267000
unkown
page readonly
4AEE000
trusted library allocation
page read and write
7FF5D77C7000
unkown
page readonly
7FF848E00000
trusted library allocation
page read and write
9430000
unkown
page read and write
3220000
unkown
page read and write
7FF848FB0000
trusted library allocation
page execute and read and write
8880000
unkown
page readonly
10E0000
unkown
page read and write
1230000
unkown
page read and write
9820000
unkown
page read and write
3240000
unkown
page read and write
1B9610D9000
heap
page read and write
3260000
unkown
page read and write
1170000
unkown
page read and write
3240000
unkown
page read and write
4B9B000
trusted library allocation
page read and write
A2A2000
unkown
page read and write
9430000
unkown
page read and write
4190000
heap
page read and write
7FF5D74C3000
unkown
page readonly
98F000
stack
page read and write
1B961080000
heap
page read and write
C4BD000
unkown
page read and write
9700000
unkown
page read and write
22A33480000
trusted library allocation
page read and write
7FF848E24000
trusted library allocation
page read and write
7FF5D7648000
unkown
page readonly
7FF848E14000
trusted library allocation
page read and write
21F85D80000
trusted library allocation
page read and write
10E0000
unkown
page read and write
9700000
unkown
page read and write
A3AC000
unkown
page read and write
7FF5D717C000
unkown
page readonly
7686000
unkown
page read and write
7FF5D75BF000
unkown
page readonly
86B000
heap
page read and write
C642000
unkown
page read and write
C000118000
direct allocation
page read and write
9820000
unkown
page read and write
4B0E000
trusted library allocation
page read and write
1170000
unkown
page read and write
7FF7D56FB000
unkown
page read and write
A3B9000
unkown
page read and write
4ABC000
trusted library allocation
page read and write
22A33210000
heap
page read and write
7FF5D71A6000
unkown
page readonly
4AA4000
trusted library allocation
page read and write
4090000
direct allocation
page read and write
9820000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
22AE3DCD000
direct allocation
page read and write
3260000
unkown
page read and write
7FF8492E0000
trusted library allocation
page read and write
21F97839000
trusted library allocation
page read and write
22A36834000
trusted library allocation
page read and write
7FF5D7280000
unkown
page readonly
3280000
unkown
page read and write
9FAF000
stack
page read and write
97FF000
stack
page read and write
C609000
unkown
page read and write
21FA2F80000
heap
page read and write
C00010E000
direct allocation
page read and write
9430000
unkown
page read and write
C0001D9000
direct allocation
page read and write
30C0000
unkown
page read and write
A3AA000
unkown
page read and write
1350000
unkown
page readonly
4AA4000
trusted library allocation
page read and write
9ABD000
unkown
page read and write
87E000
heap
page read and write
3260000
unkown
page read and write
7FF5D7507000
unkown
page readonly
1170000
unkown
page read and write
22A4D2C7000
heap
page read and write
3250000
unkown
page read and write
22AE3E21000
direct allocation
page read and write
3240000
unkown
page read and write
9700000
unkown
page read and write
2A97737000
stack
page read and write
4C42000
trusted library allocation
page read and write
22A369AF000
trusted library allocation
page read and write
7FF5D7694000
unkown
page readonly
9AAA000
unkown
page read and write
4A90000
trusted library allocation
page read and write
7FF5D760B000
unkown
page readonly
84F000
heap
page read and write
22A4D2C5000
heap
page read and write
1B96112D000
heap
page read and write
3260000
unkown
page read and write
7FF5D75B8000
unkown
page readonly
68B398F000
stack
page read and write
9700000
unkown
page read and write
21F85D83000
trusted library allocation
page read and write
9430000
unkown
page read and write
22A33268000
heap
page read and write
3240000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
3100000
unkown
page read and write
22A451A1000
trusted library allocation
page read and write
21F878AE000
trusted library allocation
page read and write
2598CE45000
heap
page read and write
3270000
unkown
page read and write
2679000
heap
page read and write
C663000
unkown
page read and write
832000
heap
page read and write
7FF7A0A82000
unkown
page write copy
9820000
unkown
page read and write
7FF5D66E3000
unkown
page readonly
3220000
unkown
page read and write
9820000
unkown
page read and write
1230000
unkown
page read and write
4BBA000
trusted library allocation
page read and write
86A000
heap
page read and write
22A36985000
trusted library allocation
page read and write
3250000
unkown
page read and write
1B961148000
heap
page read and write
49BB000
unkown
page read and write
68ADBF4000
stack
page read and write
9430000
unkown
page read and write
C73E000
unkown
page read and write
87D000
heap
page read and write
22A4D393000
heap
page read and write
35C3000
unkown
page read and write
C000154000
direct allocation
page read and write
B4D0000
unkown
page readonly
1230000
unkown
page read and write
1B962CC8000
heap
page read and write
9AB4000
unkown
page read and write
C000389000
direct allocation
page read and write
3250000
unkown
page read and write
83E000
heap
page read and write
885000
heap
page read and write
21F85B2A000
heap
page read and write
3240000
unkown
page read and write
26AF000
stack
page read and write
87E000
heap
page read and write
22ADEC90000
heap
page read and write
7FF5D775C000
unkown
page readonly
21F87C69000
trusted library allocation
page read and write
21F85E10000
heap
page execute and read and write
7FF848F10000
trusted library allocation
page execute and read and write
1B961115000
heap
page read and write
4161000
heap
page read and write
7440000
unkown
page read and write
848000
heap
page read and write
7FF5D748C000
unkown
page readonly
7FF5D7589000
unkown
page readonly
7FF7D513C000
unkown
page read and write
1230000
unkown
page read and write
7FF5D77DD000
unkown
page readonly
9580000
stack
page read and write
7FF5D7820000
unkown
page readonly
9430000
unkown
page read and write
874000
heap
page read and write
1170000
unkown
page read and write
1230000
unkown
page read and write
843F000
stack
page read and write
3220000
unkown
page read and write
7FF5D766E000
unkown
page readonly
C0000D8000
direct allocation
page read and write
9700000
unkown
page read and write
1230000
unkown
page read and write
4320000
heap
page read and write
7FF849000000
trusted library allocation
page read and write
C00001E000
direct allocation
page read and write
4ADC000
trusted library allocation
page read and write
9430000
unkown
page read and write
4AAD000
trusted library allocation
page read and write
4AC6000
trusted library allocation
page read and write
7810000
unkown
page read and write
1B96112B000
heap
page read and write
2598E600000
heap
page read and write
7FF848DE4000
trusted library allocation
page read and write
78D000
stack
page read and write
7FF7D577A000
unkown
page write copy
7FF7A0991000
unkown
page execute read
99B0000
unkown
page read and write
84A000
heap
page read and write
BB9C000
stack
page read and write
21F87B56000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
9820000
unkown
page read and write
3260000
unkown
page read and write
7FF5D7376000
unkown
page readonly
9820000
unkown
page read and write
1230000
unkown
page read and write
C000078000
direct allocation
page read and write
22A36806000
trusted library allocation
page read and write
86B000
heap
page read and write
2A975FE000
stack
page read and write
9430000
unkown
page read and write
68AFBFE000
stack
page read and write
C000076000
direct allocation
page read and write
7FF849180000
trusted library allocation
page read and write
21FA1942000
trusted library allocation
page read and write
85C000
heap
page read and write
7FF849030000
trusted library allocation
page read and write
7B10000
unkown
page read and write
7FF7A0990000
unkown
page readonly
3250000
unkown
page read and write
9430000
unkown
page read and write
9430000
unkown
page read and write
7989000
stack
page read and write
836000
heap
page read and write
3240000
unkown
page read and write
22AE3FB1000
direct allocation
page read and write
21F9F850000
trusted library allocation
page read and write
284F000
stack
page read and write
41C0000
heap
page read and write
A264000
unkown
page read and write
22A36A92000
trusted library allocation
page read and write
400000
unkown
page readonly
270D000
heap
page execute and read and write
3230000
unkown
page read and write
AA01000
unkown
page read and write
855000
heap
page read and write
1C200C30000
heap
page read and write
A416000
unkown
page read and write
C0001A4000
direct allocation
page read and write
A391000
unkown
page read and write
4B90000
heap
page read and write
7FF5D77FD000
unkown
page readonly
25F0000
direct allocation
page read and write
7FF8490D0000
trusted library allocation
page read and write
22ADEC3A000
direct allocation
page read and write
4AA4000
trusted library allocation
page read and write
7FF848FA0000
trusted library allocation
page execute and read and write
3220000
unkown
page read and write
7FF849120000
trusted library allocation
page read and write
760B000
unkown
page read and write
3250000
unkown
page read and write
C00041E000
direct allocation
page read and write
423000
unkown
page read and write
21FA00F3000
heap
page read and write
22A4D315000
heap
page read and write
1230000
unkown
page read and write
7FF848FC0000
trusted library allocation
page read and write
C0003DE000
direct allocation
page read and write
7691000
unkown
page read and write
4B44000
trusted library allocation
page read and write
2A978BE000
stack
page read and write
9700000
unkown
page read and write
22A332A6000
heap
page read and write
1230000
unkown
page read and write
9A84000
unkown
page read and write
9820000
unkown
page read and write
88E000
heap
page read and write
7FF8492F0000
trusted library allocation
page execute and read and write
2A98443000
stack
page read and write
7FF5D7442000
unkown
page readonly
9820000
unkown
page read and write
35B3000
unkown
page read and write
84A000
heap
page read and write
4B91000
heap
page read and write
1C200C80000
heap
page read and write
7FF5D75E9000
unkown
page readonly
C78A000
unkown
page read and write
F6CA000
heap
page read and write
C00001C000
direct allocation
page read and write
86B000
heap
page read and write
1230000
unkown
page read and write
22A3682C000
trusted library allocation
page read and write
2598E82A000
trusted library allocation
page read and write
106B3000
unkown
page read and write
F6C2000
heap
page read and write
84E000
heap
page read and write
670000
heap
page read and write
4D2F000
stack
page read and write
2460000
heap
page read and write
C8C4000
unkown
page read and write
4C72000
trusted library allocation
page read and write
431000
unkown
page read and write
3250000
unkown
page read and write
10E0000
unkown
page read and write
21F85E80000
trusted library allocation
page read and write
9430000
unkown
page read and write
3260000
unkown
page read and write
3080000
unkown
page read and write
3240000
unkown
page read and write
7FF5D7202000
unkown
page readonly
9700000
unkown
page read and write
874000
heap
page read and write
2A979BE000
stack
page read and write
7FF5D7643000
unkown
page readonly
7FF8490C0000
trusted library allocation
page read and write
C450000
unkown
page read and write
10E0000
unkown
page read and write
22A34DF0000
heap
page execute and read and write
1170000
unkown
page read and write
4AA2000
trusted library allocation
page read and write
4B3A000
trusted library allocation
page read and write
7FF5D76D5000
unkown
page readonly
3230000
unkown
page read and write
1170000
unkown
page read and write
49A000
stack
page read and write
1170000
unkown
page read and write
C00006E000
direct allocation
page read and write
9780000
unkown
page read and write
21FA307C000
heap
page read and write
FF0000
unkown
page readonly
4B0C000
trusted library allocation
page read and write
B0E0000
unkown
page readonly
9780000
unkown
page read and write
22A36830000
trusted library allocation
page read and write
7FF848FE0000
trusted library allocation
page read and write
7FF849120000
trusted library allocation
page read and write
9430000
unkown
page read and write
7FF5D72C8000
unkown
page readonly
C7BE000
unkown
page read and write
3080000
unkown
page read and write
3240000
unkown
page read and write
4ACF000
trusted library allocation
page read and write
1170000
unkown
page read and write
3240000
unkown
page read and write
3240000
unkown
page read and write
4EC0000
heap
page read and write
8A70000
unkown
page read and write
3240000
unkown
page read and write
3250000
unkown
page read and write
3290000
unkown
page read and write
7FF8490F0000
trusted library allocation
page read and write
C000140000
direct allocation
page read and write
C800000
unkown
page read and write
88E000
heap
page read and write
7FF848FA0000
trusted library allocation
page execute and read and write
21FA14E8000
heap
page read and write
10E0000
unkown
page read and write
10E0000
unkown
page read and write
3250000
unkown
page read and write
3220000
unkown
page read and write
4AD3000
trusted library allocation
page read and write
B330000
unkown
page read and write
C1703FE000
stack
page read and write
C16FBFD000
stack
page read and write
3250000
unkown
page read and write
7FF849330000
trusted library allocation
page read and write
CDBEDFF000
stack
page read and write
B559000
stack
page read and write
7FF848E10000
trusted library allocation
page read and write
41C0000
heap
page read and write
2598CE30000
trusted library section
page readonly
3240000
unkown
page read and write
22A4D1AF000
heap
page read and write
82E000
heap
page read and write
22A3693F000
trusted library allocation
page read and write
2657000
heap
page read and write
9820000
unkown
page read and write
3080000
unkown
page read and write
7FF8492C0000
trusted library allocation
page read and write
9820000
unkown
page read and write
7FF5D71C8000
unkown
page readonly
95C0000
stack
page read and write
2530000
heap
page read and write
C000424000
direct allocation
page read and write
AA0B000
unkown
page read and write
3240000
unkown
page read and write
40B000
unkown
page execute read
A23A000
unkown
page read and write
E94E000
stack
page read and write
3080000
unkown
page read and write
C0000E2000
direct allocation
page read and write
22A36999000
trusted library allocation
page read and write
A273000
unkown
page read and write
2598CB10000
heap
page read and write
77A2000
unkown
page read and write
9700000
unkown
page read and write
7FF5D768B000
unkown
page readonly
4B11000
trusted library allocation
page read and write
4AE5000
trusted library allocation
page read and write
3250000
unkown
page read and write
2598CBB0000
heap
page read and write
22A35DD2000
trusted library allocation
page read and write
7FF848F91000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
4B02000
trusted library allocation
page read and write
7FF849130000
trusted library allocation
page read and write
87D000
heap
page read and write
7FF8491B0000
trusted library allocation
page read and write
22A36E7C000
trusted library allocation
page read and write
30A0000
unkown
page read and write
21F85CC0000
heap
page read and write
3250000
unkown
page read and write
259A9AD4000
heap
page read and write
3080000
unkown
page read and write
3220000
unkown
page read and write
2600000
unclassified section
page read and write
22A3698D000
trusted library allocation
page read and write
41F000
unkown
page readonly
3626000
unkown
page read and write
88E000
heap
page read and write
88D000
heap
page read and write
7FF849010000
trusted library allocation
page execute and read and write
21F87C60000
trusted library allocation
page read and write
3230000
unkown
page read and write
A237000
unkown
page read and write
C0000CA000
direct allocation
page read and write
3250000
unkown
page read and write
7FF5D7546000
unkown
page readonly
9820000
unkown
page read and write
22A4520C000
trusted library allocation
page read and write
21F87C64000
trusted library allocation
page read and write
7FF848FC2000
trusted library allocation
page read and write
4AA4000
trusted library allocation
page read and write
1B962BB2000
heap
page read and write
F13000
heap
page read and write
4980000
unkown
page read and write
7FF848DF3000
trusted library allocation
page execute and read and write
9430000
unkown
page read and write
9700000
unkown
page read and write
C9C9000
unkown
page read and write
855000
heap
page read and write
53E1000
unkown
page read and write
7FF5D7745000
unkown
page readonly
4C0000
remote allocation
page execute and read and write
7FF7A0990000
unkown
page readonly
30C0000
unkown
page read and write
1B961145000
heap
page read and write
4C3E000
trusted library allocation
page read and write
9820000
unkown
page read and write
884000
heap
page read and write
7FF5D7075000
unkown
page readonly
4AE6000
trusted library allocation
page read and write
9470000
unkown
page read and write
7FF848E02000
trusted library allocation
page read and write
9A98000
unkown
page read and write
7FF7D4C00000
unkown
page readonly
88E000
heap
page read and write
21FA00B3000
heap
page read and write
9430000
unkown
page read and write
1170000
unkown
page read and write
7FF849170000
trusted library allocation
page read and write
C4C6000
unkown
page read and write
40A0000
unclassified section
page read and write
7FF5D72E9000
unkown
page readonly
88E000
heap
page read and write
4AC0000
trusted library allocation
page read and write
C00004B000
direct allocation
page read and write
7FF8491D4000
trusted library allocation
page read and write
22A334B0000
heap
page readonly
C000031000
direct allocation
page read and write
87E000
heap
page read and write
3090000
unkown
page read and write
7FF7D5769000
unkown
page read and write
2598CDB5000
heap
page read and write
2598CBFB000
heap
page read and write
3220000
unkown
page read and write
C0000C6000
direct allocation
page read and write
7FF8492D0000
trusted library allocation
page read and write
C0000DC000
direct allocation
page read and write
7FF7D50A0000
unkown
page read and write
42D0000
heap
page read and write
9430000
unkown
page read and write
7FF5D7705000
unkown
page readonly
C000022000
direct allocation
page read and write
7FF849060000
trusted library allocation
page read and write
7FF5D71C4000
unkown
page readonly
9430000
unkown
page read and write
3230000
unkown
page read and write
7FF848E20000
trusted library allocation
page read and write
997C000
stack
page read and write
1390000
heap
page read and write
9A9E000
unkown
page read and write
1170000
unkown
page read and write
9430000
unkown
page read and write
3240000
unkown
page read and write
4B2B000
trusted library allocation
page read and write
2599E781000
trusted library allocation
page read and write
864000
heap
page read and write
259A70F0000
heap
page execute and read and write
86D0000
unkown
page readonly
1B9610DC000
heap
page read and write
21F85DC0000
heap
page execute and read and write
7FF848ED6000
trusted library allocation
page execute and read and write
7FF848F00000
trusted library allocation
page execute and read and write
1B962CC5000
heap
page read and write
4ACB000
trusted library allocation
page read and write
23780730000
heap
page read and write
7FF849010000
trusted library allocation
page read and write
C4DC000
unkown
page read and write
26FA000
heap
page read and write
3250000
unkown
page read and write
84D000
heap
page read and write
1B961133000
heap
page read and write
C00019E000
direct allocation
page read and write
30FB000
stack
page read and write
3630000
unkown
page readonly
3250000
unkown
page read and write
7FF848DF0000
trusted library allocation
page read and write
9780000
unkown
page read and write
7FF5D72BF000
unkown
page readonly
7FF5D7752000
unkown
page readonly
3220000
unkown
page read and write
9820000
unkown
page read and write
1731000
unkown
page readonly
10672000
unkown
page read and write
3260000
unkown
page read and write
77DB000
unkown
page read and write
21F85EB0000
heap
page read and write
3250000
unkown
page read and write
7FF848E0D000
trusted library allocation
page execute and read and write
4B3A000
trusted library allocation
page read and write
3240000
unkown
page read and write
7654000
unkown
page read and write
9430000
unkown
page read and write
87D000
heap
page read and write
9780000
unkown
page read and write
858000
heap
page read and write
8DD0000
unkown
page read and write
88D000
heap
page read and write
3240000
unkown
page read and write
B8DB000
stack
page read and write
9430000
unkown
page read and write
21F97821000
trusted library allocation
page read and write
874000
heap
page read and write
3080000
unkown
page read and write
1B96113B000
heap
page read and write
9430000
unkown
page read and write
3260000
unkown
page read and write
9ADB000
unkown
page read and write
9780000
unkown
page read and write
2A977B8000
stack
page read and write
3230000
unkown
page read and write
9820000
unkown
page read and write
C000020000
direct allocation
page read and write
1230000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
9820000
unkown
page read and write
21F85E20000
trusted library section
page readonly
2A9850D000
stack
page read and write
4ACD000
trusted library allocation
page read and write
7AF1000
unkown
page read and write
3240000
unkown
page read and write
3250000
unkown
page read and write
401000
unkown
page execute read
7FF5D747F000
unkown
page readonly
4A0E000
unkown
page read and write
C000070000
direct allocation
page read and write
1170000
unkown
page read and write
7AB000
heap
page read and write
BB0C000
stack
page read and write
21FA3011000
heap
page read and write
4AC0000
unkown
page read and write
22A334D0000
heap
page read and write
68AD4BF000
stack
page read and write
9780000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
44CD000
stack
page read and write
4A44000
unkown
page read and write
2598E781000
trusted library allocation
page read and write
C61B000
unkown
page read and write
7FF5D77E0000
unkown
page readonly
3250000
unkown
page read and write
7D3E000
stack
page read and write
1230000
unkown
page read and write
22A33260000
heap
page read and write
4B02000
trusted library allocation
page read and write
1170000
unkown
page read and write
3160000
unkown
page read and write
9820000
unkown
page read and write
C625000
unkown
page read and write
7FF5D77B6000
unkown
page readonly
7FF849090000
trusted library allocation
page read and write
977E000
stack
page read and write
3250000
unkown
page read and write
3080000
unkown
page read and write
3220000
unkown
page read and write
4A97000
trusted library allocation
page read and write
7611000
unkown
page read and write
877000
heap
page read and write
3080000
unkown
page read and write
3240000
unkown
page read and write
21FA17F0000
heap
page read and write
22AE3E79000
direct allocation
page read and write
22A4D660000
heap
page read and write
9700000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
7FF7A0A1D000
unkown
page readonly
7A2000
heap
page read and write
7FF849140000
trusted library allocation
page read and write
C0002DA000
direct allocation
page read and write
1230000
unkown
page read and write
769A000
unkown
page read and write
1170000
unkown
page read and write
4ADF000
trusted library allocation
page read and write
7FF5D7073000
unkown
page readonly
7FF5D7309000
unkown
page readonly
1340000
unkown
page read and write
7FF5D7455000
unkown
page readonly
40B000
unkown
page execute read
4B45000
trusted library allocation
page read and write
29EB9FE000
stack
page read and write
1170000
unkown
page read and write
7FF5D771A000
unkown
page readonly
877000
heap
page read and write
3250000
unkown
page read and write
4B02000
trusted library allocation
page read and write
9EB0000
unkown
page readonly
3230000
unkown
page read and write
7FF7D5138000
unkown
page write copy
831000
heap
page read and write
874000
heap
page read and write
3220000
unkown
page read and write
C0002FC000
direct allocation
page read and write
4A9F000
trusted library allocation
page read and write
1170000
unkown
page read and write
A3B6000
unkown
page read and write
9A94000
unkown
page read and write
4AED000
trusted library allocation
page read and write
7FF848FAE000
trusted library allocation
page read and write
3230000
unkown
page read and write
7FF8490F0000
trusted library allocation
page read and write
CDBEBFE000
stack
page read and write
877000
heap
page read and write
75FD000
unkown
page read and write
C00003B000
direct allocation
page read and write
35DC000
unkown
page read and write
866000
heap
page read and write
9AF9000
unkown
page read and write
7FF5D77C2000
unkown
page readonly
9430000
unkown
page read and write
2554000
heap
page read and write
9AB2000
unkown
page read and write
9700000
unkown
page read and write
7FF5D7485000
unkown
page readonly
7FF5CE343000
unkown
page readonly
33C0000
unkown
page read and write
3250000
unkown
page read and write
3250000
unkown
page read and write
21FA16B9000
heap
page read and write
9700000
unkown
page read and write
1230000
unkown
page read and write
3230000
unkown
page read and write
C000966000
direct allocation
page read and write
EB5000
stack
page read and write
66E000
stack
page read and write
1170000
unkown
page read and write
9820000
unkown
page read and write
8DD0000
unkown
page read and write
7FF5D783B000
unkown
page readonly
4A95000
trusted library allocation
page read and write
C000008000
direct allocation
page read and write
3520000
unkown
page readonly
9780000
unkown
page read and write
2676000
heap
page read and write
115E000
stack
page read and write
1230000
unkown
page read and write
22A351A1000
trusted library allocation
page read and write
21FA1240000
heap
page read and write
7FF5CE33D000
unkown
page readonly
2598CD20000
heap
page read and write
3230000
unkown
page read and write
C617000
unkown
page read and write
9780000
unkown
page read and write
4AA4000
trusted library allocation
page read and write
7FF7D5120000
unkown
page write copy
23780650000
heap
page read and write
3250000
unkown
page read and write
3080000
unkown
page read and write
C000038000
direct allocation
page read and write
There are 2417 hidden memdumps, click here to show them.