Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
3cfc9c.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Windows Installer, Author: Microsoft Corporation, Keywords: Installer, Comments: This installer database
contains the logic and data required to install Windows Installer., Template: Intel;1033, Revision Number: {95E032D1-CFE9-4221-BD41-1664157B5B33},
Create Time/Date: Mon Oct 21 04:27:34 2024, Last Saved Time/Date: Mon Oct 21 04:27:34 2024, Number of Pages: 400, Number of
Words: 10, Name of Creating Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\rrfqmEuGb\imecmnt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\rrfqmEuGb\imjp14k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Intelnet\imecmnt.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Intelnet\imjp14k.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\588ff0.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\rrfqmEuGb\officeime.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\.office\officeime.dat
|
data
|
dropped
|
||
|
C:\Windows\Installer\588fef.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Windows Installer, Author: Microsoft Corporation, Keywords: Installer, Comments: This installer database
contains the logic and data required to install Windows Installer., Template: Intel;1033, Revision Number: {95E032D1-CFE9-4221-BD41-1664157B5B33},
Create Time/Date: Mon Oct 21 04:27:34 2024, Last Saved Time/Date: Mon Oct 21 04:27:34 2024, Number of Pages: 400, Number of
Words: 10, Name of Creating Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\588ff1.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Windows Installer, Author: Microsoft Corporation, Keywords: Installer, Comments: This installer database
contains the logic and data required to install Windows Installer., Template: Intel;1033, Revision Number: {95E032D1-CFE9-4221-BD41-1664157B5B33},
Create Time/Date: Mon Oct 21 04:27:34 2024, Last Saved Time/Date: Mon Oct 21 04:27:34 2024, Number of Pages: 400, Number of
Words: 10, Name of Creating Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI9118.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF2F087FD8304417E7.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF38C2C7CC85888ED8.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF40725D97829584F7.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF6105C0498CDE2B42.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF6292FB31DAF109B5.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF662F206D87E4C5B3.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF829E9401181C9636.TMP
|
data
|
modified
|
||
|
C:\Windows\Temp\~DF8891557E4E7C73C4.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFABB9E7D42CB67D55.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFAF887BB8808F8C19.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFBD98AD6FB605ED87.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFBE36C84A78EC1E1A.TMP
|
data
|
dropped
|
There are 18 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\AppData\Local\rrfqmEuGb\imecmnt.exe
|
C:\Users\user\AppData\Local\rrfqmEuGb\imecmnt.exe
|
|
|
|
C:\Users\user\AppData\Roaming\Intelnet\imecmnt.exe
|
"C:\Users\user\AppData\Roaming\Intelnet\imecmnt.exe" 835 281
|
|
|
|
C:\Users\user\AppData\Roaming\Intelnet\imecmnt.exe
|
"C:\Users\user\AppData\Roaming\Intelnet\imecmnt.exe" 835 281
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\3cfc9c.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://116.206.178.67/X
|
unknown
|
||
|
https://116.206.178.67/iWrI
|
unknown
|
||
|
http://ctldl.windowsup
|
unknown
|
||
|
https://116.206.178.67/c
|
unknown
|
||
|
https://116.206.178.67/hu
|
unknown
|
||
|
https://116.206.178.67/l
|
unknown
|
||
|
https://116.206.178.67/)
|
unknown
|
||
|
http://ctldl.windowsupdate
|
unknown
|
||
|
https://116.206.178.67/m
|
unknown
|
||
|
https://116.206.178.67/Vn
|
unknown
|
||
|
https://116.206.178.67:443/m
|
unknown
|
||
|
https://116.206.178.67/7
|
unknown
|
||
|
https://116.206.178.67/u
|
unknown
|
||
|
https://116.206.178.67/v_$H
|
unknown
|
||
|
http://ctldl.windon
|
unknown
|
||
|
https://116.206.178.67/
|
unknown
|
||
|
https://116.206.178.67/$n
|
unknown
|
||
|
https://116.206.178.67/Ku
|
unknown
|
||
|
https://116.206.178.67/G
|
unknown
|
||
|
https://116.206.178.67/H
|
unknown
|
||
|
https://116.206.178.67/E
|
unknown
|
||
|
https://116.206.178.67/au1I
|
unknown
|
||
|
https://116.206.178.67/Ym
|
unknown
|
||
|
https://116.206.178.67/.ulIb
|
unknown
|
||
|
https://116.206.178.67/Q
|
unknown
|
||
|
https://116.206.178.67/ou#I
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
116.206.178.67
|
unknown
|
China
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\588ff0.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\588ff0.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\B6FBF0AA7F54D3448853DB4F3F5ED774
|
B2A813002BE02D9498C8A4CB3BC0DF94
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\B6FBF0AB7F54F3448853DB4F3F5ED784
|
B2A813002BE02D9498C8A4CB3BC0DF94
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Components\B6FBF0AC7F54F3448853DB4F3F5ED784
|
B2A813002BE02D9498C8A4CB3BC0DF94
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\rrfqmEuGb\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
SystemComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
SystemComponent
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\12739565003F36143B6513B463284621
|
B2A813002BE02D9498C8A4CB3BC0DF94
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00318A2B-0EB2-49D2-898C-4ABCB30CFD49}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\B2A813002BE02D9498C8A4CB3BC0DF94
|
MainProgran
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\Features
|
MainProgran
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1003\Products\B2A813002BE02D9498C8A4CB3BC0DF94\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
ProductName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
PackageCode
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
Language
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
Assignment
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
InstanceType
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\UpgradeCodes\12739565003F36143B6513B463284621
|
B2A813002BE02D9498C8A4CB3BC0DF94
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94
|
Clients
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\B2A813002BE02D9498C8A4CB3BC0DF94\SourceList
|
LastUsedSource
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
OfficeLaunch
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ms-pu
|
CLSID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
There are 77 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1034000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
6C506000
|
unkown
|
page readonly
|
||
|
8431000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
31AA000
|
direct allocation
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
2DBA0000
|
unkown
|
page readonly
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
8947000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
102E000
|
stack
|
page read and write
|
||
|
6FB70000
|
unkown
|
page readonly
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
84A6000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
892F000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
8946000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
891F000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
891D000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
82C0000
|
remote allocation
|
page read and write
|
||
|
7F1E000
|
stack
|
page read and write
|
||
|
8464000
|
heap
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
2D561000
|
unkown
|
page execute read
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8924000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
892D000
|
heap
|
page read and write
|
||
|
8650000
|
direct allocation
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
3CE0000
|
direct allocation
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
84A5000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
F92000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
2D560000
|
unkown
|
page readonly
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
102F000
|
heap
|
page read and write
|
||
|
2D5B9000
|
unkown
|
page readonly
|
||
|
8650000
|
direct allocation
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
84A5000
|
heap
|
page read and write
|
||
|
D3B000
|
stack
|
page read and write
|
||
|
894A000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
3822000
|
direct allocation
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
894E000
|
heap
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
2DBF5000
|
unkown
|
page write copy
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
7EDE000
|
stack
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8934000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
C38000
|
stack
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
3E51000
|
direct allocation
|
page execute read
|
||
|
8472000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
3BD0000
|
direct allocation
|
page read and write
|
||
|
8903000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
3510000
|
direct allocation
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
27FB000
|
stack
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
3791000
|
direct allocation
|
page execute read
|
||
|
892C000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
32F4000
|
direct allocation
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
8934000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
82C0000
|
remote allocation
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
88ED000
|
stack
|
page read and write
|
||
|
31C0000
|
direct allocation
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
1023000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
6C506000
|
unkown
|
page readonly
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
2D561000
|
unkown
|
page execute read
|
||
|
8931000
|
heap
|
page read and write
|
||
|
893C000
|
heap
|
page read and write
|
||
|
36F0000
|
direct allocation
|
page execute and read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
892F000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8466000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
84A5000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
8934000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
805E000
|
stack
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
101F000
|
heap
|
page read and write
|
||
|
32F0000
|
direct allocation
|
page read and write
|
||
|
34C0000
|
direct allocation
|
page execute and read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
2CB5000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
8650000
|
direct allocation
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
274F000
|
direct allocation
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8467000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
845B000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
2DBA0000
|
unkown
|
page readonly
|
||
|
8472000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
8903000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
891F000
|
heap
|
page read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
76D000
|
heap
|
page read and write
|
||
|
31A4000
|
direct allocation
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8949000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
2305000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
F96000
|
heap
|
page read and write
|
||
|
8945000
|
heap
|
page read and write
|
||
|
2740000
|
direct allocation
|
page read and write
|
||
|
86AD000
|
stack
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
6FB71000
|
unkown
|
page execute read
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
3B50000
|
direct allocation
|
page read and write
|
||
|
3AB0000
|
direct allocation
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
6C4F0000
|
unkown
|
page readonly
|
||
|
2D5B5000
|
unkown
|
page write copy
|
||
|
8463000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
84D3000
|
heap
|
page read and write
|
||
|
31B8000
|
direct allocation
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
31AF000
|
direct allocation
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
1007000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
6C4F1000
|
unkown
|
page execute read
|
||
|
102D000
|
heap
|
page read and write
|
||
|
2758000
|
direct allocation
|
page read and write
|
||
|
2DBF5000
|
unkown
|
page write copy
|
||
|
6C501000
|
unkown
|
page readonly
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
891F000
|
heap
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
6FB83000
|
unkown
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
6C503000
|
unkown
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
1D9000
|
stack
|
page read and write
|
||
|
8443000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
8948000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
2BE5000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
7B3B000
|
stack
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
3C50000
|
direct allocation
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8976000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
32E0000
|
direct allocation
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8946000
|
heap
|
page read and write
|
||
|
8934000
|
heap
|
page read and write
|
||
|
2D560000
|
unkown
|
page readonly
|
||
|
893F000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
2D561000
|
unkown
|
page execute read
|
||
|
2794000
|
direct allocation
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8462000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
3344000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
319E000
|
stack
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2DBA1000
|
unkown
|
page execute read
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
F5A000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
E68000
|
stack
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
3328000
|
direct allocation
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
3260000
|
direct allocation
|
page read and write
|
||
|
8466000
|
heap
|
page read and write
|
||
|
6C501000
|
unkown
|
page readonly
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
3561000
|
direct allocation
|
page execute read
|
||
|
845D000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8443000
|
heap
|
page read and write
|
||
|
2BE9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
274A000
|
direct allocation
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
8464000
|
heap
|
page read and write
|
||
|
8493000
|
heap
|
page read and write
|
||
|
846E000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8650000
|
direct allocation
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8940000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
F66000
|
stack
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
6C4F1000
|
unkown
|
page execute read
|
||
|
7D7E000
|
stack
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
2DBF6000
|
unkown
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8471000
|
heap
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
87ED000
|
stack
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
7C3A000
|
stack
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
8949000
|
heap
|
page read and write
|
||
|
8922000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
1017000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
846E000
|
heap
|
page read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
894A000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
31F4000
|
direct allocation
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
1032000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
2D561000
|
unkown
|
page execute read
|
||
|
8430000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
32FF000
|
direct allocation
|
page read and write
|
||
|
8934000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
10DE000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8941000
|
heap
|
page read and write
|
||
|
30F4000
|
heap
|
page read and write
|
||
|
8949000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
2D5B9000
|
unkown
|
page readonly
|
||
|
31A0000
|
direct allocation
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
3590000
|
direct allocation
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
8948000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
F5E000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
892D000
|
heap
|
page read and write
|
||
|
8441000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
88F0000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8924000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8467000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
3EF1000
|
direct allocation
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
3315000
|
direct allocation
|
page read and write
|
||
|
F6B000
|
stack
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
7DDD000
|
stack
|
page read and write
|
||
|
6AE000
|
stack
|
page read and write
|
||
|
8461000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8947000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
6C503000
|
unkown
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
832E000
|
stack
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
82C0000
|
remote allocation
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
8462000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8464000
|
heap
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
8935000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
8467000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FA3000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
1013000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
815E000
|
stack
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8462000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
2DBF9000
|
unkown
|
page readonly
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
894E000
|
heap
|
page read and write
|
||
|
FCA000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
6FB86000
|
unkown
|
page readonly
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8467000
|
heap
|
page read and write
|
||
|
8467000
|
heap
|
page read and write
|
||
|
8922000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8924000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
2744000
|
direct allocation
|
page read and write
|
||
|
2D5B5000
|
unkown
|
page write copy
|
||
|
892D000
|
heap
|
page read and write
|
||
|
D36000
|
stack
|
page read and write
|
||
|
848C000
|
heap
|
page read and write
|
||
|
4F6000
|
stack
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
6C4F0000
|
unkown
|
page readonly
|
||
|
8922000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
114E000
|
stack
|
page read and write
|
||
|
2B15000
|
heap
|
page read and write
|
||
|
8903000
|
heap
|
page read and write
|
||
|
3831000
|
direct allocation
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
8946000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
D65000
|
heap
|
page read and write
|
||
|
7C7E000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
FF3000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
3EE2000
|
direct allocation
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
3360000
|
direct allocation
|
page read and write
|
||
|
891D000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
F77000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
2D5B9000
|
unkown
|
page readonly
|
||
|
6B0000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
891E000
|
heap
|
page read and write
|
||
|
6E9000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8949000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
84AC000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
2F64000
|
heap
|
page read and write
|
||
|
2DBA1000
|
unkown
|
page execute read
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
FF4000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
10DA000
|
heap
|
page read and write
|
||
|
10FA000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
842E000
|
stack
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
892E000
|
heap
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8939000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
8464000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
3620000
|
direct allocation
|
page read and write
|
||
|
1005000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
3601000
|
direct allocation
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
789000
|
heap
|
page read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8471000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
8441000
|
heap
|
page read and write
|
||
|
8937000
|
heap
|
page read and write
|
||
|
1024000
|
heap
|
page read and write
|
||
|
2F50000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8462000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
8500000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
3308000
|
direct allocation
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
2DBF9000
|
unkown
|
page readonly
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
101D000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
2778000
|
direct allocation
|
page read and write
|
||
|
8462000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
846D000
|
heap
|
page read and write
|
||
|
8465000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
758000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FF2000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8922000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
6FB81000
|
unkown
|
page readonly
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
4FB000
|
stack
|
page read and write
|
||
|
8471000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8465000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
893B000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
730D000
|
stack
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
F9E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
87AD000
|
stack
|
page read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
1023000
|
heap
|
page read and write
|
||
|
7D80000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
94E000
|
stack
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8490000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8976000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
2D5B9000
|
unkown
|
page readonly
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
149F000
|
stack
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
2765000
|
direct allocation
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
892E000
|
heap
|
page read and write
|
||
|
31D8000
|
direct allocation
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
8550000
|
direct allocation
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
845E000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8933000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
2B10000
|
heap
|
page read and write
|
||
|
8477000
|
heap
|
page read and write
|
||
|
8550000
|
heap
|
page read and write
|
||
|
2D560000
|
unkown
|
page readonly
|
||
|
892C000
|
heap
|
page read and write
|
||
|
35F2000
|
direct allocation
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
892E000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
892D000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
8462000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
753D000
|
stack
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
3DB0000
|
direct allocation
|
page execute and read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
845D000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1031000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
2D560000
|
unkown
|
page readonly
|
||
|
801C000
|
stack
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
8491000
|
heap
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
31C5000
|
direct allocation
|
page read and write
|
||
|
892D000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
FB4000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
892E000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
FB6000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
847E000
|
heap
|
page read and write
|
||
|
84AB000
|
heap
|
page read and write
|
||
|
32FA000
|
direct allocation
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
1006000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
892D000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8660000
|
direct allocation
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
891E000
|
heap
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
8948000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
2D5B5000
|
unkown
|
page read and write
|
||
|
8431000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
FCE000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
109E000
|
stack
|
page read and write
|
||
|
8465000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
852D000
|
heap
|
page read and write
|
||
|
2834000
|
heap
|
page read and write
|
||
|
FB5000
|
heap
|
page read and write
|
||
|
8936000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
100C000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
8463000
|
heap
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
30EB000
|
stack
|
page read and write
|
||
|
8480000
|
heap
|
page read and write
|
||
|
88F1000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
892C000
|
heap
|
page read and write
|
||
|
84D9000
|
heap
|
page read and write
|
||
|
FF6000
|
heap
|
page read and write
|
||
|
2D5B5000
|
unkown
|
page read and write
|
||
|
102D000
|
heap
|
page read and write
|
||
|
8978000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
8472000
|
heap
|
page read and write
|
||
|
894B000
|
heap
|
page read and write
|
||
|
8940000
|
heap
|
page read and write
|
||
|
8501000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
8494000
|
heap
|
page read and write
|
||
|
E90000
|
direct allocation
|
page read and write
|
||
|
8931000
|
heap
|
page read and write
|
||
|
847A000
|
heap
|
page read and write
|
||
|
891C000
|
heap
|
page read and write
|
||
|
FEE000
|
heap
|
page read and write
|
||
|
8468000
|
heap
|
page read and write
|
||
|
852E000
|
heap
|
page read and write
|
There are 1141 hidden memdumps, click here to show them.