Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
fideo-1.0.5.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
||
|
C:\Program Files\fideo\chrome_100_percent.pak
|
data
|
dropped
|
||
|
C:\Program Files\fideo\chrome_200_percent.pak
|
data
|
dropped
|
||
|
C:\Program Files\fideo\d3dcompiler_47.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\fideo\ffmpeg.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\fideo\fideo.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e50fcf84-d00c-427a-ad9c-1d2dc6e7f456.tmp
|
PNG image data, 182 x 130, 8-bit/color RGBA, non-interlaced
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\LICENSE.electron.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\LICENSES.chromium.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\chrome_100_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\chrome_200_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\d3dcompiler_47.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\ffmpeg.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\fideo.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\icudtl.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\libEGL.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\libGLESv2.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\af.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\am.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ar.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\bg.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\bn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ca.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\cs.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\da.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\de.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\el.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\en-GB.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\en-US.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\es-419.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\es.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\et.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\fa.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\fi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\fil.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\fr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\gu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\he.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\hi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\hr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\hu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\id.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\it.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ja.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\kn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ko.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\lt.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\lv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ml.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\mr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ms.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\nb.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\nl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\pl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\pt-BR.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\pt-PT.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ro.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ru.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\sk.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\sl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\sr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\sv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\sw.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ta.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\te.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\th.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\tr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\uk.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\ur.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\vi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\zh-CN.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\locales\zh-TW.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\resources\app-update.yml
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\resources\app.asar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\resources\elevate.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\snapshot_blob.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\v8_context_snapshot.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\vk_swiftshader.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\vk_swiftshader_icd.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\7z-out\vulkan-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\StdUtils.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\UAC.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\app-64.7z
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\modern-wizard.bmp
|
PC bitmap, Windows 3.x format, 164 x 314 x 24, image size 154490, resolution 11808 x 11808 px/m, cbSize 154544, bits offset
54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\nsProcess.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsfE7B8.tmp\nsis7z.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.acl
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.dic
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.exc
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\8c13f8b8-08d4-4fa1-821a-16b98c4c12dc.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Code Cache\wasm\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnGraphiteCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnGraphiteCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnGraphiteCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnGraphiteCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnGraphiteCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnWebGPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnWebGPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnWebGPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnWebGPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\DawnWebGPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\GPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\IndexedDB\file__0.indexeddb.leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\IndexedDB\file__0.indexeddb.leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\IndexedDB\file__0.indexeddb.leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\IndexedDB\file__0.indexeddb.leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000001
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Local Storage\leveldb\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Network\5b14ea10-bc09-40fa-8cd0-83216666b2ad.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Network\Network Persistent State~RF56b340.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3045002, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Network\a95d87e4-4214-4898-b535-e90e33495b42.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Shared Dictionary\cache\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Shared Dictionary\cache\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Shared Dictionary\cache\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\Shared Dictionary\db
|
SQLite 3.x database, last written using SQLite version 3045002, file counter 2, database pages 11, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fideo\WebStorage\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3045002, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8,
version-valid-for 1
|
modified
|
||
|
C:\Users\user\AppData\Roaming\fideo\e0f1c858-8915-47bc-8fa5-d70c44e7458b.tmp
|
JSON data
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 132 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\fideo-1.0.5.exe
|
"C:\Users\user\Desktop\fideo-1.0.5.exe"
|
 |
|
|
C:\Program Files\fideo\fideo.exe
|
"C:\Program Files\fideo\fideo.exe"
|
|
|
|
C:\Program Files\fideo\fideo.exe
|
"C:\Program Files\fideo\fideo.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\fideo" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA==
--field-trial-handle=1800,i,17151387384183765936,16765276755101112878,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand
--variations-seed-version --mojo-platform-channel-handle=1768 /prefetch:2
|
|
|
|
C:\Program Files\fideo\fideo.exe
|
"C:\Program Files\fideo\fideo.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none
--user-data-dir="C:\Users\user\AppData\Roaming\fideo" --field-trial-handle=3108,i,17151387384183765936,16765276755101112878,262144
--disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version
--mojo-platform-channel-handle=3228 /prefetch:3
|
|
|
|
C:\Program Files\fideo\fideo.exe
|
"C:\Program Files\fideo\fideo.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\fideo" --app-user-model-id=site.fideo.app
--app-path="C:\Program Files\fideo\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2
--enable-main-frame-before-activation --renderer-client-id=4 --time-ticks-at-unix-epoch=-1727506034100756 --launch-time-ticks=5606445806
--field-trial-handle=3376,i,17151387384183765936,16765276755101112878,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand
--variations-seed-version --mojo-platform-channel-handle=3260 /prefetch:1
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://lucide.dev/icons/square-arrow-left
|
unknown
|
||
|
https://lucide.dev/icons/send-horizontal
|
unknown
|
||
|
https://lucide.dev/icons/tablets
|
unknown
|
||
|
https://lucide.dev/icons/timer-reset
|
unknown
|
||
|
https://github.com/simplejson/simplejson
|
unknown
|
||
|
https://lucide.dev/icons/ticket-slash
|
unknown
|
||
|
https://support.google.com/chrome/answer/6098869
|
unknown
|
||
|
https://lucide.dev/icons/share-2
|
unknown
|
||
|
https://lucide.dev/icons/signal-high
|
unknown
|
||
|
https://lucide.dev/icons/square-code
|
unknown
|
||
|
https://lucide.dev/icons/swiss-franc
|
unknown
|
||
|
https://lucide.dev/icons/sun
|
unknown
|
||
|
https://lucide.dev/icons/shuffle
|
unknown
|
||
|
https://lucide.dev/icons/snowflake
|
unknown
|
||
|
https://lucide.dev/icons/user-round-check
|
unknown
|
||
|
https://lucide.dev/icons/toggle-right
|
unknown
|
||
|
https://lucide.dev/icons/stamp
|
unknown
|
||
|
https://lucide.dev/icons/thumbs-down
|
unknown
|
||
|
https://lucide.dev/icons/target
|
unknown
|
||
|
https://lucide.dev/icons/toggle-left
|
unknown
|
||
|
https://lucide.dev/icons/square-activity
|
unknown
|
||
|
https://lucide.dev/icons/user-round-search
|
unknown
|
||
|
https://lucide.dev/icons/signal-medium
|
unknown
|
||
|
https://simpleicons.org/?q=trello
|
unknown
|
||
|
https://lucide.dev/icons/square-arrow-down-left
|
unknown
|
||
|
http://tukaani.org/xz/>.
|
unknown
|
||
|
https://lucide.dev/icons/zap
|
unknown
|
||
|
https://lucide.dev/icons/unplug
|
unknown
|
||
|
https://github.com/google/pprof/tree/master/proto
|
unknown
|
||
|
https://github.com/jrmuizel/qcms/tree/v4
|
unknown
|
||
|
https://lucide.dev/icons/table
|
unknown
|
||
|
https://lucide.dev/icons/trophy
|
unknown
|
||
|
https://chromium.googlesource.com/chromium/src/
|
unknown
|
||
|
https://lucide.dev/icons/separator-vertical
|
unknown
|
||
|
https://lucide.dev/icons/tornado
|
unknown
|
||
|
https://lucide.dev/icons/user-plus
|
unknown
|
||
|
https://lucide.dev/icons/scan-line
|
unknown
|
||
|
https://lucide.dev/icons/train-front-tunnel
|
unknown
|
||
|
https://github.com/tensorflow/models
|
unknown
|
||
|
https://github.com/KhronosGroup/SPIRV-Headers.git
|
unknown
|
||
|
https://lucide.dev/icons/square-plus
|
unknown
|
||
|
http://narwhaljs.org)
|
unknown
|
||
|
https://github.com/tensorflow/tflite-support
|
unknown
|
||
|
https://pypi.org/project/pyparsing
|
unknown
|
||
|
https://sqlite.org/
|
unknown
|
||
|
https://lucide.dev/icons/satellite-dish
|
unknown
|
||
|
https://lucide.dev/icons/undo
|
unknown
|
||
|
https://lucide.dev/icons/speaker
|
unknown
|
||
|
https://simpleicons.org/?q=youtube
|
unknown
|
||
|
https://lucide.dev/icons/sun-moon
|
unknown
|
||
|
https://lucide.dev/icons/shopping-bag
|
unknown
|
||
|
https://sizzlejs.com/
|
unknown
|
||
|
https://lucide.dev/icons/scan-eye
|
unknown
|
||
|
https://lucide.dev/icons/strikethrough
|
unknown
|
||
|
https://lucide.dev/icons/square-mouse-pointer
|
unknown
|
||
|
https://lucide.dev/icons/star-half
|
unknown
|
||
|
https://lucide.dev/icons/square-chevron-left
|
unknown
|
||
|
https://lucide.dev/icons/square-menu
|
unknown
|
||
|
https://lucide.dev/icons/trash
|
unknown
|
||
|
http://www.portaudio.com
|
unknown
|
||
|
https://lucide.dev/icons/ticket-check
|
unknown
|
||
|
https://lucide.dev/icons/thermometer-sun
|
unknown
|
||
|
https://lucide.dev/icons/screen-share
|
unknown
|
||
|
https://lucide.dev/icons/smartphone-charging
|
unknown
|
||
|
https://lucide.dev/icons/shrub
|
unknown
|
||
|
https://lucide.dev/icons/swatch-book
|
unknown
|
||
|
https://lucide.dev/icons/square-parking
|
unknown
|
||
|
https://github.com/google/shell-encryption
|
unknown
|
||
|
https://github.com/wasdk/wasmparser
|
unknown
|
||
|
https://lucide.dev/icons/stretch-vertical
|
unknown
|
||
|
https://lucide.dev/icons/video-off
|
unknown
|
||
|
https://lucide.dev/icons/thumbs-up
|
unknown
|
||
|
https://lucide.dev/icons/timer
|
unknown
|
||
|
https://lucide.dev/icons/wrap-text
|
unknown
|
||
|
https://github.com/dpranke/typ.git
|
unknown
|
||
|
https://lucide.dev/icons/spell-check-2
|
unknown
|
||
|
https://lucide.dev/icons/umbrella
|
unknown
|
||
|
https://lucide.dev/icons/ticket-minus
|
unknown
|
||
|
https://github.com/nodejs/node/pull/30380#issuecomment-552948364
|
unknown
|
||
|
https://www.khronos.org/registry/
|
unknown
|
||
|
https://lucide.dev/icons/scan-barcode
|
unknown
|
||
|
https://lucide.dev/icons/share
|
unknown
|
||
|
https://lucide.dev/icons/skull
|
unknown
|
||
|
https://github.com/requests/toolbelt
|
unknown
|
||
|
https://lucide.dev/guide/packages/lucide-react
|
unknown
|
||
|
https://lucide.dev/icons/triangle
|
unknown
|
||
|
https://lucide.dev/icons/square-dashed-mouse-pointer
|
unknown
|
||
|
https://lucide.dev/icons/spline
|
unknown
|
||
|
https://lucide.dev/icons/wine-off
|
unknown
|
||
|
https://github.com/nodejs/node/issues/19009
|
unknown
|
||
|
https://lucide.dev/icons/server-crash
|
unknown
|
||
|
https://tc39.github.io/ecma262/#sec-%typedarray%.of
|
unknown
|
||
|
https://pypi.python.org/pypi/pyfakefs
|
unknown
|
||
|
https://lucide.dev/icons/zoom-in
|
unknown
|
||
|
https://github.com/GPUOpen-LibrariesAndSDKs/VulkanMemoryAllocator
|
unknown
|
||
|
https://lucide.dev/icons/tent-tree
|
unknown
|
||
|
https://lucide.dev/icons/square-arrow-up-left
|
unknown
|
||
|
https://lucide.dev/icons/wand-sparkles
|
unknown
|
||
|
http://developer.android.com/tools/extras/support-library.html
|
unknown
|
||
|
https://lucide.dev/icons/russian-ruble
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
|
gitlab.com
|
172.65.251.78
|
||
|
api.github.com
|
140.82.121.5
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
172.65.251.78
|
gitlab.com
|
United States
|
||
|
140.82.121.5
|
api.github.com
|
United States
|
||
|
172.64.41.3
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
KeepShortcuts
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
ShortcutName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
QuietUninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
DisplayIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\0c537e61-f110-51ad-b451-32e3d3ff1b96
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
|
PendingFileRenameOperations
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
fvgr.svqrb.ncc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{5985FC23-2588-4D9A-B38B-7E7AFFAB3155} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
|
Excel.CSV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
|
Word.Document.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
|
Word.DocumentMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
|
Word.Document.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
|
Word.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
|
Word.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
|
Word.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
|
Outlook.File.msg.15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
|
PowerPoint.OpenDocumentPresentation.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
|
Excel.OpenDocumentSpreadsheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
|
Word.OpenDocumentText.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
|
PowerPoint.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
|
PowerPoint.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
|
PowerPoint.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
|
PowerPoint.Addin.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
|
PowerPoint.SlideShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
|
PowerPoint.SlideShow.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
|
PowerPoint.Show.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
|
PowerPoint.ShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
|
PowerPoint.Show.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
|
Word.RTF.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
|
PowerPoint.SlideMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
|
PowerPoint.Slide.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
|
bootstrap.vsto.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
|
Excel.AddInMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
|
Excel.Sheet.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
|
Excel.SheetBinaryMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
|
Excel.SheetMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
|
Excel.Sheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
|
Excel.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
|
Excel.TemplateMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
|
Excel.Template
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
|
Unpacker
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
|
AutoIt3Script
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
|
WMP11.AssocFile.AVI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
|
CABFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
|
CSSfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
|
ddsfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
|
dllfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
|
emffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
|
exefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
|
WMP11.AssocFile.FLAC
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
|
fonfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
|
giffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
|
icofile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
|
inffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
|
inifile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
|
pjpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
|
lnkfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
|
WMP11.AssocFile.m3u
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
|
WMP11.AssocFile.M4A
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
|
WMP11.AssocFile.MK3D
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
|
WMP11.AssocFile.MKA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
|
WMP11.AssocFile.MKV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
|
WMP11.AssocFile.MOV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
|
ocxfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
|
otffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
|
pngfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
|
Microsoft.PowerShellScript.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
|
Microsoft.PowerShellXMLData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
|
Microsoft.PowerShellData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
|
Microsoft.PowerShellModule.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
|
Microsoft.PowerShellSessionConfiguration.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
|
rlefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
|
SHCmdFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
|
SearchFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
|
shtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
|
sysfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
|
ttcfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
|
ttffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
|
txtfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
|
WMP11.AssocFile.WAV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
|
WMP11.AssocFile.WAX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
|
WMP11.AssocFile.WMA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
|
wmffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
|
WMP11.AssocFile.WMV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
|
WMP11.AssocFile.WPL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
|
WMP11.AssocFile.WVX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
|
xmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
|
xslfile
|
There are 149 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
841000
|
heap
|
page read and write
|
||
|
B4BF000
|
stack
|
page read and write
|
||
|
7FF5D72D3000
|
unkown
|
page readonly
|
||
|
7FF5D7407000
|
unkown
|
page readonly
|
||
|
7FF5D71BF000
|
unkown
|
page readonly
|
||
|
5CE0000
|
direct allocation
|
page read and write
|
||
|
35C9000
|
unkown
|
page read and write
|
||
|
78E000
|
stack
|
page read and write
|
||
|
7FF616B71000
|
unkown
|
page execute read
|
||
|
769A000
|
unkown
|
page read and write
|
||
|
7FF616B71000
|
unkown
|
page execute read
|
||
|
7FF5D77D2000
|
unkown
|
page readonly
|
||
|
7FF5D72DF000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
5766000
|
heap
|
page read and write
|
||
|
77DB000
|
unkown
|
page read and write
|
||
|
3071000
|
unkown
|
page read and write
|
||
|
CBD5000
|
unkown
|
page read and write
|
||
|
4980000
|
unkown
|
page read and write
|
||
|
1360000
|
unkown
|
page readonly
|
||
|
7FF61BB71000
|
unkown
|
page execute read
|
||
|
6160000
|
direct allocation
|
page read and write
|
||
|
C44F000
|
stack
|
page read and write
|
||
|
7631000
|
unkown
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
A9DF000
|
unkown
|
page read and write
|
||
|
7FF5D7452000
|
unkown
|
page readonly
|
||
|
7FF5D75BF000
|
unkown
|
page readonly
|
||
|
7FF5D71C8000
|
unkown
|
page readonly
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
B220000
|
unkown
|
page read and write
|
||
|
8ECC000
|
stack
|
page read and write
|
||
|
7FF5D7262000
|
unkown
|
page readonly
|
||
|
7FF5D762F000
|
unkown
|
page readonly
|
||
|
7FF616171000
|
unkown
|
page execute read
|
||
|
7FF61B171000
|
unkown
|
page execute read
|
||
|
9AC3000
|
unkown
|
page read and write
|
||
|
98FD000
|
stack
|
page read and write
|
||
|
9A6A000
|
unkown
|
page read and write
|
||
|
3530000
|
unkown
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
A33F000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
B4D0000
|
unkown
|
page readonly
|
||
|
7FF5D71E6000
|
unkown
|
page readonly
|
||
|
F892000
|
heap
|
page read and write
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
7FF5D7394000
|
unkown
|
page readonly
|
||
|
13A0000
|
unkown
|
page readonly
|
||
|
7FF5D7438000
|
unkown
|
page readonly
|
||
|
5869000
|
heap
|
page read and write
|
||
|
35B0000
|
unkown
|
page read and write
|
||
|
7DF4F2491000
|
unkown
|
page execute read
|
||
|
7FF5D748A000
|
unkown
|
page readonly
|
||
|
A286000
|
unkown
|
page read and write
|
||
|
7FF5D76F5000
|
unkown
|
page readonly
|
||
|
4A40000
|
unkown
|
page read and write
|
||
|
9B41000
|
unkown
|
page read and write
|
||
|
7FF5D72D7000
|
unkown
|
page readonly
|
||
|
F6D9000
|
unkown
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
35BD000
|
unkown
|
page read and write
|
||
|
49FA000
|
unkown
|
page read and write
|
||
|
2454000
|
heap
|
page read and write
|
||
|
B0E0000
|
unkown
|
page readonly
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
7FF5D775C000
|
unkown
|
page readonly
|
||
|
AA92000
|
unkown
|
page read and write
|
||
|
F603000
|
unkown
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
7FF5D744E000
|
unkown
|
page readonly
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
7FF5D72E9000
|
unkown
|
page readonly
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
B980000
|
unkown
|
page readonly
|
||
|
1270000
|
unkown
|
page read and write
|
||
|
7FF5D7404000
|
unkown
|
page readonly
|
||
|
3100000
|
unkown
|
page read and write
|
||
|
CB1E000
|
unkown
|
page read and write
|
||
|
7FF5D77A8000
|
unkown
|
page readonly
|
||
|
5479000
|
unkown
|
page read and write
|
||
|
7FF614370000
|
unkown
|
page readonly
|
||
|
7FF5D710B000
|
unkown
|
page readonly
|
||
|
6660000
|
heap
|
page read and write
|
||
|
9E2E000
|
stack
|
page read and write
|
||
|
942D000
|
stack
|
page read and write
|
||
|
7FF5D7398000
|
unkown
|
page readonly
|
||
|
7FF5D7694000
|
unkown
|
page readonly
|
||
|
51FD000
|
heap
|
page read and write
|
||
|
6EE0000
|
direct allocation
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
5661000
|
heap
|
page read and write
|
||
|
7FF5D774A000
|
unkown
|
page readonly
|
||
|
899000
|
heap
|
page read and write
|
||
|
7FF5D74C3000
|
unkown
|
page readonly
|
||
|
582D000
|
heap
|
page read and write
|
||
|
22CC000
|
stack
|
page read and write
|
||
|
BDC0000
|
unkown
|
page read and write
|
||
|
7FF5D71C4000
|
unkown
|
page readonly
|
||
|
7FF5D71EA000
|
unkown
|
page readonly
|
||
|
5661000
|
heap
|
page read and write
|
||
|
779E000
|
unkown
|
page read and write
|
||
|
5330000
|
unkown
|
page write copy
|
||
|
7FF5D7230000
|
unkown
|
page readonly
|
||
|
7FF5D6ABD000
|
unkown
|
page readonly
|
||
|
2F1F000
|
heap
|
page read and write
|
||
|
1177D000
|
stack
|
page read and write
|
||
|
7FF5CE343000
|
unkown
|
page readonly
|
||
|
8B4000
|
heap
|
page read and write
|
||
|
7FF5D7488000
|
unkown
|
page readonly
|
||
|
9A8E000
|
unkown
|
page read and write
|
||
|
9B0B000
|
unkown
|
page read and write
|
||
|
7FF5D7691000
|
unkown
|
page readonly
|
||
|
7691000
|
unkown
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
7FF5D72FB000
|
unkown
|
page readonly
|
||
|
11CFD000
|
stack
|
page read and write
|
||
|
50D0000
|
trusted library allocation
|
page read and write
|
||
|
4E3000
|
unkown
|
page read and write
|
||
|
C483000
|
unkown
|
page read and write
|
||
|
7FF5D72CE000
|
unkown
|
page readonly
|
||
|
2270000
|
heap
|
page read and write
|
||
|
A0A9000
|
stack
|
page read and write
|
||
|
CAA2000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
4FD1000
|
heap
|
page read and write
|
||
|
5FF5000
|
direct allocation
|
page read and write
|
||
|
66E1000
|
heap
|
page read and write
|
||
|
3520000
|
unkown
|
page readonly
|
||
|
7FF5D768B000
|
unkown
|
page readonly
|
||
|
828000
|
heap
|
page read and write
|
||
|
7FF5D770A000
|
unkown
|
page readonly
|
||
|
5CE0000
|
direct allocation
|
page read and write
|
||
|
7810000
|
unkown
|
page read and write
|
||
|
853B000
|
stack
|
page read and write
|
||
|
871000
|
heap
|
page read and write
|
||
|
7989000
|
stack
|
page read and write
|
||
|
7FF5D7784000
|
unkown
|
page readonly
|
||
|
9A96000
|
unkown
|
page read and write
|
||
|
F64B000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
927C000
|
stack
|
page read and write
|
||
|
B8DB000
|
stack
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
7FF5D7837000
|
unkown
|
page readonly
|
||
|
2DFE000
|
heap
|
page read and write
|
||
|
96FE000
|
stack
|
page read and write
|
||
|
29A6000
|
heap
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
7B10000
|
unkown
|
page read and write
|
||
|
7FF614D71000
|
unkown
|
page execute read
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
5561000
|
heap
|
page read and write
|
||
|
A40E000
|
unkown
|
page read and write
|
||
|
C908000
|
unkown
|
page read and write
|
||
|
665000
|
heap
|
page read and write
|
||
|
2F16000
|
heap
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
7FF5D765F000
|
unkown
|
page readonly
|
||
|
115FE000
|
stack
|
page read and write
|
||
|
7FF5D71D7000
|
unkown
|
page readonly
|
||
|
82D000
|
heap
|
page read and write
|
||
|
7FF5D75F6000
|
unkown
|
page readonly
|
||
|
CA04000
|
unkown
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
7FF5D7292000
|
unkown
|
page readonly
|
||
|
88E000
|
heap
|
page read and write
|
||
|
7FF5D771A000
|
unkown
|
page readonly
|
||
|
7FF5D758D000
|
unkown
|
page readonly
|
||
|
7FF614D71000
|
unkown
|
page execute read
|
||
|
A264000
|
unkown
|
page read and write
|
||
|
7FF61B171000
|
unkown
|
page execute read
|
||
|
C7C6000
|
unkown
|
page read and write
|
||
|
7FF619371000
|
unkown
|
page execute read
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
7FF617F71000
|
unkown
|
page execute read
|
||
|
7FF5D7485000
|
unkown
|
page readonly
|
||
|
7FF5D76DA000
|
unkown
|
page readonly
|
||
|
7AA0000
|
unkown
|
page read and write
|
||
|
49FD000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
7FF5D74A6000
|
unkown
|
page readonly
|
||
|
7FF5D77DA000
|
unkown
|
page readonly
|
||
|
845000
|
heap
|
page read and write
|
||
|
4FD1000
|
heap
|
page read and write
|
||
|
5826000
|
heap
|
page read and write
|
||
|
7FF5D7745000
|
unkown
|
page readonly
|
||
|
35D1000
|
unkown
|
page read and write
|
||
|
7FF5D7523000
|
unkown
|
page readonly
|
||
|
91F0000
|
unkown
|
page readonly
|
||
|
7FF5D743F000
|
unkown
|
page readonly
|
||
|
C7BE000
|
unkown
|
page read and write
|
||
|
1200000
|
unkown
|
page read and write
|
||
|
2DFE000
|
heap
|
page read and write
|
||
|
AFBE000
|
stack
|
page read and write
|
||
|
A9FD000
|
unkown
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
7FF5D774C000
|
unkown
|
page readonly
|
||
|
9A94000
|
unkown
|
page read and write
|
||
|
7FF5D75A6000
|
unkown
|
page readonly
|
||
|
7FF61BB71000
|
unkown
|
page execute read
|
||
|
7FF5D74B8000
|
unkown
|
page readonly
|
||
|
C47F000
|
unkown
|
page read and write
|
||
|
9A9E000
|
unkown
|
page read and write
|
||
|
F762000
|
unkown
|
page read and write
|
||
|
F700000
|
unkown
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
7FF5D738E000
|
unkown
|
page readonly
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
12B0000
|
unkown
|
page read and write
|
||
|
C0BA000
|
stack
|
page read and write
|
||
|
7E58000
|
stack
|
page read and write
|
||
|
7FF5D77B9000
|
unkown
|
page readonly
|
||
|
898000
|
heap
|
page read and write
|
||
|
86D0000
|
unkown
|
page readonly
|
||
|
F89A000
|
heap
|
page read and write
|
||
|
9AA8000
|
unkown
|
page read and write
|
||
|
10FF9000
|
stack
|
page read and write
|
||
|
7FF5D764F000
|
unkown
|
page readonly
|
||
|
A02E000
|
stack
|
page read and write
|
||
|
5FF000
|
unkown
|
page readonly
|
||
|
5728000
|
heap
|
page read and write
|
||
|
299C000
|
stack
|
page read and write
|
||
|
11DFE000
|
stack
|
page read and write
|
||
|
7FF5D7077000
|
unkown
|
page readonly
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
7FF5D7202000
|
unkown
|
page readonly
|
||
|
82D000
|
heap
|
page read and write
|
||
|
7FF5D7643000
|
unkown
|
page readonly
|
||
|
8FD9000
|
stack
|
page read and write
|
||
|
B03B000
|
stack
|
page read and write
|
||
|
7FF5D7808000
|
unkown
|
page readonly
|
||
|
7FF5D740B000
|
unkown
|
page readonly
|
||
|
3338000
|
unkown
|
page read and write
|
||
|
C450000
|
unkown
|
page read and write
|
||
|
7FF619371000
|
unkown
|
page execute read
|
||
|
5728000
|
heap
|
page read and write
|
||
|
51B7000
|
heap
|
page read and write
|
||
|
7FF5D7639000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FF5D77E3000
|
unkown
|
page readonly
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
7FF5D7703000
|
unkown
|
page readonly
|
||
|
C4BD000
|
unkown
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
A273000
|
unkown
|
page read and write
|
||
|
1107D000
|
stack
|
page read and write
|
||
|
C609000
|
unkown
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
2D67000
|
heap
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
35C3000
|
unkown
|
page read and write
|
||
|
7D3E000
|
stack
|
page read and write
|
||
|
5B60000
|
direct allocation
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
9D67000
|
unkown
|
page read and write
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
35B3000
|
unkown
|
page read and write
|
||
|
F0C000
|
heap
|
page read and write
|
||
|
7FF5D77C2000
|
unkown
|
page readonly
|
||
|
A23A000
|
unkown
|
page read and write
|
||
|
9A84000
|
unkown
|
page read and write
|
||
|
7FF5D76D7000
|
unkown
|
page readonly
|
||
|
A39C000
|
unkown
|
page read and write
|
||
|
3120000
|
unkown
|
page read and write
|
||
|
10E0000
|
unkown
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
F5C4000
|
unkown
|
page read and write
|
||
|
35E4000
|
unkown
|
page read and write
|
||
|
4A12000
|
unkown
|
page read and write
|
||
|
30FB000
|
stack
|
page read and write
|
||
|
C5FD000
|
unkown
|
page read and write
|
||
|
7FF5D7336000
|
unkown
|
page readonly
|
||
|
7FF5D66E8000
|
unkown
|
page readonly
|
||
|
3500000
|
stack
|
page read and write
|
||
|
2DAF000
|
heap
|
page read and write
|
||
|
C7CB000
|
unkown
|
page read and write
|
||
|
56E9000
|
heap
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
7FF5D7752000
|
unkown
|
page readonly
|
||
|
11F7D000
|
stack
|
page read and write
|
||
|
11D7D000
|
stack
|
page read and write
|
||
|
8A00000
|
unkown
|
page read and write
|
||
|
49A8000
|
unkown
|
page read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
8360000
|
unkown
|
page read and write
|
||
|
8870000
|
unkown
|
page readonly
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
7FF5D7792000
|
unkown
|
page readonly
|
||
|
C73E000
|
unkown
|
page read and write
|
||
|
35DC000
|
unkown
|
page read and write
|
||
|
7FF5D719C000
|
unkown
|
page readonly
|
||
|
C61B000
|
unkown
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
7FF5D76CD000
|
unkown
|
page readonly
|
||
|
7FF5D75D9000
|
unkown
|
page readonly
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
9AAA000
|
unkown
|
page read and write
|
||
|
9A80000
|
unkown
|
page read and write
|
||
|
2F10000
|
heap
|
page read and write
|
||
|
7FF5D71E0000
|
unkown
|
page readonly
|
||
|
7D8000
|
heap
|
page read and write
|
||
|
33F0000
|
unkown
|
page read and write
|
||
|
7FF5D769E000
|
unkown
|
page readonly
|
||
|
7FF5D75B3000
|
unkown
|
page readonly
|
||
|
A2B5000
|
unkown
|
page read and write
|
||
|
11BFB000
|
stack
|
page read and write
|
||
|
AAA9000
|
unkown
|
page read and write
|
||
|
C642000
|
unkown
|
page read and write
|
||
|
5FF000
|
unkown
|
page readonly
|
||
|
C65E000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
A1AF000
|
stack
|
page read and write
|
||
|
2F1D000
|
heap
|
page read and write
|
||
|
7FF619371000
|
unkown
|
page execute read
|
||
|
7FF5D6BDB000
|
unkown
|
page readonly
|
||
|
7FF5D741F000
|
unkown
|
page readonly
|
||
|
7FF5D7700000
|
unkown
|
page readonly
|
||
|
864000
|
heap
|
page read and write
|
||
|
3050000
|
unkown
|
page read and write
|
||
|
8F49000
|
stack
|
page read and write
|
||
|
A9A0000
|
unkown
|
page read and write
|
||
|
3001000
|
heap
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
4AC0000
|
unkown
|
page read and write
|
||
|
F74C000
|
unkown
|
page read and write
|
||
|
801000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
521C000
|
heap
|
page read and write
|
||
|
57A9000
|
heap
|
page read and write
|
||
|
35D5000
|
unkown
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
891000
|
heap
|
page read and write
|
||
|
49D6000
|
unkown
|
page read and write
|
||
|
88B000
|
heap
|
page read and write
|
||
|
117FE000
|
stack
|
page read and write
|
||
|
8D3B000
|
stack
|
page read and write
|
||
|
BB9C000
|
stack
|
page read and write
|
||
|
586A000
|
heap
|
page read and write
|
||
|
49BB000
|
unkown
|
page read and write
|
||
|
E00000
|
unkown
|
page readonly
|
||
|
7FF5D69BB000
|
unkown
|
page readonly
|
||
|
2EC0000
|
unkown
|
page readonly
|
||
|
51B8000
|
heap
|
page read and write
|
||
|
65E0000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
5826000
|
heap
|
page read and write
|
||
|
7DF4F2460000
|
unkown
|
page readonly
|
||
|
7FF5D76C8000
|
unkown
|
page readonly
|
||
|
12D0000
|
unkown
|
page readonly
|
||
|
11FFF000
|
stack
|
page read and write
|
||
|
2DAF000
|
heap
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
7FF5D729E000
|
unkown
|
page readonly
|
||
|
7FF5D776D000
|
unkown
|
page readonly
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
67A1000
|
heap
|
page read and write
|
||
|
2F39000
|
heap
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
35D3000
|
unkown
|
page read and write
|
||
|
7FF61A771000
|
unkown
|
page execute read
|
||
|
111FD000
|
stack
|
page read and write
|
||
|
7DF4F2470000
|
unkown
|
page readonly
|
||
|
65E1000
|
heap
|
page read and write
|
||
|
A416000
|
unkown
|
page read and write
|
||
|
F731000
|
unkown
|
page read and write
|
||
|
2F38000
|
heap
|
page read and write
|
||
|
7FF5D74FA000
|
unkown
|
page readonly
|
||
|
1281000
|
unkown
|
page readonly
|
||
|
B85A000
|
stack
|
page read and write
|
||
|
7FF5D6A4B000
|
unkown
|
page readonly
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
54E1000
|
heap
|
page read and write
|
||
|
2DE8000
|
heap
|
page read and write
|
||
|
EB5000
|
stack
|
page read and write
|
||
|
11C7C000
|
stack
|
page read and write
|
||
|
51A6000
|
heap
|
page read and write
|
||
|
7FF5D7376000
|
unkown
|
page readonly
|
||
|
3280000
|
unkown
|
page read and write
|
||
|
7FF5D75EE000
|
unkown
|
page readonly
|
||
|
2F03000
|
heap
|
page read and write
|
||
|
AE1D000
|
stack
|
page read and write
|
||
|
7FF5D71DA000
|
unkown
|
page readonly
|
||
|
C5F0000
|
unkown
|
page read and write
|
||
|
881D000
|
stack
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
7FF5D705D000
|
unkown
|
page readonly
|
||
|
7FF618971000
|
unkown
|
page execute read
|
||
|
8A44000
|
unkown
|
page read and write
|
||
|
7FF5D71EF000
|
unkown
|
page readonly
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
4AF3000
|
unkown
|
page read and write
|
||
|
AA0A000
|
unkown
|
page read and write
|
||
|
64BC000
|
direct allocation
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
5661000
|
heap
|
page read and write
|
||
|
116FD000
|
stack
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
2F15000
|
heap
|
page read and write
|
||
|
11AFE000
|
stack
|
page read and write
|
||
|
B950000
|
unkown
|
page readonly
|
||
|
9A90000
|
unkown
|
page read and write
|
||
|
7FF5D7799000
|
unkown
|
page readonly
|
||
|
B559000
|
stack
|
page read and write
|
||
|
7FF5D72C8000
|
unkown
|
page readonly
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
7FF5D770F000
|
unkown
|
page readonly
|
||
|
4FC0000
|
unkown
|
page readonly
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
4AB3000
|
unkown
|
page read and write
|
||
|
542F000
|
stack
|
page read and write
|
||
|
7FF5D7604000
|
unkown
|
page readonly
|
||
|
7FF5D77A4000
|
unkown
|
page readonly
|
||
|
A237000
|
unkown
|
page read and write
|
||
|
7FF5D7244000
|
unkown
|
page readonly
|
||
|
7FF5D77F0000
|
unkown
|
page readonly
|
||
|
7FF5D778A000
|
unkown
|
page readonly
|
||
|
7460000
|
unkown
|
page read and write
|
||
|
C81C000
|
unkown
|
page read and write
|
||
|
99C0000
|
unkown
|
page read and write
|
||
|
BE70000
|
unkown
|
page readonly
|
||
|
7FF617F71000
|
unkown
|
page execute read
|
||
|
1000000
|
heap
|
page read and write
|
||
|
7C70000
|
unkown
|
page readonly
|
||
|
7DF4F2461000
|
unkown
|
page execute read
|
||
|
7FF617571000
|
unkown
|
page execute read
|
||
|
9679000
|
stack
|
page read and write
|
||
|
1167D000
|
stack
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
7FF5D75DF000
|
unkown
|
page readonly
|
||
|
2F01000
|
heap
|
page read and write
|
||
|
E4CC000
|
stack
|
page read and write
|
||
|
7FF5CE33D000
|
unkown
|
page readonly
|
||
|
7618000
|
unkown
|
page read and write
|
||
|
7FF5D7289000
|
unkown
|
page readonly
|
||
|
7FF614370000
|
unkown
|
page readonly
|
||
|
7FF5D7215000
|
unkown
|
page readonly
|
||
|
3110000
|
unkown
|
page readonly
|
||
|
73E0000
|
direct allocation
|
page read and write
|
||
|
7FF619D71000
|
unkown
|
page execute read
|
||
|
7FF5D7795000
|
unkown
|
page readonly
|
||
|
5662000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
2F05000
|
heap
|
page read and write
|
||
|
7FF5D75F9000
|
unkown
|
page readonly
|
||
|
F646000
|
unkown
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
2E40000
|
direct allocation
|
page read and write
|
||
|
7FF5D781A000
|
unkown
|
page readonly
|
||
|
362A000
|
unkown
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
7FF5D7740000
|
unkown
|
page readonly
|
||
|
7FF5D779E000
|
unkown
|
page readonly
|
||
|
C625000
|
unkown
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
7FF5D77CD000
|
unkown
|
page readonly
|
||
|
7FF617571000
|
unkown
|
page execute read
|
||
|
A28D000
|
unkown
|
page read and write
|
||
|
7FF5D6BEF000
|
unkown
|
page readonly
|
||
|
7FF5D7272000
|
unkown
|
page readonly
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
8890000
|
unkown
|
page readonly
|
||
|
7FF5D75CB000
|
unkown
|
page readonly
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
2DF8000
|
heap
|
page read and write
|
||
|
7FF614371000
|
unkown
|
page execute read
|
||
|
51BE000
|
heap
|
page read and write
|
||
|
7FF5D783B000
|
unkown
|
page readonly
|
||
|
7FF5D7267000
|
unkown
|
page readonly
|
||
|
8390000
|
unkown
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
7FF5D777A000
|
unkown
|
page readonly
|
||
|
82F000
|
heap
|
page read and write
|
||
|
7FF5D75C1000
|
unkown
|
page readonly
|
||
|
4AE3000
|
unkown
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
2D63000
|
heap
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
7609000
|
unkown
|
page read and write
|
||
|
7FF5D772C000
|
unkown
|
page readonly
|
||
|
BEA0000
|
unkown
|
page readonly
|
||
|
7FF5D752F000
|
unkown
|
page readonly
|
||
|
7FF5D7558000
|
unkown
|
page readonly
|
||
|
A251000
|
unkown
|
page read and write
|
||
|
45A0000
|
trusted library allocation
|
page read and write
|
||
|
6722000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
7AC0000
|
unkown
|
page read and write
|
||
|
7FF617571000
|
unkown
|
page execute read
|
||
|
7FF5D7396000
|
unkown
|
page readonly
|
||
|
A313000
|
unkown
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
F890000
|
heap
|
page read and write
|
||
|
9A92000
|
unkown
|
page read and write
|
||
|
C9A7000
|
unkown
|
page read and write
|
||
|
10F7A000
|
stack
|
page read and write
|
||
|
977E000
|
stack
|
page read and write
|
||
|
11B1000
|
unkown
|
page read and write
|
||
|
832000
|
heap
|
page read and write
|
||
|
7FF5D77FD000
|
unkown
|
page readonly
|
||
|
CAFF000
|
unkown
|
page read and write
|
||
|
4FC1000
|
unkown
|
page execute read
|
||
|
7FF617F71000
|
unkown
|
page execute read
|
||
|
7DBD000
|
stack
|
page read and write
|
||
|
7FF61A771000
|
unkown
|
page execute read
|
||
|
7FF5D6BE4000
|
unkown
|
page readonly
|
||
|
F584000
|
unkown
|
page read and write
|
||
|
7FF5D7442000
|
unkown
|
page readonly
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
4986000
|
unkown
|
page read and write
|
||
|
41E000
|
unkown
|
page read and write
|
||
|
75FD000
|
unkown
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
6160000
|
direct allocation
|
page read and write
|
||
|
1117D000
|
stack
|
page read and write
|
||
|
BB10000
|
heap
|
page read and write
|
||
|
7FF5D75B8000
|
unkown
|
page readonly
|
||
|
56E6000
|
heap
|
page read and write
|
||
|
7686000
|
unkown
|
page read and write
|
||
|
CA24000
|
unkown
|
page read and write
|
||
|
2E01000
|
heap
|
page read and write
|
||
|
5829000
|
heap
|
page read and write
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
76F8000
|
unkown
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
768E000
|
unkown
|
page read and write
|
||
|
F6CB000
|
unkown
|
page read and write
|
||
|
55E2000
|
heap
|
page read and write
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
31BC000
|
stack
|
page read and write
|
||
|
9AAC000
|
unkown
|
page read and write
|
||
|
F744000
|
unkown
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
F91E000
|
stack
|
page read and write
|
||
|
5AE0000
|
direct allocation
|
page read and write
|
||
|
7FF5D7820000
|
unkown
|
page readonly
|
||
|
586A000
|
heap
|
page read and write
|
||
|
3626000
|
unkown
|
page read and write
|
||
|
FF0000
|
unkown
|
page readonly
|
||
|
2E81000
|
heap
|
page read and write
|
||
|
7FF619D71000
|
unkown
|
page execute read
|
||
|
C472000
|
unkown
|
page read and write
|
||
|
7FF614D71000
|
unkown
|
page execute read
|
||
|
7FF5D7465000
|
unkown
|
page readonly
|
||
|
7FF5D7534000
|
unkown
|
page readonly
|
||
|
89B000
|
heap
|
page read and write
|
||
|
A233000
|
unkown
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
7FF5D7065000
|
unkown
|
page readonly
|
||
|
118FE000
|
stack
|
page read and write
|
||
|
50E0000
|
direct allocation
|
page read and write
|
||
|
3400000
|
unkown
|
page read and write
|
||
|
1127D000
|
stack
|
page read and write
|
||
|
CBA0000
|
unkown
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
F684000
|
unkown
|
page read and write
|
||
|
2D52000
|
heap
|
page read and write
|
||
|
7FF618971000
|
unkown
|
page execute read
|
||
|
4A0E000
|
unkown
|
page read and write
|
||
|
4A71000
|
unkown
|
page read and write
|
||
|
327D000
|
stack
|
page read and write
|
||
|
31FD000
|
stack
|
page read and write
|
||
|
9AB4000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5661000
|
heap
|
page read and write
|
||
|
51B4000
|
heap
|
page read and write
|
||
|
51B1000
|
heap
|
page read and write
|
||
|
11B7D000
|
stack
|
page read and write
|
||
|
5662000
|
heap
|
page read and write
|
||
|
53E1000
|
unkown
|
page read and write
|
||
|
7FF61A771000
|
unkown
|
page execute read
|
||
|
7FF5D76D5000
|
unkown
|
page readonly
|
||
|
761E000
|
unkown
|
page read and write
|
||
|
51A4000
|
heap
|
page read and write
|
||
|
760B000
|
unkown
|
page read and write
|
||
|
AA04000
|
unkown
|
page read and write
|
||
|
7FF5D7641000
|
unkown
|
page readonly
|
||
|
7FF5D760D000
|
unkown
|
page readonly
|
||
|
7FF5D776F000
|
unkown
|
page readonly
|
||
|
AA01000
|
unkown
|
page read and write
|
||
|
3170000
|
unkown
|
page read and write
|
||
|
7605000
|
unkown
|
page read and write
|
||
|
2E81000
|
heap
|
page read and write
|
||
|
3192000
|
heap
|
page read and write
|
||
|
868000
|
heap
|
page read and write
|
||
|
9EB0000
|
unkown
|
page readonly
|
||
|
110FD000
|
stack
|
page read and write
|
||
|
2358000
|
heap
|
page read and write
|
||
|
C24E000
|
stack
|
page read and write
|
||
|
4A44000
|
unkown
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
7FF618971000
|
unkown
|
page execute read
|
||
|
7611000
|
unkown
|
page read and write
|
||
|
7FF5D7236000
|
unkown
|
page readonly
|
||
|
5561000
|
heap
|
page read and write
|
||
|
7DF4F2480000
|
unkown
|
page readonly
|
||
|
7FF616171000
|
unkown
|
page execute read
|
||
|
52A2000
|
direct allocation
|
page read and write
|
||
|
C615000
|
unkown
|
page read and write
|
||
|
35F4000
|
unkown
|
page read and write
|
||
|
114FD000
|
stack
|
page read and write
|
||
|
7FF5D7682000
|
unkown
|
page readonly
|
||
|
7FF5D7458000
|
unkown
|
page readonly
|
||
|
7FF5D71F9000
|
unkown
|
page readonly
|
||
|
8C39000
|
stack
|
page read and write
|
||
|
5661000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
A3B9000
|
unkown
|
page read and write
|
||
|
C4DC000
|
unkown
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
8E4D000
|
stack
|
page read and write
|
||
|
5BE0000
|
direct allocation
|
page read and write
|
||
|
55E1000
|
heap
|
page read and write
|
||
|
57E6000
|
heap
|
page read and write
|
||
|
5FFA000
|
direct allocation
|
page read and write
|
||
|
5662000
|
heap
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
5661000
|
heap
|
page read and write
|
||
|
7FF5D717C000
|
unkown
|
page readonly
|
||
|
112FD000
|
stack
|
page read and write
|
||
|
C3CD000
|
stack
|
page read and write
|
||
|
231C000
|
stack
|
page read and write
|
||
|
7DC0000
|
unkown
|
page readonly
|
||
|
4A16000
|
unkown
|
page read and write
|
||
|
A2A2000
|
unkown
|
page read and write
|
||
|
5662000
|
heap
|
page read and write
|
||
|
5826000
|
heap
|
page read and write
|
||
|
6620000
|
heap
|
page read and write
|
||
|
B0BD000
|
stack
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
84BB000
|
stack
|
page read and write
|
||
|
89FD000
|
stack
|
page read and write
|
||
|
7C31000
|
unkown
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
7FF5D7073000
|
unkown
|
page readonly
|
||
|
1137D000
|
stack
|
page read and write
|
||
|
7FF5D7075000
|
unkown
|
page readonly
|
||
|
58E0000
|
direct allocation
|
page read and write
|
||
|
7637000
|
unkown
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
8A70000
|
unkown
|
page read and write
|
||
|
49C2000
|
unkown
|
page read and write
|
||
|
83D000
|
heap
|
page read and write
|
||
|
5480000
|
direct allocation
|
page read and write
|
||
|
7FF5D732D000
|
unkown
|
page readonly
|
||
|
7FF5D76AF000
|
unkown
|
page readonly
|
||
|
C78A000
|
unkown
|
page read and write
|
||
|
448000
|
unkown
|
page read and write
|
||
|
8DCB000
|
stack
|
page read and write
|
||
|
C800000
|
unkown
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
3140000
|
unkown
|
page read and write
|
||
|
86E0000
|
unkown
|
page readonly
|
||
|
7FF5D7669000
|
unkown
|
page readonly
|
||
|
649E000
|
direct allocation
|
page read and write
|
||
|
3001000
|
heap
|
page read and write
|
||
|
7435000
|
stack
|
page read and write
|
||
|
2DFE000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
7FF5D728E000
|
unkown
|
page readonly
|
||
|
57E5000
|
heap
|
page read and write
|
||
|
7FF5D7546000
|
unkown
|
page readonly
|
||
|
9AF9000
|
unkown
|
page read and write
|
||
|
7FF615771000
|
unkown
|
page execute read
|
||
|
119FD000
|
stack
|
page read and write
|
||
|
7FF614371000
|
unkown
|
page execute read
|
||
|
C5F8000
|
unkown
|
page read and write
|
||
|
7FF5D760B000
|
unkown
|
page readonly
|
||
|
B330000
|
unkown
|
page read and write
|
||
|
7FF5D720F000
|
unkown
|
page readonly
|
||
|
7FF5D7722000
|
unkown
|
page readonly
|
||
|
7B20000
|
unkown
|
page read and write
|
||
|
7FF5D7455000
|
unkown
|
page readonly
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
C653000
|
unkown
|
page read and write
|
||
|
8880000
|
unkown
|
page readonly
|
||
|
33B0000
|
unkown
|
page readonly
|
||
|
7FF5D7419000
|
unkown
|
page readonly
|
||
|
C669000
|
unkown
|
page read and write
|
||
|
C46F000
|
unkown
|
page read and write
|
||
|
7FF5D7284000
|
unkown
|
page readonly
|
||
|
4FC4000
|
unkown
|
page readonly
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
7FF614370000
|
unkown
|
page readonly
|
||
|
C48B000
|
unkown
|
page read and write
|
||
|
7FF5D7593000
|
unkown
|
page readonly
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
576A000
|
heap
|
page read and write
|
||
|
C035000
|
stack
|
page read and write
|
||
|
843F000
|
stack
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
7FF61B171000
|
unkown
|
page execute read
|
||
|
2D68000
|
heap
|
page read and write
|
||
|
2D61000
|
heap
|
page read and write
|
||
|
7FF614371000
|
unkown
|
page execute read
|
||
|
C62D000
|
unkown
|
page read and write
|
||
|
639E000
|
direct allocation
|
page read and write
|
||
|
A9E9000
|
unkown
|
page read and write
|
||
|
7DF4F24A1000
|
unkown
|
page execute read
|
||
|
5826000
|
heap
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF615771000
|
unkown
|
page execute read
|
||
|
7DF4F2471000
|
unkown
|
page execute read
|
||
|
C980000
|
unkown
|
page read and write
|
||
|
57E9000
|
heap
|
page read and write
|
||
|
7B60000
|
unkown
|
page readonly
|
||
|
7CB0000
|
unkown
|
page readonly
|
||
|
A384000
|
unkown
|
page read and write
|
||
|
7FF5D75FF000
|
unkown
|
page readonly
|
||
|
7FF5D7760000
|
unkown
|
page readonly
|
||
|
C621000
|
unkown
|
page read and write
|
||
|
35B5000
|
unkown
|
page read and write
|
||
|
7FF5D7648000
|
unkown
|
page readonly
|
||
|
7654000
|
unkown
|
page read and write
|
||
|
75E0000
|
unkown
|
page read and write
|
||
|
9B2C000
|
unkown
|
page read and write
|
||
|
2DEF000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
5765000
|
heap
|
page read and write
|
||
|
64CD000
|
direct allocation
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
4AD3000
|
unkown
|
page read and write
|
||
|
7FF5D723F000
|
unkown
|
page readonly
|
||
|
A3C3000
|
unkown
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
94F2000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
5826000
|
heap
|
page read and write
|
||
|
7FF619D71000
|
unkown
|
page execute read
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
7FF5D75F2000
|
unkown
|
page readonly
|
||
|
7FF5D706E000
|
unkown
|
page readonly
|
||
|
C617000
|
unkown
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
CAD0000
|
unkown
|
page read and write
|
||
|
7FF5D723C000
|
unkown
|
page readonly
|
||
|
6761000
|
heap
|
page read and write
|
||
|
7FF615771000
|
unkown
|
page execute read
|
||
|
8BA000
|
heap
|
page read and write
|
||
|
997C000
|
stack
|
page read and write
|
||
|
2D7D000
|
heap
|
page read and write
|
||
|
7FF5D7705000
|
unkown
|
page readonly
|
||
|
7FF5D72D0000
|
unkown
|
page readonly
|
||
|
C460000
|
unkown
|
page read and write
|
||
|
4A93000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
1340000
|
unkown
|
page read and write
|
||
|
CA76000
|
unkown
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
7FF5D7482000
|
unkown
|
page readonly
|
||
|
9AB2000
|
unkown
|
page read and write
|
||
|
7FF5D7591000
|
unkown
|
page readonly
|
||
|
7FF5D7391000
|
unkown
|
page readonly
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
317F000
|
stack
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
C970000
|
unkown
|
page read and write
|
||
|
C663000
|
unkown
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
4AA3000
|
unkown
|
page read and write
|
||
|
BB0D000
|
stack
|
page read and write
|
||
|
B7DB000
|
stack
|
page read and write
|
||
|
7FF5D75AF000
|
unkown
|
page readonly
|
||
|
2F1C000
|
heap
|
page read and write
|
||
|
5463000
|
unkown
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
1157D000
|
stack
|
page read and write
|
||
|
C5F4000
|
unkown
|
page read and write
|
||
|
113FD000
|
stack
|
page read and write
|
||
|
35CF000
|
unkown
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
F75F000
|
unkown
|
page read and write
|
||
|
9AA0000
|
unkown
|
page read and write
|
||
|
F74A000
|
unkown
|
page read and write
|
||
|
7FF5D77F7000
|
unkown
|
page readonly
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
362D000
|
unkown
|
page read and write
|
||
|
887000
|
heap
|
page read and write
|
||
|
8CB8000
|
stack
|
page read and write
|
||
|
7FF5D77DD000
|
unkown
|
page readonly
|
||
|
9A72000
|
unkown
|
page read and write
|
||
|
2DA7000
|
heap
|
page read and write
|
||
|
3160000
|
unkown
|
page read and write
|
||
|
7FF5D73F5000
|
unkown
|
page readonly
|
||
|
51B3000
|
heap
|
page read and write
|
||
|
7FF5D76E8000
|
unkown
|
page readonly
|
||
|
7FF5D7507000
|
unkown
|
page readonly
|
||
|
82D000
|
heap
|
page read and write
|
||
|
9A98000
|
unkown
|
page read and write
|
||
|
845000
|
heap
|
page read and write
|
||
|
1197D000
|
stack
|
page read and write
|
||
|
C5FA000
|
unkown
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
7FF5D7257000
|
unkown
|
page readonly
|
||
|
7FF616171000
|
unkown
|
page execute read
|
||
|
97FE000
|
stack
|
page read and write
|
||
|
7FF5D77C7000
|
unkown
|
page readonly
|
||
|
7DD0000
|
heap
|
page read and write
|
||
|
5621000
|
heap
|
page read and write
|
||
|
7FF616B71000
|
unkown
|
page execute read
|
||
|
7FF5D7309000
|
unkown
|
page readonly
|
||
|
7FF5D7589000
|
unkown
|
page readonly
|
||
|
7FF5D6AB6000
|
unkown
|
page readonly
|
||
|
F6C2000
|
unkown
|
page read and write
|
||
|
51A6000
|
heap
|
page read and write
|
||
|
7FF5D74F2000
|
unkown
|
page readonly
|
||
|
304A000
|
unkown
|
page read and write
|
||
|
40E000
|
unkown
|
page read and write
|
||
|
7FF5D7797000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
C4C6000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
7FF5D7450000
|
unkown
|
page readonly
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
7FF5D77E0000
|
unkown
|
page readonly
|
||
|
876000
|
heap
|
page read and write
|
||
|
760D000
|
unkown
|
page read and write
|
||
|
1160000
|
unkown
|
page read and write
|
||
|
C61D000
|
unkown
|
page read and write
|
||
|
35C1000
|
unkown
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
A3AA000
|
unkown
|
page read and write
|
||
|
2E46000
|
heap
|
page read and write
|
||
|
85BE000
|
stack
|
page read and write
|
||
|
469000
|
unkown
|
page read and write
|
||
|
65E1000
|
heap
|
page read and write
|
||
|
9FAF000
|
stack
|
page read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
A39F000
|
unkown
|
page read and write
|
||
|
7FF5D749B000
|
unkown
|
page readonly
|
||
|
7FF5D766E000
|
unkown
|
page readonly
|
||
|
9A76000
|
unkown
|
page read and write
|
||
|
2F81000
|
heap
|
page read and write
|
||
|
760F000
|
unkown
|
page read and write
|
||
|
9578000
|
stack
|
page read and write
|
||
|
A2D7000
|
unkown
|
page read and write
|
||
|
2F38000
|
heap
|
page read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
CAC2000
|
unkown
|
page read and write
|
||
|
BE49000
|
stack
|
page read and write
|
||
|
2F41000
|
heap
|
page read and write
|
||
|
7DF4F2481000
|
unkown
|
page execute read
|
||
|
7AF1000
|
unkown
|
page read and write
|
||
|
7FF5D7280000
|
unkown
|
page readonly
|
||
|
A12F000
|
stack
|
page read and write
|
||
|
308B000
|
heap
|
page read and write
|
||
|
A408000
|
unkown
|
page read and write
|
||
|
6186000
|
direct allocation
|
page read and write
|
||
|
7FF5D77EB000
|
unkown
|
page readonly
|
||
|
C974000
|
unkown
|
page read and write
|
||
|
5826000
|
heap
|
page read and write
|
||
|
2F7E000
|
stack
|
page read and write
|
||
|
AA21000
|
unkown
|
page read and write
|
||
|
7FF5D7385000
|
unkown
|
page readonly
|
||
|
7FF5D747F000
|
unkown
|
page readonly
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
AA40000
|
unkown
|
page read and write
|
||
|
11A7D000
|
stack
|
page read and write
|
||
|
7FF5D75E9000
|
unkown
|
page readonly
|
||
|
C496000
|
unkown
|
page read and write
|
||
|
C968000
|
unkown
|
page read and write
|
||
|
7FF5D72BD000
|
unkown
|
page readonly
|
||
|
5661000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
E92D000
|
stack
|
page read and write
|
||
|
7FF5D71A6000
|
unkown
|
page readonly
|
||
|
7FF5D751F000
|
unkown
|
page readonly
|
||
|
9ABD000
|
unkown
|
page read and write
|
||
|
11C0000
|
unkown
|
page readonly
|
||
|
51B9000
|
heap
|
page read and write
|
||
|
AA9F000
|
unkown
|
page read and write
|
||
|
5725000
|
heap
|
page read and write
|
||
|
7FF5D720A000
|
unkown
|
page readonly
|
||
|
2D4B000
|
heap
|
page read and write
|
||
|
582D000
|
heap
|
page read and write
|
||
|
6762000
|
heap
|
page read and write
|
||
|
F13000
|
heap
|
page read and write
|
||
|
7FF5D71CC000
|
unkown
|
page readonly
|
||
|
9ADB000
|
unkown
|
page read and write
|
||
|
BF3E000
|
stack
|
page read and write
|
||
|
7FF5D77B6000
|
unkown
|
page readonly
|
||
|
3630000
|
unkown
|
page readonly
|
||
|
7FF5D7360000
|
unkown
|
page readonly
|
||
|
99B0000
|
unkown
|
page read and write
|
||
|
4FD1000
|
heap
|
page read and write
|
||
|
96000
|
stack
|
page read and write
|
||
|
4B00000
|
unkown
|
page read and write
|
||
|
7FF5D748C000
|
unkown
|
page readonly
|
||
|
CB60000
|
unkown
|
page read and write
|
||
|
1731000
|
unkown
|
page readonly
|
||
|
6660000
|
heap
|
page read and write
|
||
|
7FF5D7425000
|
unkown
|
page readonly
|
||
|
35FA000
|
unkown
|
page read and write
|
||
|
A3B6000
|
unkown
|
page read and write
|
||
|
1250000
|
unkown
|
page read and write
|
||
|
7FF5D75D6000
|
unkown
|
page readonly
|
||
|
55E1000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
5728000
|
heap
|
page read and write
|
||
|
C1CC000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
35CD000
|
unkown
|
page read and write
|
||
|
BE90000
|
unkown
|
page read and write
|
||
|
C892000
|
unkown
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
1147D000
|
stack
|
page read and write
|
||
|
50E7000
|
heap
|
page read and write
|
||
|
2FF9000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
A3AC000
|
unkown
|
page read and write
|
||
|
C605000
|
unkown
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
F87D000
|
stack
|
page read and write
|
||
|
7AE0000
|
unkown
|
page read and write
|
||
|
289D000
|
stack
|
page read and write
|
||
|
872000
|
heap
|
page read and write
|
||
|
7FF5D7764000
|
unkown
|
page readonly
|
||
|
54E1000
|
heap
|
page read and write
|
||
|
33C0000
|
unkown
|
page read and write
|
||
|
6661000
|
heap
|
page read and write
|
||
|
7FF5D745B000
|
unkown
|
page readonly
|
||
|
7FF5D66E3000
|
unkown
|
page readonly
|
||
|
CB53000
|
unkown
|
page read and write
|
||
|
BFB8000
|
stack
|
page read and write
|
||
|
7B00000
|
unkown
|
page readonly
|
||
|
75F8000
|
unkown
|
page read and write
|
||
|
5C20000
|
direct allocation
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
7B80000
|
unkown
|
page readonly
|
||
|
7FF5D716B000
|
unkown
|
page readonly
|
||
|
7FF5D72BF000
|
unkown
|
page readonly
|
||
|
5400000
|
direct allocation
|
page read and write
|
||
|
7FF5D77E9000
|
unkown
|
page readonly
|
||
|
C978000
|
unkown
|
page read and write
|
||
|
1187D000
|
stack
|
page read and write
|
||
|
8A7000
|
heap
|
page read and write
|
||
|
A220000
|
unkown
|
page read and write
|
||
|
9A8C000
|
unkown
|
page read and write
|
||
|
57EA000
|
heap
|
page read and write
|
||
|
56E8000
|
heap
|
page read and write
|
||
|
F73D000
|
unkown
|
page read and write
|
||
|
3489000
|
stack
|
page read and write
|
||
|
7440000
|
unkown
|
page read and write
|
||
|
55E0000
|
heap
|
page read and write
|
||
|
56E5000
|
heap
|
page read and write
|
||
|
7FF5D71AF000
|
unkown
|
page readonly
|
||
|
610000
|
heap
|
page read and write
|
||
|
57A5000
|
heap
|
page read and write
|
||
|
61E0000
|
direct allocation
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
32BD000
|
stack
|
page read and write
|
||
|
C806000
|
unkown
|
page read and write
|
||
|
C984000
|
unkown
|
page read and write
|
||
|
2D4C000
|
heap
|
page read and write
|
||
|
4FC2000
|
unkown
|
page readonly
|
There are 973 hidden memdumps, click here to show them.