IOC Report
h8jGj6Qe78.exe

loading gif

Files

File Path
Type
Category
Malicious
h8jGj6Qe78.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js
ASCII text, with no line terminators
dropped
 malicious
C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.scr
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\329C.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\795933\Burn.pif
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\Temp\DFA6.exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\Temp\svchost015.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SwiftServe.url
MS Windows 95 Internet shortcut text (URL=<"C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js" >), ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Roaming\ewggbbh
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\ewggbbh:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\FCAAEBFHJJDAAKFIECGDBKJDGI
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\GCBGIIEC
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\IDBKFHJEBAAEBGDGDBFB
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\IECFHDBA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\JJDHIDBFBFHIJKFHCGIEGIDAEH
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
dropped
C:\ProgramData\JKKECBGIIIEBGCBGIDHDGCAKJE
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\KJEHDHIEGIIIDHIDHDHJ
ASCII text, with very long lines (1809), with CRLF line terminators
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x000000000000002d.db
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\SwiftTech Solutions\w
data
dropped
C:\Users\user\AppData\Local\Temp\795933\RegAsm.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\795933\z
data
dropped
C:\Users\user\AppData\Local\Temp\Activity
data
dropped
C:\Users\user\AppData\Local\Temp\Census
data
dropped
C:\Users\user\AppData\Local\Temp\Church
data
dropped
C:\Users\user\AppData\Local\Temp\Comment
data
dropped
C:\Users\user\AppData\Local\Temp\Convenience
data
dropped
C:\Users\user\AppData\Local\Temp\Dod
data
dropped
C:\Users\user\AppData\Local\Temp\Literature
data
dropped
C:\Users\user\AppData\Local\Temp\Maps
data
dropped
C:\Users\user\AppData\Local\Temp\Mario
data
dropped
C:\Users\user\AppData\Local\Temp\Postcards
data
dropped
C:\Users\user\AppData\Local\Temp\Shift
data
dropped
C:\Users\user\AppData\Local\Temp\Teach
ASCII text, with very long lines (554), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Teach.bat (copy)
ASCII text, with very long lines (554), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Vessel
data
dropped
C:\Users\user\AppData\Local\Temp\Vhs
data
dropped
C:\Users\user\AppData\Local\Temp\Yahoo
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-shm
data
dropped
There are 41 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\h8jGj6Qe78.exe
"C:\Users\user\Desktop\h8jGj6Qe78.exe"
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\ewggbbh
C:\Users\user\AppData\Roaming\ewggbbh
 malicious
C:\Users\user\AppData\Local\Temp\329C.exe
C:\Users\user\AppData\Local\Temp\329C.exe
 malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe" /k move Teach Teach.bat & Teach.bat & exit
 malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c md 795933
 malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c copy /b ..\Church + ..\Activity + ..\Yahoo + ..\Census + ..\Mario + ..\Postcards + ..\Vessel + ..\Vhs + ..\Maps + ..\Convenience + ..\Comment + ..\Shift z
malicious
C:\Users\user\AppData\Local\Temp\795933\Burn.pif
Burn.pif z
 malicious
C:\Windows\SysWOW64\cmd.exe
cmd /c schtasks.exe /create /tn "Cheese" /tr "wscript //B 'C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js'" /sc minute /mo 5 /F
malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks.exe /create /tn "Cheese" /tr "wscript //B 'C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js'" /sc minute /mo 5 /F
malicious
C:\Windows\SysWOW64\cmd.exe
cmd /k echo [InternetShortcut] > "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SwiftServe.url" & echo URL="C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js" >> "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SwiftServe.url" & exit
malicious
C:\Windows\System32\wscript.exe
C:\Windows\system32\wscript.EXE //B "C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js"
 malicious
C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.scr
"C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.scr" "C:\Users\user\AppData\Local\SwiftTech Solutions\w"
 malicious
C:\Users\user\AppData\Local\Temp\DFA6.exe
C:\Users\user\AppData\Local\Temp\DFA6.exe
 malicious
C:\Windows\System32\wscript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.js"
malicious
C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.scr
"C:\Users\user\AppData\Local\SwiftTech Solutions\SwiftServe.scr" "C:\Users\user\AppData\Local\SwiftTech Solutions\w"
 malicious
C:\Users\user\AppData\Local\Temp\svchost015.exe
C:\Users\user\AppData\Local\Temp\svchost015.exe
 malicious
C:\Users\user\AppData\Local\Temp\795933\RegAsm.exe
C:\Users\user\AppData\Local\Temp\795933\RegAsm.exe
 malicious
C:\Users\user\AppData\Roaming\ewggbbh
C:\Users\user\AppData\Roaming\ewggbbh
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "wrsa opssvc"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "avastui avgui bdservicehost nswscsvc sophoshealth"
C:\Windows\SysWOW64\findstr.exe
findstr /V "tagsnegotiationthreadadobe" Literature
C:\Windows\SysWOW64\choice.exe
choice /d y /t 5
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 18 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://91.202.233.158/e96ea2db21fa9a1b.phpK
unknown
 malicious
http://91.202.233.158/3836fd5700214436/nss3.dllA5
unknown
 malicious
http://91.202.233.158/3836fd5700214436/msvcp140.dll
91.202.233.158
 malicious
http://91.202.233.158/3836fd5700214436/nss3.dll%
unknown
 malicious
http://91.202.233.158/3836fd5700214436/sqlite3.dll
91.202.233.158
 malicious
http://91.202.233.158/
91.202.233.158
 malicious
http://91.202.233.158/e96ea2db21fa9a1b.php
91.202.233.158
 malicious
http://91.202.233.158/3836fd5700214436/msvcp140.dllj
unknown
 malicious
http://91.202.233.158/e96ea2db21fa9a1b.phpK0
unknown
 malicious
http://91.202.233.158/3836fd5700214436/vcruntime140.dll
91.202.233.158
 malicious
http://91.202.233.158/3836fd5700214436/nss3.dll
91.202.233.158
 malicious
http://91.202.233.158/3836fd5700214436/freebl3.dll
91.202.233.158
 malicious
http://nicetolosv.xyz/tmp/
malicious
http://olihonols.in.net/tmp/
malicious
https://aka.ms/odirmr
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
http://cert.ssl.com/SSLcom-SubCA-CodeSigning-RSA-4096-R1.cer0Q
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
unknown
http://91.202.233.158/e96ea2db21fa9a1b.php.dll
unknown
https://api.msn.com:443/v1/news/Feed/Windows?
unknown
https://github.com/testdemo345/DemoThing/raw/main/WebDriver.dll
unknown
https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
unknown
http://www.x-ways.net/winhex/subscribe-d.htmlU
unknown
https://excel.office.com
unknown
https://www.autoitscript.com/autoit3/
unknown
https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
unknown
https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
unknown
http://91.202.233.158/e96ea2db21fa9a1b.php3
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
unknown
http://www.x-ways.net/order.html-d.htmlS
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
unknown
http://91.202.233.158/e96ea2db21fa9a1b.php7
unknown
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
unknown
http://91.202.233.158/3836fd5700214436/nss3.dll:
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://91.202.233.158/e96ea2db21fa9a1b.php-fulluser-l1-1-0
unknown
http://91.202.233.158/e96ea2db21fa9a1b.php?
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
unknown
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
unknown
https://cdn.epnacl
unknown
http://www.autoitscript.com/autoit3/J
unknown
https://wns.windows.com/L
unknown
http://www.mozilla.com/en-US/blocklist/
unknown
https://www.x-ways.net/winhex/forum/www.x-ways.net/winhex/templates/www.x-ways.net/dongle_protection
unknown
https://word.office.com
unknown
http://91.202.233.158/7
unknown
https://mozilla.org0/
unknown
https://stackoverflow.com/q/14436606/23354
unknown
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK201621kbG1nY
unknown
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
unknown
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Ed1aWxkV
unknown
https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
unknown
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
unknown
https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
unknown
http://nsis.sf.net/NSIS_ErrorError
unknown
http://91.202.233.158/E
unknown
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17mluIFdhbGxldHxmbmpobWtoaG1rYm
unknown
http://schemas.micr
unknown
https://www.ecosia.org/newtab/
unknown
https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
unknown
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
unknown
https://github.com/testdemo345/DemoThing/raw/main/chromedriver.exe
unknown
https://cdn.ep
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
unknown
http://91.202.233.158/e96ea2db21fa9a1b.phpg
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
unknown
https://www.rd.com/list/polite-habits-campers-dislike/
unknown
https://stackoverflow.com/q/2152978/23354rCannot
unknown
https://android.notify.windows.com/iOS
unknown
http://91.202.233.158/e96ea2db21fa9a1b.phpo
unknown
https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
unknown
https://outlook.com_
unknown
http://www.x-ways.net/winhex/license
unknown
https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
unknown
https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
unknown
http://91.202.233.158/3836fd5700214436/softokn3.dllR
unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF
unknown
http://schemas.mi
unknown
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17WdsYWhtbmRlZHwxfDB8MHxab2hvIF
unknown
http://ocsp.sectigo.com0
unknown
https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
unknown
http://91.202.233.158/e96ea2db21fa9a1b.phpg0
unknown
https://powerpoint.office.comcember
unknown
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e173810.9
unknown
http://ocsps.ssl.com0
unknown
https://github.com/tesseract-ocr/tessdata/
unknown
https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://91.202.233.158/e96ea2db21fa9a1b.phpN=
unknown
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
unknown
http://schemas.micro
unknown
http://www.x-ways.net/order
unknown
https://github.com/testdemo345/DemoThing/raw/main/msedgedriver.exe
unknown
https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
unknown
http://91.202.233.158/e96ea2db21fa9a1b.phption:
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
epohe.ru
185.12.79.25
 malicious
free.cdn.hstgr.net
84.32.84.144
 malicious
www.darkviolet-alpaca-923878.hostingersite.com
unknown
 malicious
ycMmBvpGeMcYHBMfFqkIrUsoh.ycMmBvpGeMcYHBMfFqkIrUsoh
unknown
 malicious

IPs

IP
Domain
Country
Malicious
91.202.233.158
unknown
Russian Federation
malicious
94.228.169.44
unknown
Russian Federation
malicious
92.36.226.66
unknown
Bosnia and Herzegowina
malicious
84.32.84.144
free.cdn.hstgr.net
Lithuania
malicious
191.191.224.16
unknown
Brazil
malicious
45.202.35.38
unknown
Seychelles
malicious

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:00000000000402A2
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{FBF23B40-E3F0-101B-8488-00AA003E56F8} {000214E4-0000-0000-C000-000000000046} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JFpevcg.rkr
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.FriendlyAppName
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\System32\WScript.exe.ApplicationCompany
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
@explorerframe.dll,-13137
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
@explorerframe.dll,-13138
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{33154C99-BF49-443D-A73C-303A23ABBE97} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search
InstalledWin32AppsRevision
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
JScriptSetScriptStateStarted
There are 219 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
9FE000
heap
page read and write
 malicious
6B0000
direct allocation
page read and write
 malicious
7B1000
unclassified section
page read and write
 malicious
2361000
unclassified section
page read and write
 malicious
850000
direct allocation
page read and write
 malicious
3019000
direct allocation
page execute and read and write
 malicious
1508000
trusted library allocation
page read and write
A2F000
heap
page read and write
2E0A000
heap
page read and write
2380000
heap
page read and write
AE7000
heap
page read and write
202F000
stack
page read and write
7FF5ED9CA000
unkown
page readonly
164E000
trusted library allocation
page read and write
B40000
trusted library allocation
page read and write
3020000
unkown
page read and write
3450000
unkown
page read and write
D6E000
stack
page read and write
B4D0000
unkown
page read and write
9070000
unkown
page read and write
3020000
unkown
page read and write
20D0D000
heap
page read and write
8EF0000
unkown
page read and write
4478000
trusted library allocation
page read and write
A6F000
heap
page read and write
B40000
trusted library allocation
page read and write
1915000
heap
page read and write
4C8F000
stack
page read and write
4AB0000
trusted library allocation
page execute and read and write
8750000
unkown
page read and write
D71000
heap
page read and write
19600B1A000
heap
page read and write
16B4000
heap
page read and write
3170000
unkown
page read and write
3170000
unkown
page read and write
2F3F000
stack
page read and write
9D0000
trusted library allocation
page read and write
7FF5ED9D6000
unkown
page readonly
2250000
heap
page read and write
8EF0000
unkown
page read and write
B4F000
heap
page read and write
A19F000
stack
page read and write
20D28000
heap
page read and write
7FF5ED625000
unkown
page readonly
3030000
unkown
page read and write
3020000
unkown
page read and write
D73000
heap
page read and write
9070000
unkown
page read and write
150D000
trusted library allocation
page read and write
3448000
heap
page read and write
7FF5ED844000
unkown
page readonly
8760000
unkown
page read and write
B4D0000
unkown
page read and write
C516000
unkown
page read and write
8750000
unkown
page read and write
37A8000
unkown
page read and write
CB95000
unkown
page read and write
8740000
unkown
page read and write
20D1D000
heap
page read and write
2C0F000
stack
page read and write
9070000
unkown
page read and write
C92D000
unkown
page read and write
7FF5ED349000
unkown
page readonly
587000
remote allocation
page execute and read and write
3261000
heap
page read and write
9070000
unkown
page read and write
7FF5ECED2000
unkown
page readonly
7FF5ED864000
unkown
page readonly
12FF000
stack
page read and write
385F000
stack
page read and write
36D5000
stack
page read and write
283C000
heap
page read and write
7E60000
unkown
page read and write
AF3000
heap
page read and write
3020000
unkown
page read and write
3261000
heap
page read and write
A33000
heap
page read and write
840000
heap
page read and write
C01000
heap
page read and write
270F000
stack
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
A01B000
stack
page read and write
3170000
unkown
page read and write
3170000
unkown
page read and write
3020000
unkown
page read and write
2B98000
heap
page read and write
7F50000
unkown
page read and write
9070000
unkown
page read and write
1956000
heap
page read and write
15AC000
trusted library allocation
page read and write
5200000
heap
page read and write
FDF4F1A000
stack
page read and write
87B0000
unkown
page read and write
184F000
heap
page read and write
2AF8000
heap
page read and write
3C4D000
trusted library allocation
page read and write
190000
heap
page read and write
18C8000
heap
page read and write
7FF5ED68B000
unkown
page readonly
9070000
unkown
page read and write
7FF5EDA53000
unkown
page readonly
1506000
trusted library allocation
page read and write
20D23000
heap
page read and write
22ADB3AC000
heap
page read and write
A491000
unkown
page read and write
C16000
heap
page read and write
AA90000
unkown
page read and write
F9E3000
unkown
page read and write
456000
unkown
page write copy
1A28000
heap
page read and write
18C7000
heap
page read and write
AAC000
heap
page read and write
22E0000
heap
page read and write
49FE000
stack
page read and write
B4D0000
unkown
page read and write
2450000
trusted library allocation
page read and write
3440000
unkown
page read and write
B4D0000
unkown
page read and write
D64000
heap
page read and write
D44000
heap
page read and write
1AD9A000
heap
page read and write
B7C000
heap
page read and write
C6F4000
unkown
page read and write
7FF5ED9E1000
unkown
page readonly
9070000
unkown
page read and write
8750000
unkown
page read and write
8820000
unkown
page read and write
7FF5ED8E2000
unkown
page readonly
B150000
unkown
page read and write
D64000
heap
page read and write
E0E000
heap
page read and write
291B000
heap
page read and write
15FD000
trusted library allocation
page read and write
43C1000
heap
page read and write
20D36000
heap
page read and write
C8E1000
unkown
page read and write
8D6B000
stack
page read and write
8750000
unkown
page read and write
23D0000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
18B2000
heap
page read and write
410000
unkown
page execute read
2260000
heap
page read and write
274E000
stack
page read and write
15FC000
trusted library allocation
page read and write
7FF5ED810000
unkown
page readonly
B4D0000
unkown
page read and write
B16000
heap
page read and write
16B4000
heap
page read and write
8760000
unkown
page read and write
3020000
unkown
page read and write
20D42000
heap
page read and write
7FF5ED9C8000
unkown
page readonly
3CA3000
heap
page read and write
9070000
unkown
page read and write
C6BF000
unkown
page read and write
25E1000
heap
page read and write
1508000
trusted library allocation
page read and write
28FA000
heap
page read and write
52E3000
heap
page read and write
27088000
heap
page read and write
9070000
unkown
page read and write
B4D0000
unkown
page read and write
B40000
trusted library allocation
page read and write
20D28000
heap
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
401000
unkown
page execute read
B50000
heap
page read and write
2B22000
heap
page read and write
1882000
heap
page read and write
40B000
unkown
page write copy
C563000
unkown
page read and write
7FF5ED5F7000
unkown
page readonly
150C000
trusted library allocation
page read and write
7D53000
unkown
page read and write
B22000
heap
page read and write
BB9000
heap
page read and write
7FF5ED73D000
unkown
page readonly
3460000
unkown
page read and write
89A0000
unkown
page read and write
4D0F000
stack
page read and write
19600AF5000
heap
page read and write
CB65000
unkown
page read and write
AD0000
heap
page read and write
7FF5ED8B4000
unkown
page readonly
3170000
unkown
page read and write
1088000
trusted library allocation
page read and write
3261000
heap
page read and write
1500000
trusted library allocation
page read and write
15CB000
trusted library allocation
page read and write
9070000
unkown
page read and write
7C90000
unkown
page read and write
18A0000
unkown
page readonly
7FF5ED9D9000
unkown
page readonly
B03000
heap
page read and write
1500000
trusted library allocation
page read and write
15CA000
trusted library allocation
page read and write
7FF5ED7D6000
unkown
page readonly
7FF5ED4B0000
unkown
page readonly
43C000
unkown
page read and write
7FF5ED507000
unkown
page readonly
9070000
unkown
page read and write
8EF0000
unkown
page read and write
3D90000
heap
page read and write
97A9000
unkown
page read and write
ED6000
unkown
page readonly
22ADB3B0000
heap
page read and write
73E000
stack
page read and write
FDF59FF000
stack
page read and write
7FF5ED669000
unkown
page readonly
C7F000
heap
page read and write
23E0000
direct allocation
page execute and read and write
848000
heap
page execute and read and write
28CD000
trusted library allocation
page read and write
3450000
unkown
page read and write
A52000
heap
page read and write
C49E000
stack
page read and write
986F000
unkown
page read and write
2310000
trusted library allocation
page execute and read and write
3010000
unkown
page read and write
9070000
unkown
page read and write
20D10000
heap
page read and write
9070000
unkown
page read and write
2251000
heap
page read and write
22ADB39F000
heap
page read and write
524000
heap
page read and write
5E4000
unkown
page readonly
3210000
unkown
page read and write
3681000
heap
page read and write
8750000
unkown
page read and write
B4D0000
unkown
page read and write
2C31000
heap
page read and write
196A000
heap
page read and write
348F000
heap
page read and write
20D20000
heap
page read and write
8740000
unkown
page read and write
C7C5000
unkown
page read and write
3010000
unkown
page read and write
97AD000
unkown
page read and write
B4D0000
unkown
page read and write
4BD0000
trusted library section
page read and write
28FB000
heap
page read and write
3D00000
heap
page read and write
CA7C000
unkown
page read and write
7FF5ED433000
unkown
page readonly
1935000
heap
page read and write
347C000
heap
page read and write
2B21000
heap
page read and write
3440000
unkown
page read and write
9070000
unkown
page read and write
C57F000
unkown
page read and write
7FF5ED65C000
unkown
page readonly
A494000
unkown
page read and write
3020000
unkown
page read and write
453000
unkown
page read and write
20D0E000
heap
page read and write
B7C000
heap
page read and write
2E07F000
heap
page read and write
7DF4F3051000
unkown
page execute read
3534000
trusted library allocation
page read and write
1506000
trusted library allocation
page read and write
19600B20000
heap
page read and write
1BCF000
heap
page read and write
1856000
heap
page read and write
27087000
heap
page read and write
20D10000
heap
page read and write
3020000
unkown
page read and write
6CAAE000
unkown
page read and write
15AB000
trusted library allocation
page read and write
3170000
unkown
page read and write
8BF0000
unkown
page readonly
B4D0000
unkown
page read and write
3450000
unkown
page read and write
8750000
unkown
page read and write
2B71000
heap
page read and write
1A1C000
heap
page read and write
B4D0000
unkown
page read and write
19BD000
heap
page read and write
9F0000
heap
page read and write
8B4000
heap
page read and write
3170000
unkown
page read and write
3030000
unkown
page read and write
524000
heap
page read and write
A4FC000
unkown
page read and write
7FF5ED714000
unkown
page readonly
943B000
stack
page read and write
3261000
heap
page read and write
B7E000
heap
page read and write
524000
heap
page read and write
7FF5ED2A4000
unkown
page readonly
1A08000
heap
page read and write
D24000
heap
page read and write
192C000
heap
page read and write
892000
trusted library allocation
page read and write
3450000
unkown
page read and write
B08D000
stack
page read and write
35B7000
heap
page read and write
290C000
heap
page read and write
B5AE000
stack
page read and write
19600B0B000
heap
page read and write
3C90000
heap
page read and write
20D45000
heap
page read and write
7FF5ED449000
unkown
page readonly
3460000
unkown
page read and write
3170000
unkown
page read and write
42C7000
heap
page read and write
15B2000
trusted library allocation
page read and write
A32000
heap
page read and write
2E1C000
heap
page read and write
3D0E000
heap
page read and write
B4D0000
unkown
page read and write
9885000
unkown
page read and write
B4D0000
unkown
page read and write
9139000
stack
page read and write
FB9000
stack
page read and write
8EF0000
unkown
page read and write
9070000
unkown
page read and write
1AE7000
heap
page read and write
15E5000
trusted library allocation
page read and write
18E3000
heap
page read and write
326A000
heap
page read and write
12F9CFF000
stack
page read and write
9070000
unkown
page read and write
272A000
trusted library allocation
page read and write
9070000
unkown
page read and write
7FF5ED956000
unkown
page readonly
20D28000
heap
page read and write
AB08000
unkown
page read and write
8750000
unkown
page read and write
7FF5ED5A8000
unkown
page readonly
22EC000
stack
page read and write
9070000
unkown
page read and write
20D24000
heap
page read and write
7D20000
unkown
page readonly
3170000
unkown
page read and write
2DED000
heap
page read and write
9070000
unkown
page read and write
3685000
heap
page read and write
524000
heap
page read and write
5641000
unkown
page read and write
3170000
unkown
page read and write
410000
unkown
page execute read
20D00000
heap
page read and write
B47000
trusted library allocation
page execute and read and write
22CF000
stack
page read and write
AB4000
heap
page read and write
B4D0000
unkown
page read and write
9070000
unkown
page read and write
19D1000
heap
page read and write
18BC000
heap
page read and write
9070000
unkown
page read and write
B40000
trusted library allocation
page read and write
9070000
unkown
page read and write
B9D0000
unkown
page read and write
6D6000
unkown
page readonly
1595000
trusted library allocation
page read and write
2460000
heap
page execute and read and write
3170000
unkown
page read and write
9877000
unkown
page read and write
15AA000
trusted library allocation
page read and write
C857000
unkown
page read and write
20E0000
heap
page read and write
1853000
heap
page read and write
3DAE000
heap
page read and write
3261000
heap
page read and write
3DA5000
heap
page read and write
1884000
heap
page read and write
1A96F000
stack
page read and write
7FF5ED295000
unkown
page readonly
3020000
unkown
page read and write
12A000
stack
page read and write
199E000
heap
page read and write
3060000
unkown
page read and write
C4E000
heap
page read and write
8750000
unkown
page read and write
7FF5ED9FF000
unkown
page readonly
9070000
unkown
page read and write
7FF5ED7F1000
unkown
page readonly
9070000
unkown
page read and write
456000
unkown
page read and write
7DF4F3061000
unkown
page execute read
197D000
heap
page read and write
7F50000
unkown
page read and write
9869000
unkown
page read and write
35AF000
unkown
page read and write
1507000
trusted library allocation
page read and write
20D21000
heap
page read and write
19600AFE000
heap
page read and write
9070000
unkown
page read and write
150C000
trusted library allocation
page read and write
1AC91000
heap
page read and write
279F000
stack
page read and write
3020000
unkown
page read and write
3170000
unkown
page read and write
1AC91000
heap
page read and write
2908000
heap
page read and write
20D0F000
heap
page read and write
4FD000
remote allocation
page execute and read and write
193C000
heap
page read and write
1510000
unkown
page readonly
7FF5ED91A000
unkown
page readonly
15F9000
trusted library allocation
page read and write
9070000
unkown
page read and write
551E000
stack
page read and write
CE5000
heap
page read and write
2B15000
heap
page read and write
B4D0000
unkown
page read and write
69E000
stack
page read and write
A80000
heap
page read and write
3020000
unkown
page read and write
860000
trusted library allocation
page read and write
9070000
unkown
page read and write
F91000
trusted library allocation
page read and write
B52000
heap
page read and write
8760000
unkown
page read and write
D2E000
stack
page read and write
26DC000
trusted library allocation
page read and write
7F50000
unkown
page read and write
43C000
unkown
page read and write
187F000
heap
page read and write
1A8A000
heap
page read and write
7A8000
unkown
page read and write
ADF000
heap
page read and write
A38000
heap
page read and write
3450000
unkown
page read and write
7FF5ED9ED000
unkown
page readonly
3261000
heap
page read and write
5D00000
trusted library allocation
page execute and read and write
B72000
heap
page read and write
3170000
unkown
page read and write
6D0000
heap
page read and write
B650000
unkown
page read and write
1137000
trusted library allocation
page read and write
C84D000
unkown
page read and write
3261000
heap
page read and write
C2B000
heap
page read and write
15A3000
trusted library allocation
page read and write
7865000
unkown
page read and write
1872000
heap
page read and write
8EF0000
unkown
page read and write
A4B8000
unkown
page read and write
1830000
heap
page read and write
9070000
unkown
page read and write
343E000
unkown
page read and write
5AD000
remote allocation
page execute and read and write
9070000
unkown
page read and write
C0B000
heap
page read and write
3170000
unkown
page read and write
B4D0000
unkown
page read and write
459000
unkown
page write copy
3440000
unkown
page read and write
CA63000
unkown
page read and write
9070000
unkown
page read and write
20D2F000
heap
page read and write
3DE4000
heap
page read and write
A42000
heap
page read and write
8750000
unkown
page read and write
3450000
unkown
page read and write
3460000
unkown
page read and write
9070000
unkown
page read and write
DD4000
heap
page read and write
44C0000
trusted library allocation
page read and write
150F000
trusted library allocation
page read and write
A7F000
heap
page read and write
9D0000
trusted library allocation
page read and write
7859000
unkown
page read and write
CE4000
heap
page read and write
7FF5ED46A000
unkown
page readonly
BEB000
heap
page read and write
D69000
heap
page read and write
3170000
unkown
page read and write
525A000
heap
page read and write
1F0000
heap
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
FA2B000
unkown
page read and write
8B6000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
7FF5ED6DB000
unkown
page readonly
408000
unkown
page readonly
1C2E000
heap
page read and write
B4D0000
unkown
page read and write
2E0D000
heap
page read and write
9070000
unkown
page read and write
A68000
heap
page read and write
7FF5ED743000
unkown
page readonly
ED40000
heap
page read and write
7F50000
unkown
page read and write
150B000
trusted library allocation
page read and write
22ADB395000
heap
page read and write
EE0000
unkown
page write copy
8750000
unkown
page read and write
83E000
stack
page read and write
22ADB3BA000
heap
page read and write
1200000
unkown
page readonly
8760000
unkown
page read and write
3D3D000
heap
page read and write
18AD000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
7DF4F3030000
unkown
page readonly
36D3000
stack
page read and write
B72000
heap
page read and write
1037000
trusted library allocation
page read and write
1C16000
heap
page read and write
3460000
unkown
page read and write
1505000
trusted library allocation
page read and write
19600B24000
heap
page read and write
4670000
trusted library allocation
page read and write
7FF5ED33F000
unkown
page readonly
20D45000
heap
page read and write
9CE000
stack
page read and write
A40000
heap
page read and write
AE8000
heap
page read and write
2DD8000
heap
page read and write
9D0000
trusted library allocation
page read and write
3020000
unkown
page read and write
AAD1000
unkown
page read and write
3030000
unkown
page read and write
15BF000
stack
page read and write
C6F8000
unkown
page read and write
524000
heap
page read and write
14B0000
unkown
page readonly
15AD000
trusted library allocation
page read and write
AB6000
heap
page read and write
3020000
unkown
page read and write
B4B000
trusted library allocation
page execute and read and write
C4D000
heap
page read and write
9AF000
stack
page read and write
3261000
heap
page read and write
8EF0000
unkown
page read and write
4096000
heap
page read and write
3261000
heap
page read and write
524000
heap
page read and write
7DF4F3041000
unkown
page execute read
9070000
unkown
page read and write
1230000
unkown
page read and write
26FDF000
stack
page read and write
16A6000
trusted library allocation
page read and write
C6F2000
unkown
page read and write
524000
heap
page read and write
41E000
remote allocation
page execute and read and write
8750000
unkown
page read and write
7FF5ED3F3000
unkown
page readonly
3220000
unkown
page readonly
7FF5ED986000
unkown
page readonly
46A000
remote allocation
page execute and read and write
1507000
trusted library allocation
page read and write
7FF5ED885000
unkown
page readonly
B4D0000
unkown
page read and write
7953000
unkown
page read and write
3D91000
heap
page read and write
13A1000
unkown
page read and write
8750000
unkown
page read and write
A50B000
unkown
page read and write
7F40000
unkown
page readonly
873000
trusted library allocation
page execute and read and write
20D0B000
heap
page read and write
9070000
unkown
page read and write
3DE9000
heap
page read and write
1502000
trusted library allocation
page read and write
15B8000
trusted library allocation
page read and write
B40000
trusted library allocation
page read and write
3030000
unkown
page read and write
291A000
heap
page read and write
3D59000
heap
page read and write
272C000
trusted library allocation
page read and write
BC9B000
stack
page read and write
786B000
unkown
page read and write
20DBB000
heap
page read and write
BDC0000
unkown
page readonly
A327000
unkown
page read and write
37F6000
unkown
page read and write
2965000
trusted library allocation
page read and write
3020000
unkown
page read and write
784A000
unkown
page read and write
1AC80000
heap
page read and write
8750000
unkown
page read and write
1956000
heap
page read and write
79FB000
unkown
page read and write
5E4000
unkown
page readonly
98A8000
unkown
page read and write
20D24000
heap
page read and write
8750000
unkown
page read and write
A87000
heap
page read and write
3170000
unkown
page read and write
B190000
unkown
page read and write
291A000
heap
page read and write
1872000
heap
page read and write
8750000
unkown
page read and write
B73000
heap
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
400000
unkown
page readonly
B4D0000
unkown
page read and write
2B68000
heap
page read and write
C04000
heap
page read and write
7FF5ED818000
unkown
page readonly
2B78000
heap
page read and write
3450000
unkown
page read and write
B7C000
heap
page read and write
3030000
unkown
page read and write
7F50000
unkown
page read and write
B7AE000
stack
page read and write
CA5000
heap
page read and write
9070000
unkown
page read and write
8750000
unkown
page read and write
3457000
heap
page read and write
B170000
unkown
page readonly
7FF5ED8A4000
unkown
page readonly
3261000
heap
page read and write
15C9000
trusted library allocation
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
52E9000
heap
page read and write
C78000
heap
page read and write
2726000
trusted library allocation
page read and write
C6A000
heap
page read and write
7FF5ED781000
unkown
page readonly
7F50000
unkown
page read and write
3170000
unkown
page read and write
9070000
unkown
page read and write
1916000
heap
page read and write
10C0000
unkown
page readonly
3040000
unkown
page read and write
9879000
unkown
page read and write
7FC000
stack
page read and write
3170000
unkown
page read and write
7FF5ED7C4000
unkown
page readonly
7FF5ED4B4000
unkown
page readonly
7FF5ED939000
unkown
page readonly
3020000
unkown
page read and write
7FF5ED4EF000
unkown
page readonly
20D44000
heap
page read and write
3D5E000
heap
page read and write
3460000
unkown
page read and write
7FF5ED42B000
unkown
page readonly
FA26000
unkown
page read and write
1507000
trusted library allocation
page read and write
400000
unkown
page readonly
19600B2C000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
2DAE0000
heap
page read and write
19600B22000
heap
page read and write
1A99000
heap
page read and write
1882000
heap
page read and write
B4D0000
unkown
page read and write
B41000
heap
page read and write
213E000
stack
page read and write
4990000
trusted library allocation
page read and write
9070000
unkown
page read and write
7DF4F3071000
unkown
page execute read
1505000
trusted library allocation
page read and write
3460000
unkown
page read and write
7DB000
stack
page read and write
1ACB9000
heap
page read and write
3170000
unkown
page read and write
3170000
unkown
page read and write
3460000
unkown
page read and write
18CD000
heap
page read and write
2B03000
heap
page read and write
7CC0000
unkown
page readonly
9070000
unkown
page read and write
1508000
trusted library allocation
page read and write
8750000
unkown
page read and write
19B000
stack
page read and write
1B08000
heap
page read and write
3460000
unkown
page read and write
18EC000
heap
page read and write
3020000
unkown
page read and write
B22B000
stack
page read and write
20D44000
heap
page read and write
8750000
unkown
page read and write
16EC000
trusted library allocation
page read and write
7FF5ED5C9000
unkown
page readonly
8740000
unkown
page read and write
4C4000
remote allocation
page execute and read and write
3450000
unkown
page read and write
EE0000
unkown
page write copy
22ADB38F000
heap
page read and write
7FF5ED975000
unkown
page readonly
3D71000
heap
page read and write
8760000
unkown
page read and write
3440000
unkown
page read and write
8FB9000
stack
page read and write
779000
unkown
page readonly
9798000
unkown
page read and write
9070000
unkown
page read and write
8A0000
heap
page read and write
1A1D000
heap
page read and write
26DE000
trusted library allocation
page read and write
2420000
heap
page read and write
1AC7000
heap
page read and write
2460000
heap
page read and write
20DBA000
heap
page read and write
4960000
trusted library allocation
page read and write
15DE000
trusted library allocation
page read and write
193A000
heap
page read and write
8EF0000
unkown
page read and write
3170000
unkown
page read and write
A2E000
heap
page read and write
2642000
trusted library allocation
page read and write
8750000
unkown
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
B4D0000
unkown
page read and write
3040000
unkown
page read and write
16B4000
heap
page read and write
3261000
heap
page read and write
A42000
heap
page read and write
9070000
unkown
page read and write
C76000
heap
page read and write
9070000
unkown
page read and write
8740000
unkown
page read and write
51F0000
trusted library allocation
page read and write
1ACC5000
heap
page read and write
26FE0000
trusted library allocation
page read and write
3170000
unkown
page read and write
982D000
unkown
page read and write
7FF5ED735000
unkown
page readonly
1620000
heap
page read and write
7FF5ED50A000
unkown
page readonly
7FF5D1CD4000
unkown
page readonly
7F50000
unkown
page read and write
BAF9000
stack
page read and write
C94000
heap
page read and write
ADD000
heap
page read and write
12F9DFE000
stack
page read and write
1A1D000
heap
page read and write
AA6000
heap
page read and write
3020000
unkown
page read and write
AA8000
heap
page read and write
3020000
unkown
page read and write
5E4000
unkown
page readonly
185000
heap
page read and write
3030000
unkown
page read and write
280E000
stack
page read and write
2AEF000
heap
page read and write
115F000
trusted library allocation
page read and write
7F50000
unkown
page read and write
3020000
unkown
page read and write
28EF000
heap
page read and write
C4D000
heap
page read and write
7FF5ED2A9000
unkown
page readonly
20D44000
heap
page read and write
1C29000
heap
page read and write
3020000
unkown
page read and write
7978000
unkown
page read and write
4C34000
unkown
page read and write
7FF5ED39E000
unkown
page readonly
7FF5ED77C000
unkown
page readonly
19600B2C000
heap
page read and write
1947000
heap
page read and write
3020000
unkown
page read and write
3290000
unkown
page read and write
2470000
heap
page read and write
2320000
heap
page read and write
15A5000
trusted library allocation
page read and write
20D3C000
heap
page read and write
1252000
trusted library allocation
page read and write
7FF5ED961000
unkown
page readonly
347C000
heap
page read and write
9070000
unkown
page read and write
7E50000
unkown
page readonly
4AA0000
trusted library allocation
page read and write
8750000
unkown
page read and write
867000
heap
page read and write
270000
unkown
page readonly
1907000
heap
page read and write
3D0B000
heap
page read and write
8820000
unkown
page read and write
3636000
heap
page read and write
CE4000
heap
page read and write
8820000
unkown
page read and write
9070000
unkown
page read and write
1A6EF000
stack
page read and write
20D27000
heap
page read and write
7FF5ED26E000
unkown
page readonly
7FF5ED404000
unkown
page readonly
3261000
heap
page read and write
3D46000
heap
page read and write
8750000
unkown
page read and write
3460000
unkown
page read and write
1B67000
heap
page read and write
26BC000
trusted library allocation
page read and write
190C000
heap
page read and write
20D25000
heap
page read and write
3261000
heap
page read and write
6C4000
heap
page read and write
BE5000
heap
page read and write
76A0000
unkown
page read and write
18C7000
heap
page read and write
3439000
heap
page read and write
7F50000
unkown
page read and write
9070000
unkown
page read and write
8B4000
heap
page read and write
A310000
unkown
page read and write
7FF5ED412000
unkown
page readonly
4BE1000
unkown
page read and write
3CE2000
heap
page read and write
2AA0000
heap
page read and write
2B8F000
heap
page read and write
A54000
heap
page read and write
830000
heap
page read and write
500E000
stack
page read and write
7D5000
heap
page read and write
9070000
unkown
page read and write
3D9A000
heap
page read and write
1A08000
heap
page read and write
B40000
trusted library allocation
page read and write
C4D000
heap
page read and write
FD91000
unkown
page read and write
1B48000
heap
page read and write
8750000
unkown
page read and write
8D0000
heap
page read and write
15D4000
trusted library allocation
page read and write
401000
unkown
page execute read
D64000
heap
page read and write
93BE000
stack
page read and write
8770000
unkown
page read and write
BEF000
stack
page read and write
2706000
trusted library allocation
page read and write
7AF000
unkown
page read and write
1945000
heap
page read and write
19600B0D000
heap
page read and write
9070000
unkown
page read and write
19600B2C000
heap
page read and write
7F50000
unkown
page read and write
8770000
unkown
page read and write
1B47000
heap
page read and write
AA6000
heap
page read and write
2707F000
heap
page read and write
8770000
unkown
page read and write
8820000
unkown
page read and write
BEB000
heap
page read and write
B40000
trusted library allocation
page read and write
3020000
unkown
page read and write
A7F000
heap
page read and write
A9D000
heap
page read and write
22ADB570000
heap
page read and write
B26000
heap
page read and write
C6E000
heap
page read and write
7FF5ED750000
unkown
page readonly
15DD000
trusted library allocation
page read and write
1CE000
stack
page read and write
20D3B000
heap
page read and write
1872000
heap
page read and write
26EDE000
stack
page read and write
1506000
trusted library allocation
page read and write
F91000
trusted library allocation
page read and write
8760000
stack
page read and write
874000
trusted library allocation
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
8DA0000
unkown
page read and write
1F0000
heap
page read and write
7DDF000
stack
page read and write
7D0000
heap
page read and write
524000
heap
page read and write
8820000
unkown
page read and write
2E0E000
heap
page read and write
8750000
unkown
page read and write
3170000
unkown
page read and write
9070000
unkown
page read and write
5E4000
unkown
page readonly
524000
heap
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
B629000
stack
page read and write
9070000
unkown
page read and write
B42000
trusted library allocation
page read and write
A52000
heap
page read and write
2DD0000
heap
page read and write
9070000
unkown
page read and write
19DC000
heap
page read and write
9070000
unkown
page read and write
2D9F000
stack
page read and write
E0D000
heap
page read and write
9550000
unkown
page readonly
873000
unkown
page readonly
2C60000
heap
page read and write
A379000
unkown
page read and write
59B0000
heap
page read and write
15AB000
trusted library allocation
page read and write
3170000
unkown
page read and write
1505000
trusted library allocation
page read and write
7FF5ED996000
unkown
page readonly
22ADB3B0000
heap
page read and write
C52C000
unkown
page read and write
9070000
unkown
page read and write
6CA6F000
unkown
page readonly
8EF0000
unkown
page read and write
8750000
unkown
page read and write
1BF4000
heap
page read and write
688000
unkown
page readonly
7F50000
unkown
page read and write
B68000
heap
page read and write
83F000
stack
page read and write
BD1D000
stack
page read and write
20D44000
heap
page read and write
9D0000
trusted library allocation
page read and write
9070000
unkown
page read and write
3020000
unkown
page read and write
1BC7000
heap
page read and write
B72A000
stack
page read and write
AFE000
heap
page read and write
2E1C000
heap
page read and write
CC4000
heap
page read and write
7FF5EDA38000
unkown
page readonly
B24000
heap
page read and write
DB0000
heap
page read and write
9070000
unkown
page read and write
3010000
unkown
page read and write
A29E000
stack
page read and write
1381000
unkown
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
1862000
heap
page read and write
1872000
heap
page read and write
3795000
unkown
page read and write
C561000
unkown
page read and write
3170000
unkown
page read and write
29F0000
heap
page read and write
2700000
trusted library allocation
page read and write
C6E3000
unkown
page read and write
150A000
trusted library allocation
page read and write
510E000
stack
page read and write
B4D0000
unkown
page read and write
2B23000
heap
page read and write
9B60000
unkown
page readonly
8750000
unkown
page read and write
4B50000
unkown
page read and write
7FF5ED86B000
unkown
page readonly
C35000
heap
page read and write
BE0000
heap
page read and write
2DEF000
heap
page read and write
7FF5ED1F6000
unkown
page readonly
7FF5ED933000
unkown
page readonly
8750000
unkown
page read and write
3020000
unkown
page read and write
B4D0000
unkown
page read and write
22ADB565000
heap
page read and write
B4D0000
unkown
page read and write
9070000
unkown
page read and write
1500000
heap
page read and write
BA4E000
stack
page read and write
3170000
unkown
page read and write
2653000
trusted library allocation
page read and write
EB0000
unkown
page readonly
E20000
unkown
page readonly
DF2000
heap
page read and write
22ADB56C000
heap
page read and write
83F000
stack
page read and write
17F4000
heap
page read and write
3170000
unkown
page read and write
6C830000
unkown
page readonly
7FF5D1CCD000
unkown
page readonly
1924000
heap
page read and write
1503000
trusted library allocation
page read and write
9C000
stack
page read and write
150B000
trusted library allocation
page read and write
3448000
heap
page read and write
7FF5ED695000
unkown
page readonly
F91000
trusted library allocation
page read and write
8750000
unkown
page read and write
347C000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
C6C9000
unkown
page read and write
7E11000
unkown
page read and write
7FF5ED46E000
unkown
page readonly
D25000
heap
page read and write
C700000
unkown
page read and write
9815000
unkown
page read and write
25D0000
heap
page read and write
6E9000
unkown
page readonly
1DE000
stack
page read and write
291A000
heap
page read and write
7FF5ED97A000
unkown
page readonly
1C12000
heap
page read and write
9D0000
trusted library allocation
page read and write
6C0000
heap
page read and write
150B000
trusted library allocation
page read and write
1AC8000
heap
page read and write
19C000
stack
page read and write
A33000
heap
page read and write
1A0A000
heap
page read and write
400000
unkown
page execute and read and write
3460000
unkown
page read and write
150E000
trusted library allocation
page read and write
EE9000
unkown
page readonly
B3B000
heap
page read and write
3659000
stack
page read and write
7FF5ED853000
unkown
page readonly
2B78000
heap
page read and write
462E000
stack
page read and write
15DB000
trusted library allocation
page read and write
3020000
unkown
page read and write
26DB0000
heap
page read and write
3460000
unkown
page read and write
A7F000
heap
page read and write
BEC000
heap
page read and write
9070000
unkown
page read and write
DD4000
heap
page read and write
1A1D000
heap
page read and write
16EA000
trusted library allocation
page read and write
9070000
unkown
page read and write
785D000
unkown
page read and write
19A000
stack
page read and write
7FF5ED755000
unkown
page readonly
96DF000
unkown
page read and write
C08A000
stack
page read and write
3460000
unkown
page read and write
15C4000
trusted library allocation
page read and write
B40000
trusted library allocation
page read and write
9070000
unkown
page read and write
1AC90000
heap
page read and write
91B8000
stack
page read and write
E4A0000
unkown
page read and write
7FF5ED697000
unkown
page readonly
A364000
unkown
page read and write
524000
heap
page read and write
AE7000
heap
page read and write
7FF5ED8E7000
unkown
page readonly
8750000
unkown
page read and write
B140000
unkown
page readonly
3C99000
heap
page read and write
20D2F000
heap
page read and write
9977000
unkown
page read and write
7FF5EDA0D000
unkown
page readonly
A70000
heap
page read and write
3450000
heap
page read and write
18F7000
heap
page read and write
7D40000
unkown
page read and write
D64000
heap
page read and write
1502000
trusted library allocation
page read and write
5590000
unkown
page write copy
EE0000
unkown
page read and write
B4D0000
unkown
page read and write
C6D8000
unkown
page read and write
1BCF000
heap
page read and write
1956000
heap
page read and write
9070000
unkown
page read and write
3020000
unkown
page read and write
1095000
stack
page read and write
BD98000
stack
page read and write
9070000
unkown
page read and write
13B0000
unkown
page read and write
194D000
heap
page read and write
8B0000
heap
page read and write
27B0000
heap
page read and write
28D0000
trusted library allocation
page read and write
1A27000
heap
page read and write
8750000
unkown
page read and write
2920000
heap
page read and write
2B47000
heap
page read and write
401000
unkown
page execute read
B4D0000
unkown
page read and write
B4D0000
unkown
page read and write
B8B0000
unkown
page read and write
433000
unkown
page read and write
1503000
trusted library allocation
page read and write
1503000
trusted library allocation
page read and write
896000
trusted library allocation
page execute and read and write
1A08000
heap
page read and write
B40000
trusted library allocation
page read and write
9070000
unkown
page read and write
349F000
heap
page read and write
20D1D000
heap
page read and write
1602000
trusted library allocation
page read and write
15F8000
trusted library allocation
page read and write
7CA0000
unkown
page read and write
8210000
unkown
page read and write
22ADB3B0000
heap
page read and write
4A9E000
stack
page read and write
20D28000
heap
page read and write
20D1E000
heap
page read and write
3010000
unkown
page read and write
874000
heap
page read and write
9070000
unkown
page read and write
E0E000
heap
page read and write
63C000
unkown
page write copy
43C000
unkown
page write copy
19602840000
heap
page read and write
9070000
unkown
page read and write
349B000
heap
page read and write
20D36000
heap
page read and write
19600B24000
heap
page read and write
1669000
trusted library allocation
page read and write
7FF5ED39B000
unkown
page readonly
3460000
unkown
page read and write
2E0A000
heap
page read and write
7FF5ED516000
unkown
page readonly
20D19000
heap
page read and write
19600A80000
heap
page read and write
3170000
unkown
page read and write
586D000
stack
page read and write
8750000
unkown
page read and write
87CA000
unkown
page read and write
56C0000
trusted library allocation
page read and write
FD74000
unkown
page read and write
2704000
trusted library allocation
page read and write
8740000
unkown
page read and write
3261000
heap
page read and write
9F9E000
stack
page read and write
2350000
heap
page read and write
71E000
stack
page read and write
EB0000
unkown
page readonly
20D17000
heap
page read and write
460E000
stack
page read and write
9D0000
trusted library allocation
page read and write
B10D000
stack
page read and write
78A0000
unkown
page read and write
3170000
unkown
page read and write
8EF0000
unkown
page read and write
FDF55FF000
stack
page read and write
15DA000
trusted library allocation
page read and write
8750000
unkown
page read and write
3020000
unkown
page read and write
15C9000
trusted library allocation
page read and write
7F50000
unkown
page read and write
3020000
unkown
page read and write
3170000
unkown
page read and write
D04000
heap
page read and write
3170000
unkown
page read and write
7847000
unkown
page read and write
3261000
heap
page read and write
8770000
unkown
page read and write
999000
stack
page read and write
3D0F000
heap
page read and write
1502000
trusted library allocation
page read and write
7FF5ED9D2000
unkown
page readonly
7FF5ED451000
unkown
page readonly
4BE3000
unkown
page read and write
20D1B000
heap
page read and write
BE9000
heap
page read and write
FD70000
unkown
page read and write
8750000
unkown
page read and write
8EF0000
unkown
page read and write
15F4000
trusted library allocation
page read and write
9070000
unkown
page read and write
28ED000
heap
page read and write
B4D0000
unkown
page read and write
977A000
unkown
page read and write
9070000
unkown
page read and write
D44000
heap
page read and write
41F000
unkown
page read and write
5300000
trusted library allocation
page execute and read and write
A375000
unkown
page read and write
2915000
heap
page read and write
1C11000
heap
page read and write
8750000
unkown
page read and write
44C0000
trusted library allocation
page read and write
18F9000
heap
page read and write
351C000
heap
page read and write
7FF5ED6A5000
unkown
page readonly
31C000
stack
page read and write
3170000
unkown
page read and write
730000
heap
page read and write
273E000
stack
page read and write
1505000
heap
page read and write
2B78000
heap
page read and write
20D2F000
heap
page read and write
A6F000
heap
page read and write
850000
heap
page read and write
8760000
unkown
page read and write
9070000
unkown
page read and write
187F000
heap
page read and write
7FF5ED937000
unkown
page readonly
BCF000
heap
page read and write
7A0000
unclassified section
page read and write
2B1F000
unkown
page read and write
1AE7000
heap
page read and write
8820000
unkown
page read and write
159D000
trusted library allocation
page read and write
400000
unkown
page readonly
8760000
unkown
page read and write
19600AF5000
heap
page read and write
C10A000
stack
page read and write
15E5000
trusted library allocation
page read and write
5110000
trusted library allocation
page read and write
3261000
heap
page read and write
21AF000
stack
page read and write
3261000
heap
page read and write
2D70000
heap
page read and write
9070000
unkown
page read and write
260E000
stack
page read and write
22ADB3BA000
heap
page read and write
4CD0000
unkown
page read and write
9A5B000
unkown
page read and write
1862000
heap
page read and write
8740000
unkown
page read and write
8820000
unkown
page read and write
5140000
trusted library allocation
page read and write
351C000
heap
page read and write
A391000
unkown
page read and write
AA2000
heap
page read and write
15B4000
trusted library allocation
page read and write
3020000
unkown
page read and write
2F7C000
stack
page read and write
7FF5ED93E000
unkown
page readonly
B640000
unkown
page read and write
2FE0000
heap
page read and write
2E1C000
heap
page read and write
19A1000
heap
page read and write
25C0000
heap
page read and write
B4D0000
unkown
page read and write
EE9000
unkown
page readonly
291A000
heap
page read and write
4C18000
unkown
page read and write
266B000
trusted library allocation
page read and write
18BD000
heap
page read and write
2410000
heap
page read and write
8860000
unkown
page read and write
8760000
unkown
page read and write
7FF5ED3A7000
unkown
page readonly
3020000
unkown
page read and write
7B80000
unkown
page read and write
DFE000
heap
page read and write
2D00000
heap
page read and write
8770000
unkown
page read and write
34E9000
stack
page read and write
83A000
heap
page read and write
3CA2000
heap
page read and write
34A0000
heap
page read and write
600000
heap
page read and write
3030000
unkown
page read and write
B4D0000
unkown
page read and write
D65000
heap
page read and write
3D24000
heap
page read and write
A80000
heap
page read and write
870000
trusted library allocation
page read and write
4A10000
heap
page read and write
7FF5ED803000
unkown
page readonly
379E000
unkown
page read and write
500000
remote allocation
page execute and read and write
3D4F000
heap
page read and write
3D00000
heap
page read and write
4670000
trusted library allocation
page read and write
9795000
unkown
page read and write
990000
heap
page read and write
7FF5ED1D6000
unkown
page readonly
A4A000
heap
page read and write
DE0000
unkown
page readonly
860000
unclassified section
page read and write
1BF4000
heap
page read and write
1501000
trusted library allocation
page read and write
B2AC000
stack
page read and write
2D21000
heap
page read and write
1507000
trusted library allocation
page read and write
1946000
heap
page read and write
7FF5ED8C1000
unkown
page readonly
9070000
unkown
page read and write
524000
heap
page read and write
2D21000
heap
page read and write
2AB1000
heap
page read and write
1504000
trusted library allocation
page read and write
56C3000
unkown
page read and write
2910000
heap
page read and write
315F000
stack
page read and write
A93000
heap
page read and write
3170000
unkown
page read and write
A73000
heap
page read and write
1BA7000
heap
page read and write
4D70000
heap
page read and write
6E4000
unkown
page write copy
1877000
heap
page read and write
1590000
trusted library allocation
page read and write
4983000
trusted library allocation
page read and write
8BB000
heap
page read and write
1A5C000
heap
page read and write
7FF5ED8F9000
unkown
page readonly
3020000
unkown
page read and write
400000
unkown
page readonly
2630000
heap
page read and write
DCA000
heap
page read and write
8740000
unkown
page read and write
8740000
unkown
page read and write
3170000
unkown
page read and write
2AA1000
heap
page read and write
787C000
unkown
page read and write
61ED0000
direct allocation
page read and write
1964000
heap
page read and write
989000
heap
page read and write
3580000
unkown
page readonly
7FF5ED1FC000
unkown
page readonly
8770000
unkown
page read and write
1A65000
heap
page read and write
3460000
unkown
page read and write
8820000
unkown
page read and write
9070000
unkown
page read and write
7FF5ED850000
unkown
page readonly
AA8000
heap
page read and write
C811000
unkown
page read and write
A7A000
heap
page read and write
46B0000
heap
page read and write
2B9E000
heap
page read and write
B4A000
heap
page read and write
FD22000
heap
page read and write
232C000
stack
page read and write
7FF5ED87D000
unkown
page readonly
19FA000
heap
page read and write
1AB8000
heap
page read and write
2B03000
heap
page read and write
15E1000
trusted library allocation
page read and write
15C2000
trusted library allocation
page read and write
88A000
heap
page execute and read and write
15AC000
trusted library allocation
page read and write
1A5EF000
stack
page read and write
1506000
trusted library allocation
page read and write
3261000
heap
page read and write
7F50000
unkown
page read and write
C5A0000
unkown
page read and write
3261000
heap
page read and write
2983000
trusted library allocation
page read and write
2E0A000
heap
page read and write
7FF5ED342000
unkown
page readonly
AA0000
heap
page read and write
20D28000
heap
page read and write
23CE000
stack
page read and write
20D1C000
heap
page read and write
1591000
trusted library allocation
page read and write
FD30000
unkown
page read and write
3030000
unkown
page read and write
9688000
unkown
page read and write
15A9000
trusted library allocation
page read and write
408000
unkown
page readonly
5120000
trusted library allocation
page read and write
CC4000
heap
page read and write
7869000
unkown
page read and write
143B000
stack
page read and write
9070000
unkown
page read and write
26DB3000
heap
page read and write
1A18000
heap
page read and write
2E5F000
stack
page read and write
22ADB3C5000
heap
page read and write
1480000
heap
page read and write
980000
heap
page read and write
4FCF000
stack
page read and write
2D5E000
stack
page read and write
ACE000
stack
page read and write
87A0000
unkown
page read and write
2400000
heap
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
3030000
unkown
page read and write
AA8000
heap
page read and write
9070000
unkown
page read and write
19D000
stack
page read and write
1F0000
heap
page read and write
B56000
heap
page read and write
37AC000
unkown
page read and write
ACC000
heap
page read and write
7FF5ED286000
unkown
page readonly
9070000
unkown
page read and write
9070000
unkown
page read and write
4C4E000
stack
page read and write
9070000
unkown
page read and write
B40000
trusted library allocation
page read and write
19600AE8000
heap
page read and write
B24000
heap
page read and write
8740000
unkown
page read and write
3D85000
heap
page read and write
B23000
heap
page read and write
51E0000
trusted library allocation
page read and write
16DC000
trusted library allocation
page read and write
2B15000
heap
page read and write
2E1E000
stack
page read and write
3010000
unkown
page read and write
7FF5ED93B000
unkown
page readonly
3261000
heap
page read and write
3010000
unkown
page read and write
EE9000
unkown
page readonly
3170000
unkown
page read and write
8A0000
heap
page read and write
4670000
trusted library allocation
page read and write
524000
heap
page read and write
15B8000
trusted library allocation
page read and write
8740000
unkown
page read and write
2DAB0000
heap
page read and write
1032000
trusted library allocation
page read and write
20D28000
heap
page read and write
3170000
unkown
page read and write
CA42000
unkown
page read and write
28CF000
stack
page read and write
A52000
heap
page read and write
79D3000
unkown
page read and write
7FF5ED4FD000
unkown
page readonly
297C000
stack
page read and write
3170000
unkown
page read and write
986B000
unkown
page read and write
12F94FA000
stack
page read and write
8750000
unkown
page read and write
ADE000
heap
page read and write
3020000
unkown
page read and write
7F50000
unkown
page read and write
8740000
unkown
page read and write
B81000
heap
page read and write
7867000
unkown
page read and write
1390000
heap
page read and write
15FD000
stack
page read and write
3700000
unkown
page read and write
C89A000
unkown
page read and write
3417000
trusted library allocation
page read and write
329F000
stack
page read and write
4BA6000
unkown
page read and write
FAA4000
unkown
page read and write
8750000
unkown
page read and write
3020000
unkown
page read and write
923E000
stack
page read and write
3170000
unkown
page read and write
20D28000
heap
page read and write
7FF5EDA11000
unkown
page readonly
B4D0000
unkown
page read and write
C35000
heap
page read and write
7FF5ED337000
unkown
page readonly
2FDF000
stack
page read and write
8750000
unkown
page read and write
1A44000
heap
page read and write
BDD0000
unkown
page readonly
A21E000
stack
page read and write
8750000
unkown
page read and write
22ADB39E000
heap
page read and write
18E5000
heap
page read and write
3170000
unkown
page read and write
1A08000
heap
page read and write
C51E000
unkown
page read and write
3010000
unkown
page read and write
8750000
unkown
page read and write
7FF5EDA0B000
unkown
page readonly
7FF5ED534000
unkown
page readonly
2475000
heap
page read and write
8740000
unkown
page read and write
3170000
unkown
page read and write
3DED000
heap
page read and write
1A4B000
heap
page read and write
C6C1000
unkown
page read and write
ED6000
unkown
page readonly
9070000
unkown
page read and write
1670000
heap
page read and write
B8F000
heap
page read and write
9070000
unkown
page read and write
4670000
trusted library allocation
page read and write
9070000
unkown
page read and write
1967000
heap
page read and write
8C40000
unkown
page readonly
366B000
heap
page read and write
19600AE7000
heap
page read and write
A3E000
heap
page read and write
29AE000
stack
page read and write
3170000
unkown
page read and write
BDA0000
unkown
page readonly
4CB0000
unkown
page read and write
DF4000
heap
page read and write
C3A000
heap
page read and write
1945000
heap
page read and write
9D0000
trusted library allocation
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
187000
heap
page read and write
29EF000
stack
page read and write
9070000
unkown
page read and write
4B93000
unkown
page read and write
BC4000
heap
page read and write
1240000
heap
page read and write
20E0F000
heap
page read and write
8750000
unkown
page read and write
7FF5ED41C000
unkown
page readonly
18DA000
heap
page read and write
ED6000
unkown
page readonly
3491000
heap
page read and write
C4D000
heap
page read and write
22E0000
direct allocation
page read and write
667000
unkown
page write copy
B4D0000
unkown
page read and write
8820000
unkown
page read and write
37A0000
unkown
page read and write
166E000
stack
page read and write
A9C000
heap
page read and write
2B2E000
heap
page read and write
20D1B000
heap
page read and write
26B6000
trusted library allocation
page read and write
28ED000
heap
page read and write
87A000
heap
page read and write
E20000
unkown
page readonly
2908000
heap
page read and write
B24000
heap
page read and write
19FD000
heap
page read and write
2B63000
heap
page read and write
2D21000
heap
page read and write
7FF5ED806000
unkown
page readonly
5E4000
unkown
page readonly
230C000
stack
page read and write
B4D0000
unkown
page read and write
43C1000
heap
page read and write
7FF5ED279000
unkown
page readonly
2B21000
heap
page read and write
12F95FF000
stack
page read and write
9070000
unkown
page read and write
381E000
direct allocation
page read and write
1B47000
heap
page read and write
22ADB360000
heap
page read and write
F962000
unkown
page read and write
2DED000
heap
page read and write
23D0000
heap
page read and write
97C3000
unkown
page read and write
400000
unkown
page readonly
76C0000
unkown
page read and write
F91000
trusted library allocation
page read and write
4ECE000
stack
page read and write
B4A000
heap
page read and write
26DCC000
heap
page read and write
43C000
unkown
page write copy
7FF5ED980000
unkown
page readonly
15CE000
stack
page read and write
B22000
heap
page read and write
8750000
unkown
page read and write
7FF5ED800000
unkown
page readonly
15F5000
trusted library allocation
page read and write
AE7000
heap
page read and write
28D8000
heap
page read and write
2E1D000
heap
page read and write
5722000
trusted library allocation
page read and write
3431000
heap
page read and write
3010000
unkown
page read and write
16B4000
heap
page read and write
1501000
trusted library allocation
page read and write
280E000
unkown
page read and write
6B0000
unkown
page readonly
7FF5ED495000
unkown
page readonly
3170000
unkown
page read and write
22ADB3C8000
heap
page read and write
288E000
stack
page read and write
2C5F000
stack
page read and write
26EF000
stack
page read and write
4670000
trusted library allocation
page read and write
105B000
trusted library allocation
page read and write
878000
heap
page read and write
7FF5ED847000
unkown
page readonly
3440000
unkown
page read and write
524000
heap
page read and write
2908000
heap
page read and write
28AC000
stack
page read and write
19600DA0000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
B80000
heap
page read and write
840000
direct allocation
page execute and read and write
92E000
heap
page read and write
3170000
unkown
page read and write
9070000
unkown
page read and write
185A000
heap
page read and write
997000
heap
page read and write
7FF5ED77E000
unkown
page readonly
A502000
unkown
page read and write
2B62000
heap
page read and write
347C000
heap
page read and write
20D0B000
heap
page read and write
B4D0000
unkown
page read and write
3CA2000
heap
page read and write
20D21000
heap
page read and write
20D44000
heap
page read and write
8750000
unkown
page read and write
2CE8000
heap
page read and write
9070000
unkown
page read and write
1A7F000
heap
page read and write
9D0000
trusted library allocation
page read and write
7FF5ED1CF000
unkown
page readonly
91E000
stack
page read and write
CE4000
heap
page read and write
B4D0000
unkown
page read and write
7FF5ED4A1000
unkown
page readonly
6F0000
heap
page read and write
E08000
heap
page read and write
8750000
unkown
page read and write
8B60000
unkown
page readonly
1856000
heap
page read and write
8820000
unkown
page read and write
9871000
unkown
page read and write
1925000
heap
page read and write
3030000
unkown
page read and write
16B0000
heap
page read and write
7FF5ED3EA000
unkown
page readonly
8740000
stack
page read and write
B40000
trusted library allocation
page read and write
A49E000
unkown
page read and write
FDF57FF000
stack
page read and write
C962000
unkown
page read and write
8B0000
heap
page read and write
1501000
trusted library allocation
page read and write
9070000
unkown
page read and write
4D40000
heap
page read and write
7CD0000
unkown
page read and write
3CC6000
heap
page read and write
880000
trusted library allocation
page read and write
1504000
trusted library allocation
page read and write
8770000
unkown
page read and write
400000
unkown
page readonly
A361000
unkown
page read and write
9070000
unkown
page read and write
8F00000
unkown
page read and write
307C000
stack
page read and write
12F99FE000
stack
page read and write
5720000
trusted library allocation
page read and write
7FF5ED52F000
unkown
page readonly
19D2000
heap
page read and write
C94000
heap
page read and write
9070000
unkown
page read and write
1A13000
heap
page read and write
9070000
unkown
page read and write
FA64000
unkown
page read and write
3261000
heap
page read and write
97000
stack
page read and write
7FF5ED7CF000
unkown
page readonly
3B98000
trusted library allocation
page read and write
9070000
unkown
page read and write
54DF000
stack
page read and write
26DB8000
heap
page read and write
3170000
unkown
page read and write
4F1000
remote allocation
page execute and read and write
1504000
trusted library allocation
page read and write
3170000
unkown
page read and write
35A5000
heap
page read and write
3460000
unkown
page read and write
9E6C000
stack
page read and write
7FF5ED265000
unkown
page readonly
3040000
unkown
page read and write
7FF5ED64F000
unkown
page readonly
3C5B000
trusted library allocation
page read and write
3170000
unkown
page read and write
EE4000
unkown
page write copy
785F000
unkown
page read and write
2B62000
heap
page read and write
22ADB3B7000
heap
page read and write
B8AB000
stack
page read and write
2B5E000
stack
page read and write
3170000
unkown
page read and write
18D6000
heap
page read and write
D24000
heap
page read and write
906E000
stack
page read and write
49F000
remote allocation
page execute and read and write
3471000
trusted library allocation
page read and write
734000
heap
page read and write
993000
stack
page read and write
3170000
unkown
page read and write
2D15000
heap
page read and write
3020000
unkown
page read and write
B27000
heap
page read and write
37D2000
unkown
page read and write
3590000
unkown
page read and write
8750000
stack
page read and write
3020000
unkown
page read and write
8EF0000
unkown
page read and write
8750000
unkown
page read and write
3170000
unkown
page read and write
15C8000
trusted library allocation
page read and write
20D3B000
heap
page read and write
7FF5ED5C1000
unkown
page readonly
20D28000
heap
page read and write
A7D000
heap
page read and write
44C0000
trusted library allocation
page read and write
3362000
trusted library allocation
page read and write
20D45000
heap
page read and write
C507000
unkown
page read and write
3170000
unkown
page read and write
22ADB37B000
heap
page read and write
6CAAF000
unkown
page write copy
524000
heap
page read and write
8750000
unkown
page read and write
9070000
unkown
page read and write
9792000
unkown
page read and write
B4D0000
unkown
page read and write
2DF1000
heap
page read and write
3020000
unkown
page read and write
36F0000
unkown
page readonly
4A00000
trusted library allocation
page execute and read and write
DB0000
heap
page read and write
9070000
unkown
page read and write
4670000
trusted library allocation
page read and write
1502000
trusted library allocation
page read and write
3170000
unkown
page read and write
3170000
unkown
page read and write
180000
heap
page read and write
987D000
unkown
page read and write
3170000
unkown
page read and write
B9D0000
unkown
page read and write
20D44000
heap
page read and write
106F000
trusted library allocation
page read and write
19600AC0000
heap
page read and write
8EF0000
unkown
page read and write
20D02000
heap
page read and write
61E00000
direct allocation
page execute and read and write
2830000
heap
page read and write
56D9000
unkown
page read and write
1B27000
heap
page read and write
3261000
heap
page read and write
7FF5ED4C6000
unkown
page readonly
3170000
unkown
page read and write
FD2A000
heap
page read and write
1A8A000
heap
page read and write
344B000
heap
page read and write
8EF0000
unkown
page read and write
2CE0000
heap
page read and write
4B78000
unkown
page read and write
9D0000
trusted library allocation
page read and write
7FF5EDA31000
unkown
page readonly
15CA000
trusted library allocation
page read and write
B4D0000
unkown
page read and write
7FF5ED505000
unkown
page readonly
B4D0000
unkown
page read and write
3020000
unkown
page read and write
3450000
unkown
page read and write
2810000
heap
page read and write
43C000
unkown
page write copy
FD7C000
unkown
page read and write
1901000
heap
page read and write
100000
heap
page read and write
2911000
heap
page read and write
290B000
heap
page read and write
F91000
trusted library allocation
page read and write
7FF5ED5EB000
unkown
page readonly
4BDC000
unkown
page read and write
26D70000
heap
page read and write
7FF5ED471000
unkown
page readonly
DD0000
unkown
page readonly
2AD6000
heap
page read and write
3040000
unkown
page read and write
DD4000
heap
page read and write
17CE000
stack
page read and write
8750000
unkown
page read and write
8750000
unkown
page read and write
A99000
heap
page read and write
3170000
unkown
page read and write
7FF5EDA70000
unkown
page readonly
15EF000
trusted library allocation
page read and write
8750000
unkown
page read and write
3D3D000
heap
page read and write
19600A60000
heap
page read and write
25E0000
heap
page read and write
22ADB340000
heap
page read and write
3D3D000
heap
page read and write
8000000
unkown
page read and write
3430000
heap
page read and write
1872000
heap
page read and write
1508000
trusted library allocation
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
61ECD000
direct allocation
page readonly
15DB000
stack
page read and write
22ADD200000
heap
page read and write
22ADB389000
heap
page read and write
A0E000
stack
page read and write
19600980000
heap
page read and write
3030000
unkown
page read and write
26DC5000
heap
page read and write
19600AF5000
heap
page read and write
3797000
unkown
page read and write
3460000
unkown
page read and write
3440000
unkown
page read and write
7FF5ED942000
unkown
page readonly
7FF5ED6BA000
unkown
page readonly
3D4F000
heap
page read and write
8760000
unkown
page read and write
9070000
unkown
page read and write
8760000
unkown
page read and write
1875000
heap
page read and write
22ADB38F000
heap
page read and write
4B8B000
unkown
page read and write
3170000
unkown
page read and write
A3E000
heap
page read and write
8820000
unkown
page read and write
7FF5ED3D6000
unkown
page readonly
9C000
stack
page read and write
3261000
heap
page read and write
8750000
unkown
page read and write
19600AC8000
heap
page read and write
5E4000
unkown
page readonly
19600B2C000
heap
page read and write
3170000
unkown
page read and write
C15000
heap
page read and write
9070000
unkown
page read and write
B5D000
heap
page read and write
8750000
unkown
page read and write
466F000
stack
page read and write
7FF5ED92C000
unkown
page readonly
2430000
heap
page read and write
C5AA000
unkown
page read and write
2FBD000
stack
page read and write
7FF5ED68F000
unkown
page readonly
8750000
unkown
page read and write
4BC9000
unkown
page read and write
3170000
unkown
page read and write
15ED000
trusted library allocation
page read and write
B4D0000
unkown
page read and write
150C000
trusted library allocation
page read and write
9070000
unkown
page read and write
8820000
unkown
page read and write
7FF5ED4BB000
unkown
page readonly
F924000
unkown
page read and write
9D0000
trusted library allocation
page read and write
9875000
unkown
page read and write
AAF2000
unkown
page read and write
9B000
stack
page read and write
7FF5EDA69000
unkown
page readonly
242F000
stack
page read and write
A52000
heap
page read and write
4CCE000
stack
page read and write
7FF5EDA47000
unkown
page readonly
B4D0000
unkown
page read and write
9070000
unkown
page read and write
7FF5ED9C6000
unkown
page readonly
410000
unkown
page execute read
19600B2C000
heap
page read and write
1884000
heap
page read and write
1AC7000
heap
page read and write
351C000
heap
page read and write
B26000
heap
page read and write
1659000
trusted library allocation
page read and write
5150000
trusted library allocation
page read and write
1838000
heap
page read and write
9070000
unkown
page read and write
20D54000
heap
page read and write
9D0000
trusted library allocation
page read and write
C4D0000
unkown
page read and write
7BF000
stack
page read and write
9070000
unkown
page read and write
2B9A000
heap
page read and write
7FF5EDA14000
unkown
page readonly
19600AE1000
heap
page read and write
40B000
unkown
page read and write
896B000
stack
page read and write
61EB7000
direct allocation
page readonly
AE4000
heap
page read and write
9070000
unkown
page read and write
7FF5ED644000
unkown
page readonly
7FF5ED55F000
unkown
page readonly
7FF5ED990000
unkown
page readonly
7900000
unkown
page read and write
410000
unkown
page execute read
401000
unkown
page execute read
7FF5ED40D000
unkown
page readonly
22ADB3AB000
heap
page read and write
D90000
heap
page read and write
620000
unkown
page readonly
524000
heap
page read and write
3020000
unkown
page read and write
9881000
unkown
page read and write
3030000
unkown
page read and write
7FF5EDA2A000
unkown
page readonly
9070000
unkown
page read and write
AC2000
heap
page read and write
9070000
unkown
page read and write
22ADB395000
heap
page read and write
9D0000
trusted library allocation
page read and write
3D0B000
heap
page read and write
E0E000
heap
page read and write
9873000
unkown
page read and write
8EF0000
unkown
page read and write
C6CF000
unkown
page read and write
28D0000
heap
page read and write
1659000
trusted library allocation
page read and write
870000
heap
page read and write
CCF000
stack
page read and write
7F50000
unkown
page read and write
3D70000
heap
page read and write
C557000
unkown
page read and write
1AC0D000
stack
page read and write
22ADB560000
heap
page read and write
4C4B000
unkown
page read and write
15D1000
trusted library allocation
page read and write
97B5000
unkown
page read and write
7FF5ED7DB000
unkown
page readonly
29BC000
stack
page read and write
3261000
heap
page read and write
3209000
stack
page read and write
3020000
unkown
page read and write
2F4F000
stack
page read and write
400000
unkown
page execute and read and write
860000
heap
page read and write
355B000
heap
page read and write
9070000
unkown
page read and write
20D30000
heap
page read and write
61EB4000
direct allocation
page read and write
7FF5ED556000
unkown
page readonly
8750000
unkown
page read and write
15D0000
trusted library allocation
page read and write
3261000
heap
page read and write
B40000
trusted library allocation
page read and write
8750000
unkown
page read and write
3170000
unkown
page read and write
3020000
unkown
page read and write
2B24000
heap
page read and write
979B000
unkown
page read and write
3010000
unkown
page read and write
2EF0000
heap
page read and write
D04000
heap
page read and write
3261000
heap
page read and write
1505000
trusted library allocation
page read and write
18D8000
heap
page read and write
15D5000
trusted library allocation
page read and write
3170000
unkown
page read and write
8760000
unkown
page read and write
3758000
unkown
page read and write
E21000
unkown
page execute read
9C000
stack
page read and write
6CAB0000
unkown
page read and write
110D000
trusted library allocation
page read and write
2DAEA000
heap
page read and write
D7C000
heap
page read and write
C21000
heap
page read and write
27C0000
heap
page read and write
8750000
unkown
page read and write
A37D000
unkown
page read and write
A9C000
heap
page read and write
453000
unkown
page read and write
27E000
unkown
page readonly
350A000
heap
page read and write
15B1000
trusted library allocation
page read and write
6C8D1000
unkown
page execute read
3DC2000
heap
page read and write
20D36000
heap
page read and write
27082000
heap
page read and write
2985000
trusted library allocation
page read and write
2914000
heap
page read and write
8760000
unkown
page read and write
B05000
heap
page read and write
3170000
unkown
page read and write
19600B2C000
heap
page read and write
7CE0000
unkown
page read and write
F91000
trusted library allocation
page read and write
8750000
unkown
page read and write
1047000
trusted library allocation
page read and write
FD20000
heap
page read and write
3261000
heap
page read and write
7F50000
unkown
page read and write
9070000
unkown
page read and write
7FF5ED9F2000
unkown
page readonly
7DF4F3031000
unkown
page execute read
8750000
unkown
page read and write
C5A3000
unkown
page read and write
8EF0000
unkown
page read and write
A40000
heap
page read and write
110000
heap
page read and write
9070000
unkown
page read and write
7FF5ED519000
unkown
page readonly
9070000
unkown
page read and write
F9A4000
unkown
page read and write
B22000
heap
page read and write
C50A000
unkown
page read and write
9070000
unkown
page read and write
8C0000
heap
page read and write
9070000
unkown
page read and write
E21000
unkown
page execute read
9883000
unkown
page read and write
7FF5ED28E000
unkown
page readonly
1628000
trusted library allocation
page read and write
524000
heap
page read and write
185E000
heap
page read and write
FD8E000
unkown
page read and write
5130000
trusted library allocation
page execute and read and write
20D2F000
heap
page read and write
19600AFD000
heap
page read and write
1501000
trusted library allocation
page read and write
7FF5ED71E000
unkown
page readonly
18C7000
heap
page read and write
44C0000
trusted library allocation
page read and write
9070000
unkown
page read and write
1902000
heap
page read and write
8770000
unkown
page read and write
3170000
unkown
page read and write
576D000
stack
page read and write
8750000
unkown
page read and write
9070000
unkown
page read and write
6C8AD000
unkown
page readonly
F96B000
unkown
page read and write
5CEE000
stack
page read and write
9070000
unkown
page read and write
FDF53FF000
stack
page read and write
1A82F000
stack
page read and write
DB0000
heap
page read and write
B24000
heap
page read and write
7FF5ED9B8000
unkown
page readonly
9070000
unkown
page read and write
8B4000
heap
page read and write
265D000
stack
page read and write
1220000
trusted library allocation
page read and write
3170000
unkown
page read and write
1B07000
heap
page read and write
3170000
unkown
page read and write
166D000
trusted library allocation
page read and write
3010000
unkown
page read and write
A2F000
stack
page read and write
8750000
unkown
page read and write
EE0000
unkown
page read and write
7FF5ED85F000
unkown
page readonly
3756000
unkown
page read and write
3748000
unkown
page read and write
7FF5ED3D0000
unkown
page readonly
8B4000
heap
page read and write
20D0F000
heap
page read and write
1B27000
heap
page read and write
22ADB380000
heap
page read and write
B6A0000
heap
page read and write
1987000
heap
page read and write
43C000
remote allocation
page execute and read and write
2E1C000
heap
page read and write
20D44000
heap
page read and write
AD8000
heap
page read and write
291A000
heap
page read and write
8820000
unkown
page read and write
20D1F000
heap
page read and write
CE4000
heap
page read and write
3040000
unkown
page read and write
1A7F000
heap
page read and write
1505000
trusted library allocation
page read and write
401000
unkown
page execute read
1504000
trusted library allocation
page read and write
3020000
unkown
page read and write
7FF5ED867000
unkown
page readonly
410000
unkown
page execute read
A77000
heap
page read and write
20D2F000
heap
page read and write
8CEC000
stack
page read and write
19600B23000
heap
page read and write
43C000
unkown
page read and write
2A00000
direct allocation
page execute and read and write
7FF5ED660000
unkown
page readonly
7FF5ED445000
unkown
page readonly
6C831000
unkown
page execute read
350000
remote allocation
page execute and read and write
6C8C2000
unkown
page readonly
8740000
unkown
page read and write
8750000
unkown
page read and write
20D0A000
heap
page read and write
4C50000
unkown
page read and write
4980000
trusted library allocation
page read and write
8108000
stack
page read and write
9070000
unkown
page read and write
860000
heap
page read and write
2960000
heap
page read and write
7FF5ED814000
unkown
page readonly
3170000
unkown
page read and write
199E000
heap
page read and write
9070000
unkown
page read and write
2E3E000
stack
page read and write
3020000
unkown
page read and write
1503000
trusted library allocation
page read and write
3261000
heap
page read and write
7FF5ED670000
unkown
page readonly
8F0000
heap
page read and write
AAF9000
unkown
page read and write
A35000
heap
page read and write
3170000
unkown
page read and write
A3BE000
unkown
page read and write
37F2000
unkown
page read and write
BE0000
heap
page read and write
3D26000
heap
page read and write
3020000
unkown
page read and write
3170000
unkown
page read and write
3040000
unkown
page read and write
561E000
stack
page read and write
B72000
heap
page read and write
7852000
unkown
page read and write
7FF5ED3DA000
unkown
page readonly
26E0000
trusted library allocation
page read and write
400000
unkown
page readonly
1958000
heap
page read and write
345E000
heap
page read and write
9070000
unkown
page read and write
3020000
unkown
page read and write
22ADB380000
heap
page read and write
987B000
unkown
page read and write
7DF000
unkown
page read and write
20D2D000
heap
page read and write
12F9AFE000
stack
page read and write
6F8000
stack
page read and write
8EF0000
unkown
page read and write
89E000
stack
page read and write
8770000
unkown
page read and write
A33E000
unkown
page read and write
22ADCE70000
heap
page read and write
9A10000
unkown
page read and write
15E000
stack
page read and write
DB0000
heap
page read and write
15FB000
trusted library allocation
page read and write
191A000
heap
page read and write
1506000
trusted library allocation
page read and write
9070000
unkown
page read and write
1BC8000
heap
page read and write
7F50000
unkown
page read and write
401000
unkown
page execute read
ADA000
heap
page read and write
19600AE1000
heap
page read and write
3010000
stack
page read and write
DF3000
heap
page read and write
9070000
unkown
page read and write
3020000
unkown
page read and write
22ADB38E000
heap
page read and write
35B0000
direct allocation
page execute and read and write
9070000
unkown
page read and write
18C2000
heap
page read and write
37BD000
unkown
page read and write
159D000
trusted library allocation
page read and write
9660000
unkown
page read and write
C88B000
unkown
page read and write
B40000
trusted library allocation
page read and write
B40000
trusted library allocation
page read and write
3D0D000
heap
page read and write
20D21000
heap
page read and write
275D000
stack
page read and write
7857000
unkown
page read and write
2B17000
heap
page read and write
7FF5ED418000
unkown
page readonly
7FF5ED503000
unkown
page readonly
3439000
stack
page read and write
AADB000
unkown
page read and write
8720000
unkown
page readonly
8EF0000
unkown
page read and write
348E000
heap
page read and write
3498000
heap
page read and write
7FF5ED4E8000
unkown
page readonly
8760000
unkown
page read and write
15D8000
trusted library allocation
page read and write
3660000
heap
page read and write
FDF58FF000
stack
page read and write
3DA1000
heap
page read and write
15F7000
trusted library allocation
page read and write
7FF5ED62F000
unkown
page readonly
1688000
trusted library allocation
page read and write
20D37000
heap
page read and write
3800000
unkown
page readonly
61E01000
direct allocation
page execute read
7863000
unkown
page read and write
DCA000
heap
page read and write
9070000
unkown
page read and write
8710000
unkown
page readonly
2B8A000
heap
page read and write
3D36000
heap
page read and write
9070000
unkown
page read and write
150A000
trusted library allocation
page read and write
1945000
heap
page read and write
9070000
unkown
page read and write
8B4000
heap
page read and write
8760000
unkown
page read and write
99D000
stack
page read and write
3450000
unkown
page read and write
199E000
heap
page read and write
7FF5ED692000
unkown
page readonly
83E000
heap
page read and write
A30000
heap
page read and write
1B88000
heap
page read and write
9B0000
heap
page read and write
15EA000
trusted library allocation
page read and write
150F000
trusted library allocation
page read and write
3020000
unkown
page read and write
1937000
heap
page read and write
C4A0000
unkown
page read and write
352000
remote allocation
page execute and read and write
1AABE000
stack
page read and write
16B4000
heap
page read and write
150C000
trusted library allocation
page read and write
AF0C000
stack
page read and write
C6F000
heap
page read and write
187000
heap
page read and write
785B000
unkown
page read and write
223F000
stack
page read and write
9070000
unkown
page read and write
7FF5ED59E000
unkown
page readonly
A4E000
heap
page read and write
95E000
stack
page read and write
6CAB5000
unkown
page readonly
9070000
unkown
page read and write
20D28000
heap
page read and write
F91000
trusted library allocation
page read and write
B14000
heap
page read and write
8820000
unkown
page read and write
BA10000
stack
page read and write
DFE000
heap
page read and write
3D02000
heap
page read and write
1503000
trusted library allocation
page read and write
7FF5ED4C2000
unkown
page readonly
22ADB394000
heap
page read and write
BB3000
heap
page read and write
B40000
trusted library allocation
page read and write
987F000
unkown
page read and write
FDF56FE000
stack
page read and write
AB9000
heap
page read and write
3450000
unkown
page read and write
26BA000
trusted library allocation
page read and write
1500000
trusted library allocation
page read and write
3060000
unkown
page read and write
B40000
trusted library allocation
page read and write
B14000
heap
page read and write
2908000
heap
page read and write
3170000
unkown
page read and write
3170000
unkown
page read and write
15A7000
trusted library allocation
page read and write
4670000
trusted library allocation
page read and write
9070000
unkown
page read and write
3010000
unkown
page read and write
3020000
unkown
page read and write
B4D0000
unkown
page read and write
32FD000
stack
page read and write
7695000
stack
page read and write
16B4000
heap
page read and write
9070000
unkown
page read and write
C4D000
heap
page read and write
95DB000
stack
page read and write
7CD000
stack
page read and write
2494000
trusted library allocation
page read and write
7FF5EDA08000
unkown
page readonly
7F50000
unkown
page read and write
3020000
unkown
page read and write
8EC6000
unkown
page read and write
3170000
unkown
page read and write
AA9000
heap
page read and write
7FF5ED426000
unkown
page readonly
16B4000
heap
page read and write
349E000
stack
page read and write
2D72000
heap
page read and write
8730000
unkown
page read and write
8760000
unkown
page read and write
9070000
unkown
page read and write
2F9E000
stack
page read and write
9070000
unkown
page read and write
7F2E000
stack
page read and write
9070000
unkown
page read and write
B40000
trusted library allocation
page read and write
26E12000
heap
page read and write
3319000
stack
page read and write
61ED3000
direct allocation
page read and write
A52000
heap
page read and write
2659000
trusted library allocation
page read and write
7FF5ED43A000
unkown
page readonly
401000
unkown
page execute read
7FF5ED476000
unkown
page readonly
3261000
heap
page read and write
1F0000
heap
page read and write
40B000
unkown
page execute read
AD6000
heap
page read and write
8BE0000
unkown
page readonly
28F1000
heap
page read and write
185C000
heap
page read and write
3454000
heap
page read and write
A8C000
heap
page read and write
150B000
trusted library allocation
page read and write
37F9000
unkown
page read and write
1490000
unkown
page read and write
8208000
stack
page read and write
20D20000
heap
page read and write
3020000
unkown
page read and write
8760000
unkown
page read and write
10D0000
heap
page read and write
2C20000
heap
page read and write
87D000
trusted library allocation
page execute and read and write
9070000
unkown
page read and write
1872000
heap
page read and write
7FDF0000
trusted library allocation
page execute and read and write
1440000
unkown
page read and write
257F000
stack
page read and write
20D36000
heap
page read and write
7FF5ED5C5000
unkown
page readonly
3454000
heap
page read and write
3170000
unkown
page read and write
2E590000
heap
page read and write
266E000
trusted library allocation
page read and write
A39B000
unkown
page read and write
9070000
unkown
page read and write
162D000
trusted library allocation
page read and write
2E0A000
heap
page read and write
3030000
unkown
page read and write
F91000
trusted library allocation
page read and write
1060000
trusted library allocation
page read and write
A10000
heap
page read and write
5A7000
remote allocation
page execute and read and write
493000
remote allocation
page execute and read and write
3010000
unkown
page read and write
7884000
unkown
page read and write
5557000
stack
page read and write
DD4000
heap
page read and write
22CE000
stack
page read and write
3020000
unkown
page read and write
3460000
heap
page read and write
8740000
unkown
page read and write
19C000
stack
page read and write
9070000
unkown
page read and write
AF8D000
stack
page read and write
3020000
unkown
page read and write
61ECC000
direct allocation
page read and write
28D3000
trusted library allocation
page read and write
3030000
unkown
page read and write
4C1E000
unkown
page read and write
35D0000
unkown
page read and write
169E000
trusted library allocation
page read and write
BEB000
heap
page read and write
64E000
stack
page read and write
9070000
unkown
page read and write
B72000
heap
page read and write
7FF5ED94A000
unkown
page readonly
3261000
heap
page read and write
7FF5ED7E0000
unkown
page readonly
E01000
heap
page read and write
3454000
heap
page read and write
9D0000
trusted library allocation
page read and write
524000
heap
page read and write
3020000
unkown
page read and write
2940000
heap
page read and write
3040000
unkown
page read and write
8EF0000
unkown
page read and write
7FF5ED849000
unkown
page readonly
25C3000
heap
page read and write
3170000
unkown
page read and write
3020000
unkown
page read and write
B1F000
heap
page read and write
16B4000
heap
page read and write
7FF5ED71B000
unkown
page readonly
B50000
heap
page read and write
1507000
trusted library allocation
page read and write
CA20000
unkown
page read and write
16DA000
trusted library allocation
page read and write
C54A000
unkown
page read and write
15EC000
trusted library allocation
page read and write
A4A1000
unkown
page read and write
43C1000
heap
page read and write
4B56000
unkown
page read and write
7FF5ED48A000
unkown
page readonly
7FF5ED81B000
unkown
page readonly
2580000
heap
page read and write
524000
heap
page read and write
1A4B000
heap
page read and write
873000
unkown
page readonly
27C0000
heap
page read and write
26DBF000
heap
page read and write
308A000
stack
page read and write
BE0000
heap
page read and write
22ADB388000
heap
page read and write
18F4000
heap
page read and write
965C000
stack
page read and write
1B87000
heap
page read and write
B14000
heap
page read and write
3D0B000
heap
page read and write
7F50000
unkown
page read and write
1AC7000
heap
page read and write
9070000
unkown
page read and write
9070000
unkown
page read and write
3020000
unkown
page read and write
3020000
unkown
page read and write
9070000
unkown
page read and write
1BF4000
heap
page read and write
8750000
unkown
page read and write
7FF5ED793000
unkown
page readonly
8B90000
unkown
page readonly
8770000
unkown
page read and write
6C8BE000
unkown
page read and write
3170000
unkown
page read and write
8A5000
heap
page read and write
B40000
trusted library allocation
page read and write
FD6D000
unkown
page read and write
3240000
unkown
page read and write
8750000
unkown
page read and write
20D17000
heap
page read and write
3170000
unkown
page read and write
3E0000
heap
page read and write
3020000
unkown
page read and write
524000
heap
page read and write
8820000
unkown
page read and write
A4AE000
unkown
page read and write
1873000
heap
page read and write
272000
unkown
page readonly
850000
direct allocation
page read and write
453000
unkown
page read and write
15E5000
trusted library allocation
page read and write
8820000
unkown
page read and write
1A4B000
heap
page read and write
9070000
unkown
page read and write
F91000
trusted library allocation
page read and write
9070000
unkown
page read and write
22ADB3C7000
heap
page read and write
12F98FF000
stack
page read and write
3170000
unkown
page read and write
1A06000
heap
page read and write
3010000
unkown
page read and write
8750000
unkown
page read and write
9070000
unkown
page read and write
3320000
heap
page read and write
9070000
unkown
page read and write
C3E000
heap
page read and write
3460000
unkown
page read and write
35A0000
unkown
page readonly
1501000
trusted library allocation
page read and write
621000
unkown
page execute read
DCA000
heap
page read and write
3020000
unkown
page read and write
8B8000
heap
page read and write
AF6000
heap
page read and write
3010000
unkown
page read and write
A11F000
stack
page read and write
8740000
unkown
page read and write
37AE000
unkown
page read and write
97D4000
unkown
page read and write
9FA000
heap
page read and write
89C0000
unkown
page read and write
4AC0000
heap
page execute and read and write
3020000
unkown
page read and write
19600D60000
heap
page read and write
818D000
stack
page read and write
32DE000
stack
page read and write
1B47000
heap
page read and write
E21000
unkown
page execute read
978E000
unkown
page read and write
1948000
heap
page read and write
9070000
unkown
page read and write
3261000
heap
page read and write
351C000
heap
page read and write
8E4000
heap
page read and write
EE4000
unkown
page write copy
3170000
unkown
page read and write
1E0000
heap
page read and write
2D20000
heap
page read and write
E09000
heap
page read and write
20DCA000
heap
page read and write
4CE0000
unkown
page read and write
3D2D000
heap
page read and write
8760000
unkown
page read and write
2280000
trusted library allocation
page read and write
3170000
unkown
page read and write
7FF5ED9AE000
unkown
page readonly
3020000
unkown
page read and write
E20000
unkown
page readonly
3460000
unkown
page read and write
2F0E000
stack
page read and write
45E000
unkown
page readonly
D70000
heap
page read and write
7FF5ED8AC000
unkown
page readonly
9070000
unkown
page read and write
3170000
unkown
page read and write
C544000
unkown
page read and write
1990000
heap
page read and write
2471000
trusted library allocation
page read and write
B40000
heap
page read and write
28EC000
stack
page read and write
A433000
unkown
page read and write
56B0000
trusted library allocation
page read and write
3DE4000
heap
page read and write
7DF4F3050000
unkown
page readonly
9929000
unkown
page read and write
20D25000
heap
page read and write
3460000
unkown
page read and write
20D56000
heap
page read and write
40B000
unkown
page execute read
AB6000
heap
page read and write
2B78000
heap
page read and write
8760000
unkown
page read and write
37B0000
unkown
page read and write
1451000
unkown
page readonly
4670000
trusted library allocation
page read and write
8740000
unkown
page read and write
7FF5ED872000
unkown
page readonly
C41F000
stack
page read and write
1483000
heap
page read and write
3030000
unkown
page read and write
400000
unkown
page readonly
C89C000
unkown
page read and write
7FF5ED409000
unkown
page readonly
20D1A000
heap
page read and write
7FF5ED779000
unkown
page readonly
3170000
unkown
page read and write
20D28000
heap
page read and write
305E000
stack
page read and write
7FF5ED8FF000
unkown
page readonly
35E0000
direct allocation
page read and write
11A6000
trusted library allocation
page read and write
CEF000
stack
page read and write
B4D0000
unkown
page read and write
1BCF000
heap
page read and write
E20000
unkown
page readonly
2750000
heap
page read and write
3425000
trusted library allocation
page read and write
3738000
unkown
page read and write
22ADB368000
heap
page read and write
51D0000
trusted library allocation
page execute and read and write
A479000
unkown
page read and write
3020000
unkown
page read and write
FDF52FF000
stack
page read and write
A84000
heap
page read and write
88EE000
stack
page read and write
1A9BE000
stack
page read and write
3030000
unkown
page read and write
2696000
trusted library allocation
page read and write
7861000
unkown
page read and write
8750000
unkown
page read and write
A37B000
unkown
page read and write
359E000
heap
page read and write
3020000
unkown
page read and write
6C8D0000
unkown
page readonly
1650000
trusted library allocation
page read and write
3170000
unkown
page read and write
7FF5ED7FD000
unkown
page readonly
8820000
unkown
page read and write
A52000
heap
page read and write
B4D0000
unkown
page read and write
8A6E000
stack
page read and write
8B4000
heap
page read and write
3556000
heap
page read and write
10E5000
trusted library allocation
page read and write
19600ADC000
heap
page read and write
410000
unkown
page execute read
9D0000
trusted library allocation
page read and write
3261000
heap
page read and write
4670000
trusted library allocation
page read and write
17F0000
heap
page read and write
C94000
heap
page read and write
5BEE000
stack
page read and write
3DE5000
heap
page read and write
FD61000
unkown
page read and write
C503000
unkown
page read and write
6B0000
direct allocation
page read and write
1A8D000
heap
page read and write
1C26000
heap
page read and write
2E1C000
heap
page read and write
7FF5ED9A1000
unkown
page readonly
56A0000
trusted library allocation
page read and write
6E0000
unkown
page write copy
9AE000
stack
page read and write
8750000
unkown
page read and write
7A2000
unkown
page read and write
3170000
unkown
page read and write
3860000
heap
page read and write
2D10000
heap
page read and write
E21000
unkown
page execute read
B40000
trusted library allocation
page read and write
7FF5ED586000
unkown
page readonly
7F50000
unkown
page read and write
7FF5ED1BC000
unkown
page readonly
3CD5000
heap
page read and write
319E000
stack
page read and write
401000
unkown
page execute read
4CCE000
stack
page read and write
1857000
heap
page read and write
9070000
unkown
page read and write
B9D0000
stack
page read and write
7FF5ED80C000
unkown
page readonly
3170000
unkown
page read and write
F979000
unkown
page read and write
3010000
unkown
page read and write
7FF5ED674000
unkown
page readonly
19600B2C000
heap
page read and write
AA8000
heap
page read and write
7DF4F3040000
unkown
page readonly
43C0000
heap
page read and write
1BF4000
heap
page read and write
1509000
trusted library allocation
page read and write
3170000
unkown
page read and write
1AD90000
trusted library allocation
page read and write
1501000
trusted library allocation
page read and write
8EF0000
unkown
page read and write
33DF000
stack
page read and write
3261000
heap
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
2D10000
direct allocation
page execute and read and write
CB1C000
unkown
page read and write
1A86E000
stack
page read and write
8740000
unkown
page read and write
22ADB3C4000
heap
page read and write
EE9000
unkown
page readonly
19600DAC000
heap
page read and write
3A8000
remote allocation
page execute and read and write
20D2F000
heap
page read and write
7F50000
unkown
page read and write
7FF5ED1CB000
unkown
page readonly
AAF6000
unkown
page read and write
AA0000
heap
page read and write
20D28000
heap
page read and write
1B07000
heap
page read and write
4C60000
unkown
page read and write
351C000
heap
page read and write
A5D000
heap
page read and write
E08000
heap
page read and write
9F1E000
stack
page read and write
9070000
unkown
page read and write
3D85000
heap
page read and write
A32A000
unkown
page read and write
3261000
heap
page read and write
7FF5ED7E9000
unkown
page readonly
8B4000
heap
page read and write
8740000
unkown
page read and write
3020000
unkown
page read and write
6A0000
direct allocation
page execute and read and write
3030000
unkown
page read and write
1AB0E000
stack
page read and write
D90000
heap
page read and write
A4AB000
unkown
page read and write
33B9000
stack
page read and write
342F000
stack
page read and write
7FF5ED4F3000
unkown
page readonly
2728000
trusted library allocation
page read and write
2C20000
heap
page read and write
3020000
unkown
page read and write
61ED4000
direct allocation
page readonly
7C80000
unkown
page read and write
A3E000
heap
page read and write
42C000
remote allocation
page execute and read and write
3261000
heap
page read and write
C846000
unkown
page read and write
8750000
unkown
page read and write
3261000
heap
page read and write
8EF0000
unkown
page read and write
7FF5ED9BE000
unkown
page readonly
A54000
heap
page read and write
C512000
unkown
page read and write
C893000
unkown
page read and write
18C7000
heap
page read and write
1810000
heap
page read and write
15AD000
trusted library allocation
page read and write
9070000
unkown
page read and write
4B90000
unkown
page read and write
3261000
heap
page read and write
4CC0000
unkown
page read and write
3440000
heap
page read and write
20D27000
heap
page read and write
524000
heap
page read and write
B45000
trusted library allocation
page execute and read and write
22ADB530000
heap
page read and write
3020000
unkown
page read and write
3010000
unkown
page read and write
7D00000
unkown
page readonly
7FF5ED97E000
unkown
page readonly
291A000
heap
page read and write
7A34000
unkown
page read and write
284F000
stack
page read and write
3C91000
heap
page read and write
9070000
unkown
page read and write
8820000
unkown
page read and write
19AC000
heap
page read and write
3020000
unkown
page read and write
B7D000
heap
page read and write
3170000
unkown
page read and write
19600B17000
heap
page read and write
7950000
unkown
page read and write
8B4000
heap
page read and write
7FF5ED9CC000
unkown
page readonly
2707A000
heap
page read and write
3170000
unkown
page read and write
8770000
unkown
page read and write
15BB000
trusted library allocation
page read and write
7FF5ED928000
unkown
page readonly
3170000
unkown
page read and write
DCF000
stack
page read and write
B82A000
stack
page read and write
19600DA5000
heap
page read and write
3170000
unkown
page read and write
2D09000
direct allocation
page execute and read and write
8750000
unkown
page read and write
A40000
heap
page read and write
1A63000
heap
page read and write
15E9000
trusted library allocation
page read and write
7FF5ED74A000
unkown
page readonly
9070000
unkown
page read and write
7FF5ED602000
unkown
page readonly
79B1000
unkown
page read and write
310E000
stack
page read and write
7FF5ED76D000
unkown
page readonly
2B50000
heap
page read and write
4DCE000
stack
page read and write
7FF5ED5CE000
unkown
page readonly
B8C0000
unkown
page readonly
EB0000
unkown
page readonly
87E000
heap
page read and write
2C24000
heap
page read and write
1ACBE000
heap
page read and write
87BA000
stack
page read and write
3170000
unkown
page read and write
8740000
unkown
page read and write
DCA000
heap
page read and write
EB0000
unkown
page readonly
12F96FF000
stack
page read and write
9D64000
unkown
page read and write
F91000
trusted library allocation
page read and write
3460000
unkown
page read and write
26D90000
heap
page read and write
3170000
unkown
page read and write
6D0000
heap
page read and write
AAF000
stack
page read and write
1A81000
heap
page read and write
A18000
heap
page read and write
9D0000
trusted library allocation
page read and write
27B8000
heap
page read and write
9DED000
stack
page read and write
7FF5ED915000
unkown
page readonly
8820000
unkown
page read and write
4670000
trusted library allocation
page read and write
59C0000
heap
page read and write
7FF5ED9A6000
unkown
page readonly
ED6000
unkown
page readonly
268E000
trusted library allocation
page read and write
8750000
unkown
page read and write
12F9BFF000
stack
page read and write
9070000
unkown
page read and write
AE7000
heap
page read and write
9893000
unkown
page read and write
8750000
unkown
page read and write
7FF5EDA76000
unkown
page readonly
89E0000
unkown
page read and write
3791000
unkown
page read and write
1506000
trusted library allocation
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
8750000
unkown
page read and write
89A000
trusted library allocation
page execute and read and write
4670000
trusted library allocation
page read and write
3020000
unkown
page read and write
9B000
stack
page read and write
7FF5ED821000
unkown
page readonly
9070000
unkown
page read and write
1C2E000
heap
page read and write
9070000
unkown
page read and write
3170000
unkown
page read and write
7FF5ED8C6000
unkown
page readonly
797D000
unkown
page read and write
549E000
stack
page read and write
19600AF5000
heap
page read and write
2FE8000
heap
page read and write
1509000
trusted library allocation
page read and write
7FF5ED4DF000
unkown
page readonly
2AAD000
heap
page read and write
7FFE000
stack
page read and write
B7D000
heap
page read and write
C964000
unkown
page read and write
3F0000
heap
page read and write
7FF5ED3CE000
unkown
page readonly
3469000
heap
page read and write
995000
heap
page read and write
7F30000
unkown
page read and write
20D1A000
heap
page read and write
4D1000
remote allocation
page execute and read and write
B4D0000
unkown
page read and write
19CB000
heap
page read and write
8750000
unkown
page read and write
A323000
unkown
page read and write
1A72E000
stack
page read and write
78AD000
unkown
page read and write
3030000
unkown
page read and write
3261000
heap
page read and write
9070000
unkown
page read and write
3010000
unkown
page read and write
B4A000
heap
page read and write
There are 2744 hidden memdumps, click here to show them.