IOC Report
0438.pdf.exe

loading gif

Files

File Path
Type
Category
Malicious
0438.pdf.exe
PE32+ executable (GUI) x86-64, for MS Windows
initial sample
 malicious
C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Config.Msi\533825.rbs
data
modified
C:\Program Files (x86)\LiteManager Pro - Server\AledensoftIpcServer.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\LiteManager Pro - Server\EULA.rtf
Rich Text Format data, version 1, ANSI, code page 1251, default language ID 1049
dropped
C:\Program Files (x86)\LiteManager Pro - Server\English.lg
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\LiteManager Pro - Server\HookDrv.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\LiteManager Pro - Server\Lang\Taiwan.lg
data
dropped
C:\Program Files (x86)\LiteManager Pro - Server\Lang\Turkish.lg
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\LiteManager Pro - Server\Lang\Ukrainian.lg
Unicode text, UTF-16, little-endian text, with very long lines (305), with CRLF line terminators
dropped
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\LiteManager Pro - Server\ROMwln.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\LiteManager Pro - Server\Russian.lg
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Program Files (x86)\LiteManager Pro - Server\files\ROMServer.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\LiteManager Pro - Server\files\ROMViewer.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\Microsoft\Network\Downloader\edb.log
data
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
Extensible storage user DataBase, version 0x620, checksum 0x05ca8312, page size 16384, DirtyShutdown, Windows version 10.0
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
data
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server\Settings for LM-Server.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 22 17:41:10 2024, mtime=Wed Oct 30 20:37:38 2024, atime=Thu Aug 22 17:41:10 2024, length=7753808, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server\Start LM-Server.lnk
MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server\Stop LM-Server.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 22 17:41:10 2024, mtime=Wed Oct 30 20:37:38 2024, atime=Thu Aug 22 17:41:10 2024, length=7753808, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server\Uninstall LiteManager - Server.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Sat Dec 7 08:10:02 2019, mtime=Thu Oct 5 05:29:05 2023, atime=Sat Dec 7 08:10:02 2019, length=59904, window=hide
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\641cf2a0-bed9-457c-871f-f190488ac959.tmp
JSON data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF54649d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\b870c142-0d62-4489-8fbd-e8f8ef761c2c.tmp
JSON data
modified
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
SQLite 3.x database, last written using SQLite version 3040000, file counter 11, database pages 21, cookie 0x5, schema 4, UTF-8, version-valid-for 11
dropped
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Certificate, Version=3
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
modified
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.4544
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)
PostScript document text
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\Edit_InApp_Aug2020
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
JSON data
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
SQLite 3.x database, last written using SQLite version 3040000, file counter 24, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 24
dropped
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\Local\Temp\Doc.pdf
PDF document, version 1.7, 1 pages (zip deflate encoded)
dropped
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-30 17-37-34-836.log
ASCII text, with very long lines (393)
dropped
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
ASCII text, with very long lines (393), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\61dfb46d-12b9-46b0-a89f-65f9501b32de.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\801585dc-f781-4125-83fb-131f875d10d8.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\8436644c-cbef-44a9-9c93-af98e87b2a76.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
dropped
C:\Users\user\AppData\Local\Temp\acrocef_low\aa0d2b07-52df-450b-8f21-a7a03debda1e.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
dropped
C:\Users\user\AppData\Local\Temp\pdf.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Number of Characters: 0, Last Saved By: InstallShield, Number of Words: 0, Title: LiteManager - Server 5.0 installation package, Comments: This installer contains the logic and data to install LiteManager Pro - Server 5.0, Keywords: Installer,MSI,Database, Subject: LiteManager Pro - Server, Author: LiteManagerTeam, Security: 1, Number of Pages: 200, Name of Creating Application: InstallShield 2015 - Premier Edition with Virtualization Pack 22, Last Saved Time/Date: Thu Aug 22 15:43:08 2024, Create Time/Date: Thu Aug 22 15:43:08 2024, Last Printed: Thu Aug 22 15:43:08 2024, Revision Number: {9EF586E9-112B-4AAE-B439-5B62B7A0B1DE}, Code page: 0, Template: Intel;0,1033,1049
dropped
C:\Windows\Installer\533823.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Number of Characters: 0, Last Saved By: InstallShield, Number of Words: 0, Title: LiteManager - Server 5.0 installation package, Comments: This installer contains the logic and data to install LiteManager Pro - Server 5.0, Keywords: Installer,MSI,Database, Subject: LiteManager Pro - Server, Author: LiteManagerTeam, Security: 1, Number of Pages: 200, Name of Creating Application: InstallShield 2015 - Premier Edition with Virtualization Pack 22, Last Saved Time/Date: Thu Aug 22 15:43:08 2024, Create Time/Date: Thu Aug 22 15:43:08 2024, Last Printed: Thu Aug 22 15:43:08 2024, Revision Number: {9EF586E9-112B-4AAE-B439-5B62B7A0B1DE}, Code page: 0, Template: Intel;0,1033,1049
dropped
C:\Windows\Installer\533826.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Number of Characters: 0, Last Saved By: InstallShield, Number of Words: 0, Title: LiteManager - Server 5.0 installation package, Comments: This installer contains the logic and data to install LiteManager Pro - Server 5.0, Keywords: Installer,MSI,Database, Subject: LiteManager Pro - Server, Author: LiteManagerTeam, Security: 1, Number of Pages: 200, Name of Creating Application: InstallShield 2015 - Premier Edition with Virtualization Pack 22, Last Saved Time/Date: Thu Aug 22 15:43:08 2024, Create Time/Date: Thu Aug 22 15:43:08 2024, Last Printed: Thu Aug 22 15:43:08 2024, Revision Number: {9EF586E9-112B-4AAE-B439-5B62B7A0B1DE}, Code page: 0, Template: Intel;0,1033,1049
dropped
C:\Windows\Installer\MSI3BEC.tmp
data
dropped
C:\Windows\Installer\SourceHash{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\inprogressinstallinfo.ipi
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\{71FFA475-24D5-44FB-A51F-39B699E3D82C}\ARPPRODUCTICON.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Installer\{71FFA475-24D5-44FB-A51F-39B699E3D82C}\ROMServer.exe_9D09B2BC25A2414CBD848E2B75898676.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Installer\{71FFA475-24D5-44FB-A51F-39B699E3D82C}\UNINST_Uninstall_L_78AA5B6662514D94A847D6C603AF0895.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Installer\{71FFA475-24D5-44FB-A51F-39B699E3D82C}\config_server_B6BD2967C67B44649764F06ADFFD6458.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Installer\{71FFA475-24D5-44FB-A51F-39B699E3D82C}\stop_server_51B516B87C64408FA3C56354EA2277C2.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
JSON data
dropped
C:\Windows\Temp\~DF3D91582767A218A7.TMP
data
dropped
C:\Windows\Temp\~DF5454E4CCD4ACD113.TMP
data
dropped
C:\Windows\Temp\~DF547B7510C89C2D6A.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF586DEB8DA5D7E8D8.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF62679B009175D882.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF6ECA8B580811992E.TMP
data
dropped
C:\Windows\Temp\~DFA661B71CD59E4965.TMP
data
dropped
C:\Windows\Temp\~DFB0CFCC17288F5CCD.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DFC3DAEF5E5A1F385A.TMP
data
dropped
C:\Windows\Temp\~DFD292D796AD5A3587.TMP
data
dropped
C:\Windows\Temp\~DFE4D560E9A62CB13E.TMP
data
dropped
C:\Windows\Temp\~DFFEE3629B5C818501.TMP
Composite Document File V2 Document, Cannot read section info
dropped
There are 84 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\0438.pdf.exe
"C:\Users\user\Desktop\0438.pdf.exe"
 malicious
C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe" /siex /silentinstall
 malicious
C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe" /firewall
 malicious
C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe" /start
 malicious
C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMServer.exe"
 malicious
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\AppData\Local\Temp\pdf.msi" /qn
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\AppData\Local\Temp\Doc.pdf"
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2084 --field-trial-handle=1736,i,7783600837662025009,4322504478347230784,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /server /siex /silentinstall
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /server /firewall
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /server /start
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe"
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe
"C:\Program Files (x86)\LiteManager Pro - Server\ROMFUSClient.exe" /tray
There are 14 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://litemanager.ru/
unknown
http://x1.i.lencr.org/
unknown
https://g.live.com/odclientsettings/Prod1C:
unknown
https://litemanager.com/soft/pro/ROMServer.zip
unknown
http://litemanager.com/03
unknown
http://litemanager.com/03f
unknown
https://litemanager.com/romversion.txt
unknown
http://crl.thawte.com/ThawteTimestampingCA.crl0
unknown
http://www.symauth.com/rpa00
unknown
http://ocsp.thawte.com0
unknown
http://litemanager.ru/noip.txtU
unknown
https://g.live.com/odclientsettings/ProdV21C:
unknown
http://crl.ver)
unknown
http://litemanager.com/
unknown
http://www.indyproject.org/
unknown
http://www.symauth.com/cps0(
unknown
There are 6 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.210.172
default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
84.201.210.37
x1.i.lencr.org
unknown

IPs

IP
Domain
Country
Malicious
111.90.140.76
unknown
Malaysia
malicious
96.7.168.138
unknown
United States
127.0.0.1
unknown
unknown
65.21.245.7
unknown
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server
AllowRemoteRPC
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{8D80504A-0826-40C5-97E1-EBC68F953792} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\msiexec.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\msiexec.exe.ApplicationCompany
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Config.Msi\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\533825.rbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\533825.rbsLow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EDC4423414699340B5D245426472701
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA81D4D4D47F19245B9A393CCC847BF5
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
C:\Program Files (x86)\LiteManager Pro - Server\files\ROMViewer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A451F146FEEF7AF45BFB14D41BBD3809
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45BAE6295648E74689FC47BF4E730EB
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6364F69515D55F943B4B3F3C669ECD32
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6364F69515D55F943B4B3F3C669ECD32
00000000000000000000000000000000
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\SharedDlls
C:\Program Files (x86)\LiteManager Pro - Server\files\ROMServer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2A5CD3A94224764EB1CCA8970CA14F8
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2CB79B2B94E57D4DB2355CF3390B357
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F0EB949D321B3143AE55305385F27C2
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\LiteManager Pro - Server\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\LiteManager Pro - Server\files\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\LiteManager Pro - Server\Lang\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Windows\Installer\{71FFA475-24D5-44FB-A51F-39B699E3D82C}\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiteManager Pro - Server\
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
NoIPSettings
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
CallbackSettings
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
StartUpMode
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
Pwd
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
Options
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
ChangeSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
RegOwner
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
RegCompany
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
ProductID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
LocalPackage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Size
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\0162AF2787AE06B42AB45774D87A33D9
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\InstallProperties
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71FFA475-24D5-44FB-A51F-39B699E3D82C}
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\574AFF175D42BF445AF1936B993E8DC2
LiteManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\Features
LiteManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\574AFF175D42BF445AF1936B993E8DC2\Patches
AllPatches
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
ProductName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
PackageCode
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
Assignment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
AdvertiseFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
ProductIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
AuthorizedLUAApp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
DeploymentFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\0162AF2787AE06B42AB45774D87A33D9
574AFF175D42BF445AF1936B993E8DC2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2\SourceList
PackageName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2\SourceList\Net
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2\SourceList\Media
DiskPrompt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2\SourceList\Media
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2
Clients
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\574AFF175D42BF445AF1936B993E8DC2\SourceList
LastUsedSource
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
StringCacheGeneration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
PerfMMFileName
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1f\417C44EB
@%systemroot%\system32\FirewallControlPanel.dll,-12122
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
NoIPSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
CallbackSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
StartUpMode
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
Pwd
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
Options
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ChangeSettings
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LiteManagerTeam\LiteManager\v3.4\Config
ServerExe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\romserver.exe
CategoryMessageFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\romserver.exe
EventMessageFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\romserver.exe
CategoryCount
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\romserver.exe
TypesSupported
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
FUSClientPath
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
version
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ROMService
NULL
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
ID (read only)
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
ROMCalendarRecordSettings
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server\SysProcs
ROMFUSClient.exe
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
NoIPSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
CallbackSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
StartUpMode
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
Pwd
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
Options
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ChangeSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
FUSClientPath
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
version
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ID (read only)
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ROMCalendarRecordSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
NoIPSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
CallbackSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
StartUpMode
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
Pwd
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
Options
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ChangeSettings
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
FUSClientPath
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
version
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ID (read only)
HKEY_LOCAL_MACHINE\SOFTWARE\LiteManager\v3.4\Server\Parameters
ROMCalendarRecordSettings
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
NoIPSettings
HKEY_LOCAL_MACHINE\SYSTEM\LiteManager\v3.4\Server\Parameters
Options
There are 139 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2961000
direct allocation
page read and write
4A0E000
stack
page read and write
2852000
direct allocation
page read and write
1040000
heap
page read and write
2808000
direct allocation
page read and write
858000
unkown
page read and write
B55000
heap
page read and write
D20000
heap
page read and write
D12000
heap
page read and write
2AA0000
heap
page read and write
5DCF000
stack
page read and write
361D000
stack
page read and write
2D8E000
stack
page read and write
B6E000
stack
page read and write
7FF655DEE000
unkown
page write copy
14512FE000
unkown
page readonly
FC0000
heap
page read and write
CF4000
heap
page read and write
27FE000
direct allocation
page read and write
D62000
heap
page read and write
BED000
heap
page read and write
161A000
direct allocation
page read and write
2AA4000
direct allocation
page read and write
E19000
heap
page read and write
291C000
direct allocation
page read and write
2A17000
direct allocation
page read and write
8DB000
unkown
page read and write
1D854285000
heap
page read and write
AA0000
heap
page read and write
D32000
heap
page read and write
152CE000000
heap
page read and write
1D84EE10000
heap
page read and write
2774000
direct allocation
page read and write
2990000
direct allocation
page execute and read and write
1E0000
heap
page read and write
19D000
stack
page read and write
325E000
stack
page read and write
29F0000
heap
page read and write
FC5000
heap
page read and write
1D84EDFC000
heap
page read and write
2FCF000
stack
page read and write
152CD9D0000
trusted library allocation
page read and write
C5E000
stack
page read and write
152CD944000
trusted library allocation
page read and write
27E7000
direct allocation
page read and write
19C000
stack
page read and write
152CDCA0000
remote allocation
page read and write
E4F000
stack
page read and write
2B0E000
stack
page read and write
280E000
direct allocation
page read and write
27DF000
direct allocation
page read and write
CE8000
heap
page read and write
2921000
direct allocation
page read and write
B70000
heap
page read and write
D5B000
heap
page read and write
2800000
direct allocation
page read and write
84F000
unkown
page read and write
2720000
direct allocation
page read and write
847000
unkown
page read and write
32CE000
stack
page read and write
14503FE000
unkown
page readonly
291A000
direct allocation
page read and write
C10000
heap
page read and write
378E000
stack
page read and write
361D000
stack
page read and write
15A9000
direct allocation
page read and write
CF4000
heap
page read and write
16A0000
heap
page read and write
F4F000
stack
page read and write
D56000
heap
page read and write
D63000
heap
page read and write
28DF000
direct allocation
page read and write
1821000
heap
page read and write
156C000
direct allocation
page read and write
14505FE000
unkown
page readonly
1010000
heap
page read and write
288D000
direct allocation
page read and write
299C000
direct allocation
page read and write
27DD000
direct allocation
page read and write
C90000
heap
page read and write
D33000
heap
page read and write
289A000
direct allocation
page read and write
83F000
unkown
page read and write
1D84EE6F000
heap
page read and write
152CDC40000
trusted library allocation
page read and write
10E0000
heap
page read and write
AFE000
stack
page read and write
B25000
heap
page read and write
1045000
heap
page read and write
1D84EE52000
heap
page read and write
294D000
direct allocation
page read and write
277F000
direct allocation
page read and write
2978000
direct allocation
page read and write
D2F000
heap
page read and write
27D7000
direct allocation
page read and write
CB0000
heap
page read and write
2978000
direct allocation
page read and write
2E61000
heap
page read and write
853000
unkown
page read and write
2968000
direct allocation
page read and write
1D852E70000
heap
page read and write
2F9E000
stack
page read and write
29A4000
direct allocation
page read and write
D36000
heap
page read and write
DFE000
heap
page read and write
F90000
heap
page read and write
284F000
direct allocation
page read and write
999000
unkown
page read and write
1D84EE75000
heap
page read and write
855000
unkown
page read and write
2978000
direct allocation
page read and write
578F000
stack
page read and write
964000
unkown
page read and write
2881000
direct allocation
page read and write
277A000
direct allocation
page read and write
5F4E000
stack
page read and write
1000000
heap
page read and write
152CDA5A000
heap
page read and write
284C000
direct allocation
page read and write
2A7C000
direct allocation
page read and write
2B03000
direct allocation
page read and write
1450CFE000
unkown
page readonly
272E000
direct allocation
page read and write
15ED000
direct allocation
page read and write
28CA000
direct allocation
page read and write
2ABA000
direct allocation
page read and write
CF4000
heap
page read and write
26FF000
direct allocation
page read and write
2B23000
heap
page read and write
96D000
unkown
page read and write
152C9841000
trusted library allocation
page read and write
6E0F000
stack
page read and write
F8F000
heap
page read and write
858000
unkown
page read and write
1450EFE000
unkown
page readonly
CE0000
heap
page read and write
E45000
heap
page read and write
4D8F000
stack
page read and write
D5C000
heap
page read and write
14507FE000
unkown
page readonly
1D84EED0000
heap
page read and write
297F000
direct allocation
page read and write
152CDAEA000
heap
page read and write
E08000
heap
page read and write
27CC000
direct allocation
page read and write
27A5000
direct allocation
page read and write
310F000
stack
page read and write
D50000
heap
page read and write
152C9420000
trusted library allocation
page read and write
1450FFE000
unkown
page readonly
2B0A000
direct allocation
page read and write
2921000
direct allocation
page read and write
364E000
stack
page read and write
2B13000
heap
page read and write
1D852DC2000
heap
page read and write
49CF000
stack
page read and write
518E000
stack
page read and write
2873000
direct allocation
page read and write
27B4000
direct allocation
page read and write
1D84EEB1000
heap
page read and write
331F000
stack
page read and write
28FD000
direct allocation
page read and write
2818000
direct allocation
page read and write
152C842B000
heap
page read and write
2AA3000
heap
page read and write
AF8000
heap
page read and write
D68000
heap
page read and write
1D84EF60000
heap
page read and write
84B000
unkown
page read and write
6CCF000
stack
page read and write
152C8443000
heap
page read and write
842000
unkown
page read and write
EF0000
heap
page read and write
2560000
heap
page read and write
F3E000
stack
page read and write
9EA000
unkown
page read and write
8E2000
unkown
page readonly
5C8F000
stack
page read and write
2AFF000
stack
page read and write
14502FE000
stack
page read and write
328E000
stack
page read and write
FC0000
heap
page read and write
1D8542C1000
heap
page read and write
400000
unkown
page readonly
D09000
heap
page read and write
126F000
stack
page read and write
2A10000
heap
page read and write
2802000
direct allocation
page read and write
D2F000
heap
page read and write
29C8000
direct allocation
page read and write
2A1E000
direct allocation
page read and write
27C5000
direct allocation
page read and write
19D000
stack
page read and write
EB0000
heap
page read and write
14510FE000
stack
page read and write
EB0000
heap
page read and write
291E000
direct allocation
page read and write
CB8000
heap
page read and write
BFE000
stack
page read and write
28B7000
direct allocation
page read and write
400000
unkown
page readonly
289C000
direct allocation
page read and write
84B000
unkown
page read and write
2864000
direct allocation
page read and write
1D84EE2F000
heap
page read and write
1D84EE17000
heap
page read and write
26AD000
direct allocation
page read and write
2843000
direct allocation
page read and write
550F000
stack
page read and write
DF4000
heap
page read and write
27E4000
direct allocation
page read and write
960000
unkown
page read and write
1990000
heap
page read and write
D0F000
stack
page read and write
BC0000
heap
page read and write
281F000
direct allocation
page read and write
F90000
heap
page read and write
2AC1000
direct allocation
page read and write
2764000
direct allocation
page read and write
15D5000
direct allocation
page read and write
27E4000
direct allocation
page read and write
1548000
direct allocation
page read and write
27E0000
heap
page read and write
3ECE000
stack
page read and write
D0E000
heap
page read and write
DC0000
heap
page read and write
295B000
direct allocation
page read and write
2938000
direct allocation
page read and write
FA0000
direct allocation
page execute and read and write
15E6000
direct allocation
page read and write
1D854301000
heap
page read and write
F20000
heap
page read and write
293F000
direct allocation
page read and write
2B73000
heap
page read and write
B80000
heap
page read and write
152C8BD0000
trusted library section
page readonly
CFF000
heap
page read and write
2AF0000
heap
page read and write
1D84EE09000
heap
page read and write
2886000
direct allocation
page read and write
DB0000
heap
page read and write
280A000
direct allocation
page read and write
AE0000
heap
page read and write
277C000
direct allocation
page read and write
AA0000
heap
page read and write
152CD8E0000
trusted library allocation
page read and write
AF0000
heap
page read and write
C50000
heap
page read and write
BBE000
stack
page read and write
321E000
stack
page read and write
152C8BE0000
trusted library section
page readonly
E40000
heap
page read and write
CF4000
heap
page read and write
1D84EDF5000
heap
page read and write
27C7000
direct allocation
page read and write
EAE000
stack
page read and write
DF0000
heap
page read and write
29F0000
heap
page read and write
AA0000
heap
page read and write
83F000
unkown
page read and write
26B4000
direct allocation
page read and write
97000
stack
page read and write
288C000
direct allocation
page read and write
2826000
direct allocation
page read and write
1D854384000
heap
page read and write
28CE000
direct allocation
page read and write
28AD000
direct allocation
page read and write
95B000
unkown
page read and write
2728000
direct allocation
page read and write
D31000
heap
page read and write
2954000
direct allocation
page read and write
2A6A000
direct allocation
page read and write
324F000
stack
page read and write
152C848D000
heap
page read and write
152CD930000
trusted library allocation
page read and write
1D84EE66000
heap
page read and write
958000
unkown
page read and write
D56000
heap
page read and write
2AB3000
direct allocation
page read and write
321E000
stack
page read and write
2868000
direct allocation
page read and write
84B000
unkown
page read and write
27F7000
direct allocation
page read and write
2990000
heap
page read and write
2811000
direct allocation
page read and write
D5A000
heap
page read and write
414E000
stack
page read and write
95F000
unkown
page read and write
1D84EE06000
heap
page read and write
D56000
heap
page read and write
3C50000
heap
page read and write
2A10000
direct allocation
page read and write
8B0000
unkown
page read and write
AF0000
heap
page read and write
568E000
stack
page read and write
BB0000
heap
page read and write
2677000
direct allocation
page read and write
2A4D000
direct allocation
page read and write
166A000
direct allocation
page read and write
2AC8000
direct allocation
page read and write
DE0000
heap
page read and write
28F5000
direct allocation
page read and write
F6F000
stack
page read and write
1D84EE75000
heap
page read and write
28B1000
direct allocation
page read and write
1D84EFAA000
trusted library allocation
page read and write
9A000
stack
page read and write
1D84EE0A000
heap
page read and write
19D000
stack
page read and write
8DB000
unkown
page read and write
27C3000
direct allocation
page read and write
97000
stack
page read and write
1D84EE26000
heap
page read and write
D6E000
stack
page read and write
CF4000
heap
page read and write
F7E000
heap
page read and write
378F000
stack
page read and write
27C4000
direct allocation
page read and write
C90000
heap
page read and write
1831000
heap
page read and write
B95000
heap
page read and write
309F000
stack
page read and write
1D84EE1F000
heap
page read and write
27BE000
direct allocation
page read and write
19D000
stack
page read and write
19D000
stack
page read and write
5E0E000
stack
page read and write
C00000
heap
page read and write
E15000
heap
page read and write
CE0000
heap
page read and write
2900000
direct allocation
page read and write
27B5000
direct allocation
page read and write
1D854301000
heap
page read and write
283B000
direct allocation
page read and write
29F0000
heap
page read and write
26CC000
direct allocation
page read and write
D77000
heap
page read and write
958000
unkown
page write copy
2BE0000
heap
page read and write
E4F000
stack
page read and write
2904000
direct allocation
page read and write
D5E000
heap
page read and write
27CF000
direct allocation
page read and write
338F000
stack
page read and write
1824000
heap
page read and write
D38000
heap
page read and write
2791000
direct allocation
page read and write
288C000
direct allocation
page read and write
C95000
heap
page read and write
1D854283000
heap
page read and write
27E1000
direct allocation
page read and write
2A88000
direct allocation
page read and write
107F000
stack
page read and write
2877000
direct allocation
page read and write
2784000
direct allocation
page read and write
83F000
unkown
page read and write
CF4000
heap
page read and write
152CD880000
trusted library allocation
page read and write
14518FE000
unkown
page readonly
33CE000
stack
page read and write
2B70000
heap
page read and write
969000
unkown
page read and write
590E000
stack
page read and write
27EC000
direct allocation
page read and write
D18000
heap
page read and write
83F000
unkown
page write copy
1D84EE1F000
heap
page read and write
1646000
direct allocation
page read and write
1D84EE15000
heap
page read and write
388E000
stack
page read and write
1095000
heap
page read and write
14515FC000
stack
page read and write
2AAB000
direct allocation
page read and write
504E000
stack
page read and write
D7E000
stack
page read and write
95A000
unkown
page read and write
1000000
heap
page read and write
294B000
direct allocation
page read and write
424F000
stack
page read and write
152C8479000
heap
page read and write
281B000
direct allocation
page read and write
7FE00000
direct allocation
page read and write
29AA000
direct allocation
page read and write
84B000
unkown
page read and write
152C8BB0000
trusted library section
page readonly
DA8000
heap
page read and write
30DE000
stack
page read and write
2772000
direct allocation
page read and write
14514FE000
unkown
page readonly
282D000
direct allocation
page read and write
AB0000
heap
page read and write
D39000
heap
page read and write
CD0000
heap
page read and write
2660000
heap
page read and write
1090000
heap
page read and write
B2E000
stack
page read and write
255F000
stack
page read and write
BF0000
heap
page read and write
273C000
direct allocation
page read and write
C78000
heap
page read and write
294D000
direct allocation
page read and write
D10000
heap
page read and write
152CD940000
trusted library allocation
page read and write
B51000
heap
page read and write
274C000
direct allocation
page read and write
1F1D000
stack
page read and write
84B000
unkown
page read and write
2807000
direct allocation
page read and write
DCF000
stack
page read and write
BB5000
heap
page read and write
29B0000
heap
page read and write
29E0000
heap
page read and write
87F000
unkown
page read and write
276E000
stack
page read and write
438F000
stack
page read and write
F60000
heap
page read and write
165C000
direct allocation
page read and write
270F000
direct allocation
page read and write
951000
unkown
page execute read
858000
unkown
page read and write
2AF0000
heap
page read and write
19C000
stack
page read and write
2928000
direct allocation
page read and write
EF5000
heap
page read and write
847000
unkown
page read and write
84B000
unkown
page read and write
D60000
direct allocation
page execute and read and write
2B18000
direct allocation
page read and write
853000
unkown
page read and write
329E000
stack
page read and write
1D854343000
heap
page read and write
1D84EE55000
heap
page read and write
FCF000
stack
page read and write
C23000
heap
page read and write
28ED000
direct allocation
page read and write
2915000
direct allocation
page read and write
D10000
heap
page read and write
E07000
heap
page read and write
83F000
unkown
page read and write
1D854243000
heap
page read and write
145147E000
stack
page read and write
339F000
stack
page read and write
D3F000
heap
page read and write
2805000
direct allocation
page read and write
EA0000
direct allocation
page execute and read and write
28C2000
direct allocation
page read and write
27A0000
direct allocation
page read and write
858000
unkown
page read and write
84B000
unkown
page read and write
29AA000
direct allocation
page read and write
DEF000
stack
page read and write
26B0000
direct allocation
page read and write
8DB000
unkown
page read and write
5CCE000
stack
page read and write
FB0000
heap
page read and write
847000
unkown
page read and write
842000
unkown
page read and write
374F000
stack
page read and write
BB0000
heap
page read and write
281D000
direct allocation
page read and write
F40000
heap
page read and write
2579000
heap
page read and write
152C8D02000
heap
page read and write
2C30000
direct allocation
page execute and read and write
D20000
heap
page read and write
2904000
direct allocation
page read and write
28BB000
direct allocation
page read and write
2838000
direct allocation
page read and write
2737000
direct allocation
page read and write
284F000
direct allocation
page read and write
1821000
heap
page read and write
14513FE000
unkown
page readonly
2868000
direct allocation
page read and write
27F0000
direct allocation
page read and write
1D8542C0000
heap
page read and write
1DE5000
direct allocation
page read and write
1D84EFD5000
heap
page read and write
152CDC50000
trusted library allocation
page read and write
CE0000
heap
page read and write
84F000
unkown
page read and write
29F0000
heap
page read and write
152C849F000
heap
page read and write
AF0000
heap
page read and write
CD8000
heap
page read and write
464E000
stack
page read and write
388F000
stack
page read and write
273E000
direct allocation
page read and write
2905000
direct allocation
page read and write
2946000
direct allocation
page read and write
14500F7000
stack
page read and write
152C8390000
trusted library section
page read and write
958000
unkown
page read and write
1450DFB000
stack
page read and write
27CD000
direct allocation
page read and write
8DA000
unkown
page read and write
D0E000
heap
page read and write
B20000
heap
page read and write
2ABA000
direct allocation
page read and write
27D0000
direct allocation
page read and write
292C000
direct allocation
page read and write
D32000
heap
page read and write
9DB000
unkown
page read and write
AA0000
heap
page read and write
57CE000
stack
page read and write
298F000
stack
page read and write
6D0E000
stack
page read and write
E5E000
stack
page read and write
1612000
direct allocation
page read and write
28C0000
direct allocation
page read and write
1D84EEC0000
heap
page readonly
F1F000
stack
page read and write
847000
unkown
page read and write
2AE0000
heap
page read and write
19D000
stack
page read and write
2A60000
direct allocation
page read and write
BC0000
heap
page read and write
8DB000
unkown
page read and write
292D000
direct allocation
page read and write
859000
unkown
page read and write
1D8524A3000
heap
page read and write
27A6000
direct allocation
page read and write
2A3D000
direct allocation
page read and write
1D84EE6F000
heap
page read and write
514F000
stack
page read and write
97000
stack
page read and write
CF4000
heap
page read and write
9FC000
unkown
page readonly
152C8413000
heap
page read and write
19D000
stack
page read and write
618F000
stack
page read and write
1D84EE55000
heap
page read and write
CF4000
heap
page read and write
27A7000
direct allocation
page read and write
D65000
heap
page read and write
2848000
direct allocation
page read and write
CE0000
heap
page read and write
7FF655D80000
unkown
page readonly
C58000
heap
page read and write
958000
unkown
page read and write
2AED000
direct allocation
page read and write
2E8F000
stack
page read and write
FA0000
heap
page read and write
1F5000
heap
page read and write
160B000
direct allocation
page read and write
C00000
heap
page read and write
152CDAFA000
heap
page read and write
D64000
heap
page read and write
152C8D13000
heap
page read and write
853000
unkown
page read and write
1E12000
direct allocation
page read and write
28D8000
direct allocation
page read and write
2A67000
direct allocation
page read and write
C90000
heap
page read and write
E6E000
stack
page read and write
1D84EE4C000
heap
page read and write
2B23000
heap
page read and write
CF4000
heap
page read and write
853000
unkown
page read and write
960000
unkown
page read and write
853000
unkown
page read and write
354C000
stack
page read and write
31290F5000
stack
page read and write
152C8B90000
trusted library section
page readonly
144FB0B000
stack
page read and write
300E000
stack
page read and write
1D84EE31000
heap
page read and write
9F7000
unkown
page read and write
2A90000
direct allocation
page execute and read and write
282D000
direct allocation
page read and write
2CA0000
heap
page read and write
2A2C000
direct allocation
page read and write
2A80000
heap
page read and write
19D000
stack
page read and write
D57000
heap
page read and write
152CDA8D000
heap
page read and write
500F000
stack
page read and write
26EF000
direct allocation
page read and write
C1D000
heap
page read and write
7FF655DE4000
unkown
page read and write
2801000
direct allocation
page read and write
97000
stack
page read and write
2884000
direct allocation
page read and write
9AA000
unkown
page read and write
E07000
heap
page read and write
1D84EE11000
heap
page read and write
2870000
direct allocation
page read and write
841000
unkown
page read and write
294B000
direct allocation
page read and write
152C8D1A000
heap
page read and write
1D852DA6000
heap
page read and write
19D000
stack
page read and write
340E000
stack
page read and write
2769000
direct allocation
page read and write
2988000
direct allocation
page read and write
27B0000
direct allocation
page read and write
27E5000
direct allocation
page read and write
410F000
stack
page read and write
1D850BF4000
heap
page read and write
2735000
direct allocation
page read and write
5A0F000
stack
page read and write
FB0000
heap
page read and write
245C000
stack
page read and write
858000
unkown
page read and write
27D3000
direct allocation
page read and write
152C8F01000
trusted library allocation
page read and write
209E000
stack
page read and write
1D84EE70000
heap
page read and write
28EF000
direct allocation
page read and write
350E000
stack
page read and write
2952000
direct allocation
page read and write
D66000
heap
page read and write
83F000
unkown
page read and write
27FD000
direct allocation
page read and write
F5F000
stack
page read and write
1450C7E000
stack
page read and write
84B000
unkown
page read and write
270C000
direct allocation
page read and write
842000
unkown
page read and write
D6B000
heap
page read and write
152C847C000
heap
page read and write
14509FE000
unkown
page readonly
D77000
heap
page read and write
145207E000
stack
page read and write
3C4F000
stack
page read and write
299C000
direct allocation
page read and write
83F000
unkown
page read and write
9DF000
unkown
page read and write
2971000
direct allocation
page read and write
D78000
heap
page read and write
2F60000
trusted library allocation
page read and write
2858000
direct allocation
page read and write
CC0000
heap
page read and write
7FF655DEE000
unkown
page readonly
6F4F000
stack
page read and write
1040000
direct allocation
page execute and read and write
1D84ECE0000
heap
page read and write
AEE000
stack
page read and write
276D000
direct allocation
page read and write
1D84EE70000
heap
page read and write
1D8541C1000
heap
page read and write
2A8D000
direct allocation
page read and write
D32000
heap
page read and write
E0D000
heap
page read and write
28AA000
direct allocation
page read and write
958000
unkown
page read and write
44CF000
stack
page read and write
360F000
stack
page read and write
2BE3000
heap
page read and write
9F0000
unkown
page read and write
2AA4000
direct allocation
page read and write
1D84EE70000
heap
page read and write
97000
stack
page read and write
19D000
stack
page read and write
AA0000
heap
page read and write
2834000
direct allocation
page read and write
1235000
heap
page read and write
2AD8000
direct allocation
page read and write
7FF655DC8000
unkown
page readonly
1D84EE71000
heap
page read and write
847000
unkown
page read and write
8DB000
unkown
page read and write
14501FE000
unkown
page readonly
C28000
heap
page read and write
26FD000
direct allocation
page read and write
9B5000
unkown
page read and write
280C000
direct allocation
page read and write
89B000
unkown
page read and write
195E000
stack
page read and write
2781000
direct allocation
page read and write
F70000
heap
page read and write
2844000
direct allocation
page read and write
1D84EE5C000
heap
page read and write
1D84EEF0000
heap
page read and write
1D84EE0A000
heap
page read and write
2AB3000
heap
page read and write
1150000
heap
page read and write
AA0000
heap
page read and write
B88000
heap
page read and write
315E000
stack
page read and write
15F4000
direct allocation
page read and write
2A8F000
direct allocation
page read and write
C1B000
heap
page read and write
2AF4000
direct allocation
page read and write
3B0F000
stack
page read and write
B40000
heap
page read and write
8E1000
unkown
page read and write
28F1000
direct allocation
page read and write
853000
unkown
page read and write
842000
unkown
page read and write
28B5000
direct allocation
page read and write
858000
unkown
page read and write
83F000
unkown
page read and write
83F000
unkown
page read and write
540E000
stack
page read and write
D15000
heap
page read and write
853000
unkown
page read and write
CF4000
heap
page read and write
1970000
heap
page read and write
8DB000
unkown
page read and write
28CA000
direct allocation
page read and write
2665000
direct allocation
page read and write
1DFB000
direct allocation
page read and write
152CDCA0000
remote allocation
page read and write
1010000
heap
page read and write
194E000
trusted library allocation
page read and write
7FF655DDB000
unkown
page read and write
D5B000
heap
page read and write
28F7000
direct allocation
page read and write
26BD000
direct allocation
page read and write
2913000
direct allocation
page read and write
2717000
direct allocation
page read and write
9D5000
unkown
page read and write
84B000
unkown
page read and write
C28000
heap
page read and write
3FCF000
stack
page read and write
2A9D000
direct allocation
page read and write
2858000
direct allocation
page read and write
291A000
direct allocation
page read and write
8C5000
unkown
page read and write
1D84EE17000
heap
page read and write
3E8F000
stack
page read and write
B60000
heap
page read and write
2954000
direct allocation
page read and write
152CDA2C000
heap
page read and write
152C84FE000
heap
page read and write
D68000
heap
page read and write
15FD000
direct allocation
page read and write
290E000
direct allocation
page read and write
1D854405000
heap
page read and write
10E5000
heap
page read and write
960000
unkown
page read and write
FE0000
heap
page read and write
1D84EE70000
heap
page read and write
298F000
direct allocation
page read and write
2963000
direct allocation
page read and write
853000
unkown
page read and write
2986000
direct allocation
page read and write
F43000
heap
page read and write
350F000
stack
page read and write
11A0000
heap
page read and write
2870000
direct allocation
page read and write
1D854283000
heap
page read and write
7FF655DC8000
unkown
page readonly
2E30000
heap
page read and write
9CA000
unkown
page read and write
1D84EE70000
heap
page read and write
152CDA60000
trusted library allocation
page read and write
2756000
direct allocation
page read and write
152CD900000
trusted library allocation
page read and write
84B000
unkown
page read and write
283D000
direct allocation
page read and write
311C000
stack
page read and write
C3E000
stack
page read and write
842000
unkown
page read and write
972000
unkown
page read and write
152C8C00000
heap
page read and write
1D8543C4000
heap
page read and write
290B000
direct allocation
page read and write
276D000
direct allocation
page read and write
D0F000
heap
page read and write
29B1000
direct allocation
page read and write
1D854286000
heap
page read and write
2BE0000
heap
page read and write
152C9870000
trusted library allocation
page read and write
428E000
stack
page read and write
285D000
direct allocation
page read and write
F80000
heap
page read and write
280D000
direct allocation
page read and write
28B8000
direct allocation
page read and write
287F000
direct allocation
page read and write
1826000
heap
page read and write
8DB000
unkown
page read and write
BFE000
stack
page read and write
1D8524A6000
heap
page read and write
27B6000
direct allocation
page read and write
97000
stack
page read and write
2996000
direct allocation
page read and write
4B0F000
stack
page read and write
2A23000
heap
page read and write
CA0000
heap
page read and write
29AC000
direct allocation
page read and write
2A62000
direct allocation
page read and write
1D854284000
heap
page read and write
DF5000
heap
page read and write
564D000
stack
page read and write
2B11000
direct allocation
page read and write
2E60000
heap
page read and write
152CDA5E000
heap
page read and write
8E1000
unkown
page read and write
152CD9E0000
trusted library allocation
page read and write
CF4000
heap
page read and write
401000
unkown
page execute read
1D8542E8000
heap
page read and write
F8F000
stack
page read and write
CF0000
heap
page read and write
368E000
stack
page read and write
29A3000
direct allocation
page read and write
2853000
direct allocation
page read and write
27AE000
direct allocation
page read and write
39CF000
stack
page read and write
152CDA1F000
heap
page read and write
BC7000
heap
page read and write
1822000
heap
page read and write
53CF000
stack
page read and write
D56000
heap
page read and write
842000
unkown
page read and write
D70000
heap
page read and write
339F000
stack
page read and write
1D850BF0000
heap
page read and write
28EF000
direct allocation
page read and write
2856000
direct allocation
page read and write
48CE000
stack
page read and write
858000
unkown
page read and write
295A000
direct allocation
page read and write
D28000
heap
page read and write
CF4000
heap
page read and write
29B1000
direct allocation
page read and write
351C000
stack
page read and write
2ADF000
direct allocation
page read and write
EB3000
heap
page read and write
152C8513000
heap
page read and write
F7E000
stack
page read and write
2994000
direct allocation
page read and write
1450A7E000
stack
page read and write
27FA000
direct allocation
page read and write
152CDB0E000
heap
page read and write
EFF000
stack
page read and write
1220000
heap
page read and write
27AF000
direct allocation
page read and write
2917000
direct allocation
page read and write
286C000
direct allocation
page read and write
96D000
unkown
page read and write
34CF000
stack
page read and write
2925000
direct allocation
page read and write
E10000
heap
page read and write
2980000
heap
page read and write
2C6E000
stack
page read and write
847000
unkown
page read and write
293D000
direct allocation
page read and write
27BC000
direct allocation
page read and write
1821000
heap
page read and write
28F6000
direct allocation
page read and write
2797000
direct allocation
page read and write
271A000
direct allocation
page read and write
D62000
heap
page read and write
D5B000
heap
page read and write
152CD9D0000
trusted library allocation
page read and write
1638000
direct allocation
page read and write
152C9240000
trusted library allocation
page read and write
CF4000
heap
page read and write
3D8E000
stack
page read and write
152CDAC6000
heap
page read and write
14504F9000
stack
page read and write
95A000
unkown
page write copy
ECF000
stack
page read and write
B30000
heap
page read and write
8DB000
unkown
page read and write
11A5000
heap
page read and write
314E000
stack
page read and write
1D84EE4E000
heap
page read and write
152CDAD6000
heap
page read and write
858000
unkown
page read and write
1D84EE52000
heap
page read and write
2944000
direct allocation
page read and write
2851000
direct allocation
page read and write
2B30000
direct allocation
page execute and read and write
2810000
heap
page read and write
4ECF000
stack
page read and write
52CE000
stack
page read and write
2961000
direct allocation
page read and write
84D000
unkown
page read and write
CF5000
heap
page read and write
BFE000
stack
page read and write
B75000
heap
page read and write
31298FC000
stack
page read and write
2944000
direct allocation
page read and write
1690000
direct allocation
page execute and read and write
1D854405000
heap
page read and write
152CDA00000
heap
page read and write
2C0F000
stack
page read and write
2774000
direct allocation
page read and write
2822000
direct allocation
page read and write
14511FE000
unkown
page readonly
26F4000
direct allocation
page read and write
152CDAF6000
heap
page read and write
152C8340000
heap
page read and write
9B000
stack
page read and write
B50000
heap
page read and write
7FF655DDB000
unkown
page write copy
1D84EFB0000
heap
page read and write
FA0000
direct allocation
page execute and read and write
8BB000
unkown
page read and write
296A000
direct allocation
page read and write
7FF655DEF000
unkown
page readonly
B45000
heap
page read and write
1D854301000
heap
page read and write
293D000
direct allocation
page read and write
284B000
direct allocation
page read and write
D36000
heap
page read and write
AB0000
heap
page read and write
152C8C02000
heap
page read and write
15A2000
direct allocation
page read and write
D14000
heap
page read and write
3B4E000
stack
page read and write
2861000
direct allocation
page read and write
B80000
heap
page read and write
1D854302000
heap
page read and write
1D852DA3000
heap
page read and write
2A9D000
direct allocation
page read and write
1D84EE67000
heap
page read and write
219F000
stack
page read and write
299D000
direct allocation
page read and write
2A54000
direct allocation
page read and write
CFA000
heap
page read and write
2836000
direct allocation
page read and write
2A6E000
direct allocation
page read and write
97000
stack
page read and write
D12000
heap
page read and write
FA0000
direct allocation
page execute and read and write
1450F7E000
stack
page read and write
D6D000
heap
page read and write
2D4F000
stack
page read and write
31DF000
stack
page read and write
2795000
direct allocation
page read and write
858000
unkown
page read and write
1D84EE2F000
heap
page read and write
D22000
heap
page read and write
1D84EDF5000
heap
page read and write
3356000
direct allocation
page read and write
19D000
stack
page read and write
1230000
heap
page read and write
152C8472000
heap
page read and write
CA0000
heap
page read and write
AA0000
heap
page read and write
1050000
heap
page read and write
842000
unkown
page read and write
28AD000
direct allocation
page read and write
28A8000
direct allocation
page read and write
1045000
heap
page read and write
14519FB000
stack
page read and write
B28000
heap
page read and write
D29000
heap
page read and write
9F4000
unkown
page read and write
B22000
heap
page read and write
34DF000
stack
page read and write
152C8BA0000
trusted library section
page readonly
AA0000
heap
page read and write
97000
stack
page read and write
364D000
stack
page read and write
152CDA4D000
heap
page read and write
853000
unkown
page read and write
282A000
direct allocation
page read and write
22DF000
stack
page read and write
360F000
stack
page read and write
1D84EE55000
heap
page read and write
1D84EE2E000
heap
page read and write
1821000
heap
page read and write
1604000
direct allocation
page read and write
29B8000
direct allocation
page read and write
1D852E56000
heap
page read and write
DA8000
heap
page read and write
C15000
heap
page read and write
CF4000
heap
page read and write
D54000
heap
page read and write
27D1000
direct allocation
page read and write
1450B7E000
stack
page read and write
89F000
unkown
page read and write
2727000
direct allocation
page read and write
157E000
direct allocation
page read and write
1D854301000
heap
page read and write
7FF655D81000
unkown
page execute read
296A000
direct allocation
page read and write
2AFC000
direct allocation
page read and write
28EF000
direct allocation
page read and write
31290EE000
stack
page read and write
2730000
direct allocation
page read and write
290E000
direct allocation
page read and write
83F000
unkown
page read and write
28D5000
direct allocation
page read and write
2990000
heap
page read and write
29B0000
heap
page read and write
2B73000
heap
page read and write
1D8541C0000
heap
page read and write
288E000
stack
page read and write
8E4000
unkown
page readonly
DE0000
heap
page read and write
15B1000
direct allocation
page read and write
CB0000
direct allocation
page execute and read and write
CF4000
heap
page read and write
152CD870000
trusted library allocation
page read and write
AE5000
heap
page read and write
D1E000
heap
page read and write
1564000
direct allocation
page read and write
847000
unkown
page read and write
2844000
direct allocation
page read and write
E1F000
stack
page read and write
D56000
heap
page read and write
152C84B0000
heap
page read and write
27EB000
direct allocation
page read and write
274D000
direct allocation
page read and write
BC5000
heap
page read and write
AEE000
stack
page read and write
84F000
unkown
page read and write
286F000
direct allocation
page read and write
289D000
direct allocation
page read and write
554C000
stack
page read and write
1000000
heap
page read and write
DC0000
heap
page read and write
281C000
direct allocation
page read and write
152CD95E000
trusted library allocation
page read and write
279F000
direct allocation
page read and write
2B20000
heap
page read and write
1165000
heap
page read and write
152CDCA0000
remote allocation
page read and write
1F5E000
stack
page read and write
2994000
direct allocation
page read and write
283C000
direct allocation
page read and write
E1E000
stack
page read and write
96D000
unkown
page read and write
31296FE000
stack
page read and write
1573000
direct allocation
page read and write
152C848F000
heap
page read and write
27CC000
direct allocation
page read and write
1628000
direct allocation
page read and write
152CDC30000
trusted library allocation
page read and write
2907000
direct allocation
page read and write
BB5000
heap
page read and write
2A71000
direct allocation
page read and write
292D000
direct allocation
page read and write
400E000
stack
page read and write
2764000
direct allocation
page read and write
966000
unkown
page read and write
29A0000
direct allocation
page execute and read and write
F9F000
stack
page read and write
D6C000
heap
page read and write
27D8000
direct allocation
page read and write
15B8000
direct allocation
page read and write
1D8524A0000
trusted library allocation
page read and write
29F3000
heap
page read and write
CCF000
stack
page read and write
E01000
heap
page read and write
14516FE000
unkown
page readonly
DF0000
heap
page read and write
2978000
direct allocation
page read and write
289F000
direct allocation
page read and write
1654000
direct allocation
page read and write
364E000
stack
page read and write
C2E000
heap
page read and write
374F000
stack
page read and write
27AD000
direct allocation
page read and write
9B000
stack
page read and write
5F0F000
stack
page read and write
325E000
stack
page read and write
1595000
direct allocation
page read and write
27DE000
direct allocation
page read and write
27FB000
direct allocation
page read and write
29A3000
direct allocation
page read and write
2815000
direct allocation
page read and write
B80000
heap
page read and write
152CDB00000
heap
page read and write
8D0000
unkown
page read and write
282D000
direct allocation
page read and write
460F000
stack
page read and write
450E000
stack
page read and write
14520FE000
unkown
page readonly
D10000
heap
page read and write
AF0000
heap
page read and write
2A30000
heap
page read and write
9FE000
unkown
page readonly
2704000
direct allocation
page read and write
2713000
direct allocation
page read and write
1D84EDFB000
heap
page read and write
2670000
direct allocation
page read and write
1920000
trusted library allocation
page read and write
29A0000
direct allocation
page execute and read and write
83F000
unkown
page read and write
DF5000
heap
page read and write
858000
unkown
page read and write
2878000
direct allocation
page read and write
1D84EE30000
heap
page read and write
2782000
direct allocation
page read and write
275D000
direct allocation
page read and write
19D000
stack
page read and write
267E000
direct allocation
page read and write
FB0000
heap
page read and write
6E4E000
stack
page read and write
27DD000
direct allocation
page read and write
853000
unkown
page read and write
298D000
direct allocation
page read and write
C00000
heap
page read and write
2AD0000
heap
page read and write
2AC1000
direct allocation
page read and write
1235000
heap
page read and write
2894000
direct allocation
page read and write
1821000
heap
page read and write
152C8D00000
heap
page read and write
FF0000
heap
page read and write
28C7000
direct allocation
page read and write
1D854342000
heap
page read and write
152CDA40000
heap
page read and write
26C2000
direct allocation
page read and write
28A3000
direct allocation
page read and write
2865000
direct allocation
page read and write
1D854201000
heap
page read and write
C00000
heap
page read and write
58CF000
stack
page read and write
2986000
direct allocation
page read and write
AA0000
heap
page read and write
2971000
direct allocation
page read and write
152C8C15000
heap
page read and write
2C4E000
stack
page read and write
842000
unkown
page read and write
972000
unkown
page read and write
10D0000
heap
page read and write
9F6000
unkown
page write copy
29B8000
direct allocation
page read and write
27C5000
direct allocation
page read and write
28B4000
direct allocation
page read and write
298F000
stack
page read and write
4F0E000
stack
page read and write
9F5000
unkown
page read and write
2842000
direct allocation
page read and write
2A13000
heap
page read and write
842000
unkown
page read and write
28E8000
direct allocation
page read and write
401000
unkown
page execute read
1D852E48000
heap
page read and write
AA8000
heap
page read and write
152C8320000
heap
page read and write
2C20000
heap
page read and write
83F000
unkown
page read and write
84B000
unkown
page read and write
E6F000
stack
page read and write
2AC8000
direct allocation
page read and write
31295FD000
stack
page read and write
1E5000
heap
page read and write
1230000
heap
page read and write
28F6000
direct allocation
page read and write
328E000
stack
page read and write
290C000
direct allocation
page read and write
152CDAD1000
heap
page read and write
33DE000
stack
page read and write
28BB000
direct allocation
page read and write
2912000
direct allocation
page read and write
2828000
direct allocation
page read and write
2876000
direct allocation
page read and write
CF4000
heap
page read and write
FB0000
direct allocation
page execute and read and write
1D853DB5000
heap
page read and write
2861000
direct allocation
page read and write
7FF655DEA000
unkown
page readonly
14506FC000
stack
page read and write
378E000
stack
page read and write
BFE000
stack
page read and write
2830000
heap
page read and write
1D8543C5000
heap
page read and write
152C8494000
heap
page read and write
26B6000
direct allocation
page read and write
1D84EE15000
heap
page read and write
315E000
stack
page read and write
D67000
heap
page read and write
1D854301000
heap
page read and write
890000
unkown
page read and write
1D84EE75000
heap
page read and write
E30000
heap
page read and write
CF4000
heap
page read and write
295C000
direct allocation
page read and write
D77000
heap
page read and write
26BB000
direct allocation
page read and write
152C8380000
trusted library allocation
page read and write
152C8477000
heap
page read and write
2791000
direct allocation
page read and write
2A58000
direct allocation
page read and write
D3E000
stack
page read and write
33DE000
stack
page read and write
2A6E000
stack
page read and write
2685000
direct allocation
page read and write
AA0000
heap
page read and write
2893000
direct allocation
page read and write
2B20000
heap
page read and write
29A0000
heap
page read and write
608E000
stack
page read and write
27BC000
direct allocation
page read and write
2780000
heap
page read and write
95B000
unkown
page read and write
2834000
direct allocation
page read and write
2704000
direct allocation
page read and write
B00000
heap
page read and write
1D852DA7000
heap
page read and write
26E8000
direct allocation
page read and write
972000
unkown
page read and write
FB0000
heap
page read and write
83F000
unkown
page read and write
27BD000
direct allocation
page read and write
1D84EE2F000
heap
page read and write
2745000
direct allocation
page read and write
C05000
heap
page read and write
858000
unkown
page read and write
268C000
direct allocation
page read and write
31291FE000
stack
page read and write
D0F000
heap
page read and write
269D000
direct allocation
page read and write
4C8E000
stack
page read and write
152CDB0C000
heap
page read and write
D10000
heap
page read and write
1451AFE000
unkown
page readonly
1D84EE75000
heap
page read and write
282F000
direct allocation
page read and write
2980000
heap
page read and write
CCE000
stack
page read and write
BF9000
heap
page read and write
152CD930000
trusted library allocation
page read and write
1D854406000
heap
page read and write
287A000
direct allocation
page read and write
1D84EE10000
heap
page read and write
28D1000
direct allocation
page read and write
1D84EE0A000
heap
page read and write
AEE000
stack
page read and write
145127E000
stack
page read and write
43CE000
stack
page read and write
C3E000
stack
page read and write
38CE000
stack
page read and write
B50000
heap
page read and write
F1F000
stack
page read and write
1D852E3C000
heap
page read and write
15CE000
direct allocation
page read and write
8DC000
unkown
page write copy
1095000
heap
page read and write
28E8000
direct allocation
page read and write
E04000
heap
page read and write
1D84EE4D000
heap
page read and write
2851000
direct allocation
page read and write
1D854405000
heap
page read and write
31297FF000
stack
page read and write
2865000
direct allocation
page read and write
D2E000
stack
page read and write
26C4000
direct allocation
page read and write
BC8000
heap
page read and write
27F5000
direct allocation
page read and write
1842000
heap
page read and write
2A78000
direct allocation
page read and write
FA0000
direct allocation
page execute and read and write
285A000
direct allocation
page read and write
C6E000
stack
page read and write
8DB000
unkown
page read and write
1D84EE67000
heap
page read and write
275D000
direct allocation
page read and write
116F000
stack
page read and write
2725000
direct allocation
page read and write
284A000
direct allocation
page read and write
2740000
heap
page read and write
CD0000
heap
page read and write
DA0000
heap
page read and write
1D854405000
heap
page read and write
276B000
direct allocation
page read and write
2667000
heap
page read and write
EF0000
heap
page read and write
D22000
heap
page read and write
9B000
stack
page read and write
EC0000
heap
page read and write
27B7000
direct allocation
page read and write
9F5000
unkown
page read and write
350E000
stack
page read and write
C2E000
heap
page read and write
2B20000
heap
page read and write
F70000
heap
page read and write
152CD900000
trusted library allocation
page read and write
27AF000
direct allocation
page read and write
1D84EE70000
heap
page read and write
1D84EE2F000
heap
page read and write
284A000
direct allocation
page read and write
29F0000
heap
page read and write
2A20000
heap
page read and write
1710000
heap
page read and write
1165000
heap
page read and write
1450BFE000
unkown
page readonly
DA0000
heap
page read and write
2900000
direct allocation
page read and write
4C4F000
stack
page read and write
968000
unkown
page read and write
E0D000
heap
page read and write
F9F000
stack
page read and write
26D8000
direct allocation
page read and write
29BA000
direct allocation
page read and write
1D84EE2F000
heap
page read and write
1671000
direct allocation
page read and write
847000
unkown
page read and write
D61000
heap
page read and write
9F5000
unkown
page read and write
152C8D1A000
heap
page read and write
2BE3000
heap
page read and write
2904000
direct allocation
page read and write
26D1000
direct allocation
page read and write
1D854405000
heap
page read and write
2798000
direct allocation
page read and write
847000
unkown
page read and write
84B000
unkown
page read and write
E3E000
stack
page read and write
278F000
direct allocation
page read and write
152CDA53000
heap
page read and write
1D84EE52000
heap
page read and write
152CD920000
trusted library allocation
page read and write
CF4000
heap
page read and write
2968000
direct allocation
page read and write
28FD000
direct allocation
page read and write
CF4000
heap
page read and write
298D000
direct allocation
page read and write
488F000
stack
page read and write
F75000
heap
page read and write
1D854383000
heap
page read and write
855000
unkown
page read and write
E1F000
stack
page read and write
1D854202000
heap
page read and write
2AB0000
heap
page read and write
D6F000
heap
page read and write
33CF000
stack
page read and write
1D852DFE000
heap
page read and write
152C8441000
heap
page read and write
2A5F000
stack
page read and write
4DCE000
stack
page read and write
AEE000
stack
page read and write
1F0000
heap
page read and write
152C8400000
heap
page read and write
21DE000
stack
page read and write
1D854283000
heap
page read and write
B20000
heap
page read and write
351C000
stack
page read and write
152CDA50000
trusted library allocation
page read and write
1D84EE1F000
heap
page read and write
2B70000
heap
page read and write
9FB000
unkown
page read and write
14517FE000
stack
page read and write
2867000
direct allocation
page read and write
15C0000
direct allocation
page read and write
DF9000
heap
page read and write
AA0000
heap
page read and write
D20000
heap
page read and write
205F000
stack
page read and write
853000
unkown
page read and write
277B000
direct allocation
page read and write
BF9000
heap
page read and write
F90000
heap
page read and write
D77000
heap
page read and write
1D854242000
heap
page read and write
847000
unkown
page read and write
2952000
direct allocation
page read and write
846000
unkown
page read and write
1040000
heap
page read and write
152C8BC0000
trusted library section
page readonly
29F3000
heap
page read and write
28DC000
direct allocation
page read and write
109F000
stack
page read and write
D22000
heap
page read and write
96D000
unkown
page read and write
2888000
direct allocation
page read and write
1920000
trusted library allocation
page read and write
241F000
stack
page read and write
AF0000
heap
page read and write
2831000
direct allocation
page read and write
DD0000
heap
page read and write
287D000
direct allocation
page read and write
2CA3000
heap
page read and write
1D84EE0A000
heap
page read and write
264F000
direct allocation
page read and write
3A0E000
stack
page read and write
F10000
heap
page read and write
F65000
heap
page read and write
19C000
stack
page read and write
152C8502000
heap
page read and write
4B4E000
stack
page read and write
972000
unkown
page read and write
B65000
heap
page read and write
2928000
direct allocation
page read and write
1D84EDF2000
heap
page read and write
1D84EDC8000
heap
page read and write
AA0000
heap
page read and write
1D84EE55000
heap
page read and write
26CA000
direct allocation
page read and write
9B9000
unkown
page read and write
152CDB03000
heap
page read and write
97000
stack
page read and write
8D6000
unkown
page read and write
29EF000
stack
page read and write
2ECE000
stack
page read and write
8DB000
unkown
page read and write
27DA000
direct allocation
page read and write
26F6000
direct allocation
page read and write
1D84EE0A000
heap
page read and write
2AD0000
heap
page read and write
97000
stack
page read and write
10D5000
heap
page read and write
152C8350000
heap
page read and write
BB0000
heap
page read and write
28A1000
direct allocation
page read and write
1D8542C1000
heap
page read and write
1D84EFD0000
heap
page read and write
853000
unkown
page read and write
31292FD000
stack
page read and write
F90000
heap
page read and write
5B8E000
stack
page read and write
F7A000
heap
page read and write
1090000
heap
page read and write
28D4000
direct allocation
page read and write
2715000
direct allocation
page read and write
7FF655D81000
unkown
page execute read
CF0000
heap
page read and write
B6F000
heap
page read and write
528F000
stack
page read and write
28D8000
direct allocation
page read and write
7FF655DEA000
unkown
page readonly
B37000
heap
page read and write
283D000
direct allocation
page read and write
2798000
direct allocation
page read and write
D6F000
heap
page read and write
C20000
heap
page read and write
2962000
direct allocation
page read and write
145137E000
stack
page read and write
B58000
heap
page read and write
27F2000
direct allocation
page read and write
2907000
direct allocation
page read and write
2868000
direct allocation
page read and write
164D000
direct allocation
page read and write
152CD8F0000
trusted library allocation
page read and write
474F000
stack
page read and write
97000
stack
page read and write
478E000
stack
page read and write
1D84EE50000
heap
page read and write
19D000
stack
page read and write
231E000
stack
page read and write
19D000
stack
page read and write
1540000
direct allocation
page read and write
27CA000
direct allocation
page read and write
C00000
heap
page read and write
1D853870000
heap
page read and write
2788000
direct allocation
page read and write
D30000
heap
page read and write
D70000
heap
page read and write
853000
unkown
page read and write
2AAC000
direct allocation
page read and write
83F000
unkown
page read and write
1D84EE2E000
heap
page read and write
F2E000
stack
page read and write
97000
stack
page read and write
1D84EFDE000
heap
page read and write
1D850CF0000
trusted library allocation
page read and write
6BCE000
stack
page read and write
2AA0000
heap
page read and write
278A000
direct allocation
page read and write
291C000
direct allocation
page read and write
152C845B000
heap
page read and write
858000
unkown
page read and write
BED000
heap
page read and write
27F4000
direct allocation
page read and write
1D852E62000
heap
page read and write
285A000
direct allocation
page read and write
CF4000
heap
page read and write
29F0000
heap
page read and write
B5A000
heap
page read and write
152CDB0A000
heap
page read and write
2963000
direct allocation
page read and write
97000
stack
page read and write
2907000
direct allocation
page read and write
34DF000
stack
page read and write
14508FB000
stack
page read and write
D32000
heap
page read and write
D4F000
stack
page read and write
297F000
direct allocation
page read and write
1160000
heap
page read and write
27ED000
direct allocation
page read and write
D3E000
stack
page read and write
27A8000
direct allocation
page read and write
2A96000
direct allocation
page read and write
1D854283000
heap
page read and write
2830000
trusted library allocation
page read and write
2814000
direct allocation
page read and write
28E0000
heap
page read and write
8DB000
unkown
page read and write
152CD901000
trusted library allocation
page read and write
E17000
heap
page read and write
152CDA60000
heap
page read and write
1D84EE15000
heap
page read and write
1D84EE4D000
heap
page read and write
15DC000
direct allocation
page read and write
2A5B000
direct allocation
page read and write
306F000
stack
page read and write
E8F000
stack
page read and write
1450AFE000
unkown
page readonly
2B10000
heap
page read and write
1D84EF91000
trusted library allocation
page read and write
604F000
stack
page read and write
D57000
heap
page read and write
1D84EDC0000
heap
page read and write
CFC000
heap
page read and write
2AB2000
direct allocation
page read and write
AEE000
stack
page read and write
2818000
direct allocation
page read and write
1D854283000
heap
page read and write
D32000
heap
page read and write
29C1000
direct allocation
page read and write
2885000
direct allocation
page read and write
29B3000
direct allocation
page read and write
293D000
direct allocation
page read and write
847000
unkown
page read and write
31290F9000
stack
page read and write
27E5000
direct allocation
page read and write
2910000
direct allocation
page read and write
1D84EE17000
heap
page read and write
329E000
stack
page read and write
7FF655D80000
unkown
page readonly
F30000
direct allocation
page execute and read and write
D7E000
stack
page read and write
E90000
heap
page read and write
CF4000
heap
page read and write
295A000
direct allocation
page read and write
1D852CA0000
heap
page read and write
1160000
heap
page read and write
2721000
direct allocation
page read and write
2AE6000
direct allocation
page read and write
287E000
direct allocation
page read and write
BBE000
stack
page read and write
C18000
heap
page read and write
There are 1511 hidden memdumps, click here to show them.