Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
New Order #60-23095840024.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Idonna
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\New Order #60-23095840024.exe
|
"C:\Users\user\Desktop\New Order #60-23095840024.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\New Order #60-23095840024.exe"
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
|
|
|
C:\Windows\SysWOW64\explorer.exe
|
"C:\Windows\SysWOW64\explorer.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/c del "C:\Windows\SysWOW64\svchost.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.orsaperevod.online/e62s/
|
|
||
|
https://aka.ms/odirmr
|
unknown
|
||
|
http://www.iktokonline.pro/e62s/
|
unknown
|
||
|
http://www.oftfolio.onlineReferer:
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
|
unknown
|
||
|
http://www.ahealthcaretrends2.bond/e62s/
|
unknown
|
||
|
http://www.wdie3162.vipReferer:
|
unknown
|
||
|
https://api.msn.com:443/v1/news/Feed/Windows?
|
unknown
|
||
|
https://excel.office.com
|
unknown
|
||
|
http://www.roliig.top/e62s/www.zitcd65k3.buzz
|
unknown
|
||
|
http://www.6snf.shop/e62s/www.roliig.top
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
|
unknown
|
||
|
https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
|
unknown
|
||
|
http://www.heirbuzzwords.buzz
|
unknown
|
||
|
http://www.atangtoto4.click/e62s/
|
unknown
|
||
|
http://www.6snf.shop/e62s/
|
unknown
|
||
|
http://www.3llyb.vip
|
unknown
|
||
|
http://www.zitcd65k3.buzz/e62s/
|
unknown
|
||
|
http://www.heirbuzzwords.buzz/e62s/www.atangtoto4.click
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
|
unknown
|
||
|
http://www.orsaperevod.online
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
|
unknown
|
||
|
http://www.mwquas.xyz/e62s/
|
unknown
|
||
|
http://www.ahealthcaretrends2.bond
|
unknown
|
||
|
http://www.wdie3162.vip/e62s/
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
https://wns.windows.com/L
|
unknown
|
||
|
http://www.orsaperevod.onlineReferer:
|
unknown
|
||
|
https://word.office.com
|
unknown
|
||
|
http://www.ighrane.online/e62s/
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
|
unknown
|
||
|
https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
|
unknown
|
||
|
http://www.angbaojia.topReferer:
|
unknown
|
||
|
https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
http://schemas.micr
|
unknown
|
||
|
http://www.angbaojia.top
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
|
unknown
|
||
|
http://www.zitcd65k3.buzzReferer:
|
unknown
|
||
|
http://www.orsaperevod.online/e62s/www.oftfolio.online
|
unknown
|
||
|
http://www.ighrane.online
|
unknown
|
||
|
http://www.atangtoto4.clickReferer:
|
unknown
|
||
|
http://www.ahealthcaretrends2.bond/e62s/www.3llyb.vip
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
|
unknown
|
||
|
http://www.3llyb.vip/e62s/www.1539.app
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
|
unknown
|
||
|
https://www.rd.com/list/polite-habits-campers-dislike/
|
unknown
|
||
|
http://www.oftfolio.online
|
unknown
|
||
|
https://android.notify.windows.com/iOS
|
unknown
|
||
|
http://www.zitcd65k3.buzz
|
unknown
|
||
|
https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
|
unknown
|
||
|
https://outlook.com_
|
unknown
|
||
|
http://www.angbaojia.top/e62s/www.6snf.shop
|
unknown
|
||
|
http://www.angbaojia.top/e62s/
|
unknown
|
||
|
http://www.oftfolio.online/e62s/
|
unknown
|
||
|
https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
|
unknown
|
||
|
https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
|
unknown
|
||
|
http://schemas.mi
|
unknown
|
||
|
http://www.gstudio-ai.homesReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
|
unknown
|
||
|
https://powerpoint.office.comcember
|
unknown
|
||
|
http://www.mwquas.xyzReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
|
unknown
|
||
|
http://schemas.micro
|
unknown
|
||
|
http://www.oftfolio.online/e62s/www.angbaojia.top
|
unknown
|
||
|
http://www.atangtoto4.click
|
unknown
|
||
|
http://www.1539.app/e62s/
|
unknown
|
||
|
https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
http://www.heirbuzzwords.buzz/e62s/
|
unknown
|
||
|
http://www.1539.app
|
unknown
|
||
|
http://www.mwquas.xyz
|
unknown
|
||
|
http://www.ighrane.online/e62s/www.mwquas.xyz
|
unknown
|
||
|
http://www.ighrane.onlineReferer:
|
unknown
|
||
|
http://www.wdie3162.vip
|
unknown
|
||
|
http://www.1539.appReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
|
unknown
|
||
|
https://api.msn.com/q
|
unknown
|
||
|
http://www.gstudio-ai.homes/e62s/www.iktokonline.pro
|
unknown
|
||
|
https://api.msn.com/v1/news/Feed/Windows?activityId=0CC40BF291614022B7DF6E2143E8A6AF&timeOut=5000&oc
|
unknown
|
||
|
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/biden-makes-decision-that-will-impact-more-than-1
|
unknown
|
||
|
http://www.orsaperevod.online/e62s/
|
unknown
|
||
|
https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu-dark
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/13-states-that-don-t-tax-your-retirement-income/ar-A
|
unknown
|
||
|
http://www.roliig.top
|
unknown
|
||
|
http://www.atangtoto4.click/e62s/www.ighrane.online
|
unknown
|
||
|
http://www.iktokonline.pro/e62s/www.ahealthcaretrends2.bond
|
unknown
|
||
|
http://www.zitcd65k3.buzz/e62s/www.heirbuzzwords.buzz
|
unknown
|
||
|
http://www.heirbuzzwords.buzzReferer:
|
unknown
|
||
|
http://www.iktokonline.pro
|
unknown
|
||
|
https://www.msn.com/en-us/news/topic/breast%20cancer%20awareness%20month?ocid=winp1headerevent
|
unknown
|
||
|
http://www.gstudio-ai.homes/e62s/
|
unknown
|
||
|
https://aka.ms/Vh5j3k
|
unknown
|
||
|
http://www.6snf.shop
|
unknown
|
||
|
https://api.msn.com/v1/news/Feed/Windows?&
|
unknown
|
||
|
http://www.6snf.shopReferer:
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/humidity.svg
|
unknown
|
||
|
http://www.wdie3162.vip/e62s/www.orsaperevod.online
|
unknown
|
||
|
http://www.roliig.top/e62s/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.atangtoto4.click
|
unknown
|
|
|
|
www.oftfolio.online
|
unknown
|
|
|
|
www.angbaojia.top
|
unknown
|
|
|
|
www.6snf.shop
|
unknown
|
|
|
|
www.orsaperevod.online
|
unknown
|
|
|
|
www.ighrane.online
|
unknown
|
|
|
|
www.wdie3162.vip
|
unknown
|
|
|
|
www.zitcd65k3.buzz
|
unknown
|
|
|
|
www.heirbuzzwords.buzz
|
unknown
|
|
|
|
www.roliig.top
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@explorerframe.dll,-13137
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@explorerframe.dll,-13138
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
|
Unpacker
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
TaskbarStateLastRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
|
AutoIt3Script
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
|
WMP11.AssocFile.AVI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
|
CABFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
|
CSSfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
|
Excel.CSV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
|
ddsfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
|
dllfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
|
Word.Document.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
|
Word.DocumentMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
|
Word.Document.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
|
Word.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
|
Word.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
|
Word.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
|
emffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
|
exefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
|
WMP11.AssocFile.FLAC
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
|
fonfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
|
giffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
|
icofile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
|
inffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
|
inifile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
|
pjpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
|
lnkfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
|
WMP11.AssocFile.m3u
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
|
WMP11.AssocFile.M4A
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
|
WMP11.AssocFile.MK3D
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
|
WMP11.AssocFile.MKA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
|
WMP11.AssocFile.MKV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
|
WMP11.AssocFile.MOV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
|
Outlook.File.msg.15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
|
ocxfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
|
PowerPoint.OpenDocumentPresentation.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
|
Excel.OpenDocumentSpreadsheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
|
Word.OpenDocumentText.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
|
otffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
|
pngfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
|
PowerPoint.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
|
PowerPoint.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
|
PowerPoint.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
|
PowerPoint.Addin.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
|
PowerPoint.SlideShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
|
PowerPoint.SlideShow.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
|
PowerPoint.Show.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
|
PowerPoint.ShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
|
PowerPoint.Show.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
|
Microsoft.PowerShellScript.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
|
Microsoft.PowerShellXMLData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
|
Microsoft.PowerShellData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
|
Microsoft.PowerShellModule.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
|
Microsoft.PowerShellSessionConfiguration.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
|
rlefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
|
Word.RTF.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
|
SHCmdFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
|
SearchFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
|
shtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
|
PowerPoint.SlideMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
|
PowerPoint.Slide.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
|
sysfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
|
ttcfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
|
ttffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
|
txtfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
|
bootstrap.vsto.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
|
WMP11.AssocFile.WAV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
|
WMP11.AssocFile.WAX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
|
WMP11.AssocFile.WMA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
|
wmffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
|
WMP11.AssocFile.WMV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
|
WMP11.AssocFile.WPL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
|
WMP11.AssocFile.WVX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
|
Excel.AddInMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
|
Excel.Sheet.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
|
Excel.SheetBinaryMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
|
Excel.SheetMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
|
Excel.Sheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
|
Excel.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
|
Excel.TemplateMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
|
Excel.Template
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
|
xmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
|
xslfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
TaskbarStateLastRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
TaskbarStateLastRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
TaskbarStateLastRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
|
TaskbarStateLastRun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
|
Implementing
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
There are 211 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F00000
|
unclassified section
|
page execute and read and write
|
|
|
|
26D1000
|
system
|
page execute read
|
|
|
|
2F60000
|
trusted library allocation
|
page read and write
|
|
|
|
2ED0000
|
unclassified section
|
page execute and read and write
|
|
|
|
2F30000
|
unclassified section
|
page execute and read and write
|
|
|
|
2CB0000
|
system
|
page execute and read and write
|
|
|
|
379E000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
7FF5ED1CB000
|
unkown
|
page readonly
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
CA43000
|
unkown
|
page read and write
|
||
|
44F7000
|
heap
|
page read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
CA43000
|
unkown
|
page read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
45AF000
|
heap
|
page read and write
|
||
|
FDEC000
|
unkown
|
page read and write
|
||
|
4AFA000
|
heap
|
page read and write
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
459D000
|
heap
|
page read and write
|
||
|
7953000
|
unkown
|
page read and write
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
E7E0000
|
system
|
page execute and read and write
|
||
|
4A40000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
463B000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
5409000
|
heap
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
2FC6000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
AB03000
|
unkown
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
2C7C000
|
stack
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
379E000
|
unkown
|
page read and write
|
||
|
C9CF000
|
unkown
|
page read and write
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
9B00000
|
heap
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
18A0000
|
unkown
|
page readonly
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
44FB000
|
heap
|
page read and write
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
10F2F000
|
system
|
page read and write
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
58EB000
|
heap
|
page read and write
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
4941000
|
heap
|
page read and write
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
CAF7000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
45A8000
|
heap
|
page read and write
|
||
|
45A1000
|
heap
|
page read and write
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
CA97000
|
unkown
|
page read and write
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
45A6000
|
heap
|
page read and write
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
44F0000
|
heap
|
page read and write
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
FF6A000
|
heap
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
44F6000
|
heap
|
page read and write
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
7FF5ED885000
|
unkown
|
page readonly
|
||
|
E890000
|
system
|
page execute and read and write
|
||
|
539E000
|
unclassified section
|
page execute and read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
7FF5ED52F000
|
unkown
|
page readonly
|
||
|
818E000
|
stack
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
44F2000
|
heap
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
F8FB000
|
unkown
|
page read and write
|
||
|
7FF5ED28E000
|
unkown
|
page readonly
|
||
|
C9A8000
|
unkown
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
CB66000
|
unkown
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
FDD4000
|
unkown
|
page read and write
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
2FC6000
|
heap
|
page read and write
|
||
|
FE03000
|
unkown
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
CA75000
|
unkown
|
page read and write
|
||
|
463B000
|
heap
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
44F6000
|
heap
|
page read and write
|
||
|
FDD5000
|
unkown
|
page read and write
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
44FF000
|
heap
|
page read and write
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
44FF000
|
heap
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
2B01000
|
heap
|
page read and write
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
5390000
|
unclassified section
|
page execute and read and write
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
1220000
|
unkown
|
page readonly
|
||
|
4637000
|
heap
|
page read and write
|
||
|
5354000
|
unclassified section
|
page execute and read and write
|
||
|
C851000
|
unkown
|
page read and write
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
44FE000
|
heap
|
page read and write
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
33D1000
|
direct allocation
|
page execute and read and write
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
7FF5ED1FC000
|
unkown
|
page readonly
|
||
|
CA92000
|
unkown
|
page read and write
|
||
|
7953000
|
unkown
|
page read and write
|
||
|
2A05000
|
heap
|
page read and write
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
CA83000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
CB19000
|
unkown
|
page read and write
|
||
|
9836000
|
unkown
|
page read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
9081000
|
unkown
|
page read and write
|
||
|
997A000
|
unkown
|
page read and write
|
||
|
94F000
|
system
|
page execute and read and write
|
||
|
CA97000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
4595000
|
heap
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
4C9A000
|
unkown
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
4649000
|
heap
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
3601000
|
heap
|
page read and write
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
CA8B000
|
unkown
|
page read and write
|
||
|
F97B000
|
unkown
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
45A5000
|
heap
|
page read and write
|
||
|
45A3000
|
heap
|
page read and write
|
||
|
CB69000
|
unkown
|
page read and write
|
||
|
4AE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FE8000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
26F0000
|
system
|
page execute read
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
26D0000
|
system
|
page execute and read and write
|
||
|
4941000
|
heap
|
page read and write
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
2FCC000
|
heap
|
page read and write
|
||
|
991A000
|
unkown
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
2813000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
44FA000
|
heap
|
page read and write
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
CA14000
|
unkown
|
page read and write
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
943B000
|
stack
|
page read and write
|
||
|
CAFC000
|
unkown
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
2FCD000
|
heap
|
page read and write
|
||
|
44F8000
|
heap
|
page read and write
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
3029000
|
heap
|
page read and write
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
2C3C000
|
stack
|
page read and write
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
991C000
|
unkown
|
page read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
36D5000
|
stack
|
page read and write
|
||
|
CB34000
|
unkown
|
page read and write
|
||
|
2FA8000
|
heap
|
page read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
5410000
|
heap
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
CB3A000
|
unkown
|
page read and write
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
87BA000
|
stack
|
page read and write
|
||
|
44FC000
|
heap
|
page read and write
|
||
|
CAED000
|
unkown
|
page read and write
|
||
|
C9E7000
|
unkown
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
53E8000
|
heap
|
page read and write
|
||
|
44F6000
|
heap
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
C9AB000
|
unkown
|
page read and write
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
4592000
|
heap
|
page read and write
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
4F71000
|
direct allocation
|
page execute and read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
8108000
|
stack
|
page read and write
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
4E10000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
2813000
|
heap
|
page read and write
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
E5F0000
|
system
|
page execute and read and write
|
||
|
937000
|
system
|
page execute and read and write
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
5921000
|
heap
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
4C8A000
|
unkown
|
page read and write
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
5403000
|
heap
|
page read and write
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED1BC000
|
unkown
|
page readonly
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
7FF5ED674000
|
unkown
|
page readonly
|
||
|
35E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
F9F4000
|
unkown
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
AAFD000
|
unkown
|
page read and write
|
||
|
45AC000
|
heap
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
464B000
|
heap
|
page read and write
|
||
|
CA75000
|
unkown
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
8CED000
|
stack
|
page read and write
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
C56F000
|
unkown
|
page read and write
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
FDFF000
|
unkown
|
page read and write
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
7FF5ED676000
|
unkown
|
page readonly
|
||
|
26EF000
|
system
|
page execute and read and write
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
5417000
|
heap
|
page read and write
|
||
|
45A9000
|
heap
|
page read and write
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
1505000
|
heap
|
page read and write
|
||
|
329E000
|
direct allocation
|
page execute and read and write
|
||
|
CAFC000
|
unkown
|
page read and write
|
||
|
30E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
316F000
|
stack
|
page read and write
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
951000
|
system
|
page execute and read and write
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
F976000
|
unkown
|
page read and write
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
591E000
|
heap
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
C5A3000
|
unkown
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
44F2000
|
heap
|
page read and write
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
311E000
|
stack
|
page read and write
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
7978000
|
unkown
|
page read and write
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
C5A3000
|
unkown
|
page read and write
|
||
|
4A51000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
8EFA000
|
unkown
|
page read and write
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
7FFD000
|
stack
|
page read and write
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
FDEC000
|
unkown
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
3401000
|
unkown
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
CA9A000
|
unkown
|
page read and write
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
51EF000
|
unclassified section
|
page read and write
|
||
|
3CBA000
|
heap
|
page read and write
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
9701000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
536F000
|
unclassified section
|
page execute and read and write
|
||
|
2F40000
|
unclassified section
|
page execute and read and write
|
||
|
45AD000
|
heap
|
page read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
FDDD000
|
unkown
|
page read and write
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
8FB9000
|
stack
|
page read and write
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
FDA0000
|
unkown
|
page read and write
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
CB66000
|
unkown
|
page read and write
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
1500000
|
heap
|
page read and write
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
7FF5ED679000
|
unkown
|
page readonly
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
4AF1000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
57DE000
|
heap
|
page read and write
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
AB0C000
|
unkown
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
44F6000
|
heap
|
page read and write
|
||
|
33CD000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
44FE000
|
heap
|
page read and write
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
CA86000
|
unkown
|
page read and write
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
310E000
|
stack
|
page read and write
|
||
|
C852000
|
unkown
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
7FF5ED1CB000
|
unkown
|
page readonly
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
40D5000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
65C000
|
stack
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
AAFA000
|
unkown
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
F933000
|
unkown
|
page read and write
|
||
|
974000
|
system
|
page execute and read and write
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
4597000
|
heap
|
page read and write
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
44F4000
|
heap
|
page read and write
|
||
|
991C000
|
unkown
|
page read and write
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
4594000
|
heap
|
page read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
58C0000
|
heap
|
page read and write
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
5891000
|
heap
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
4598000
|
heap
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
FDD1000
|
unkown
|
page read and write
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
818E000
|
stack
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
A3D3000
|
unkown
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
4A6D000
|
heap
|
page read and write
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
C99B000
|
unkown
|
page read and write
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
F909000
|
unkown
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
5500000
|
heap
|
page read and write
|
||
|
FF60000
|
heap
|
page read and write
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
4FE2000
|
direct allocation
|
page execute and read and write
|
||
|
540E000
|
heap
|
page read and write
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
CAFC000
|
unkown
|
page read and write
|
||
|
FDEC000
|
unkown
|
page read and write
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
44FC000
|
heap
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
3442000
|
direct allocation
|
page execute and read and write
|
||
|
7695000
|
stack
|
page read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
FDC0000
|
unkown
|
page read and write
|
||
|
91B9000
|
stack
|
page read and write
|
||
|
FF60000
|
heap
|
page read and write
|
||
|
2FD7000
|
heap
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
E587000
|
unkown
|
page execute and read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
848000
|
system
|
page readonly
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
CB47000
|
unkown
|
page read and write
|
||
|
308A000
|
stack
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED885000
|
unkown
|
page readonly
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
CB67000
|
unkown
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
44F3000
|
heap
|
page read and write
|
||
|
36D5000
|
stack
|
page read and write
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
AB07000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
FDA0000
|
unkown
|
page read and write
|
||
|
58E4000
|
heap
|
page read and write
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
5259000
|
unclassified section
|
page execute and read and write
|
||
|
3100000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
11C0000
|
unkown
|
page readonly
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
4CA0000
|
direct allocation
|
page execute and read and write
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
2E2C000
|
heap
|
page read and write
|
||
|
F909000
|
unkown
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
2F30000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
CA92000
|
unkown
|
page read and write
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
AB54000
|
unkown
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
83E000
|
system
|
page execute and read and write
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
FF62000
|
heap
|
page read and write
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
8860000
|
unkown
|
page read and write
|
||
|
541A000
|
heap
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
7FF5ED6B9000
|
unkown
|
page readonly
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
143B000
|
stack
|
page read and write
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
4C7A000
|
unkown
|
page read and write
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
30C1000
|
trusted library allocation
|
page execute and read and write
|
||
|
981000
|
system
|
page execute and read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
2FDD000
|
heap
|
page read and write
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
AF0C000
|
stack
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
40C6000
|
heap
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
9B00000
|
heap
|
page read and write
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
||
|
9081000
|
unkown
|
page read and write
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
560000
|
system
|
page execute and read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
4940000
|
heap
|
page read and write
|
||
|
322D000
|
direct allocation
|
page execute and read and write
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
2813000
|
heap
|
page read and write
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
FE03000
|
unkown
|
page read and write
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
9837000
|
unkown
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
58C9000
|
heap
|
page read and write
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
4C27000
|
heap
|
page read and write
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
93BE000
|
stack
|
page read and write
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
CA83000
|
unkown
|
page read and write
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
7DDE000
|
stack
|
page read and write
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
40C6000
|
heap
|
page read and write
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
953000
|
system
|
page execute and read and write
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
44F4000
|
heap
|
page read and write
|
||
|
960000
|
system
|
page execute and read and write
|
||
|
2FC8000
|
heap
|
page read and write
|
||
|
45A3000
|
heap
|
page read and write
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
58D4000
|
heap
|
page read and write
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
35F1000
|
trusted library allocation
|
page execute and read and write
|
||
|
839000
|
system
|
page execute and read and write
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
AB08000
|
unkown
|
page read and write
|
||
|
9929000
|
unkown
|
page read and write
|
||
|
CB84000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
44FF000
|
heap
|
page read and write
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
8EFA000
|
unkown
|
page read and write
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
5000000
|
heap
|
page read and write
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
143B000
|
stack
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
3150000
|
unkown
|
page read and write
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
44F0000
|
heap
|
page read and write
|
||
|
2700000
|
heap
|
page read and write
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
2800000
|
heap
|
page read and write
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
5909000
|
heap
|
page read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
4F1A000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
298D000
|
stack
|
page read and write
|
||
|
F8FB000
|
unkown
|
page read and write
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
9837000
|
unkown
|
page read and write
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
3120000
|
unkown
|
page readonly
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
30A1000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
33B9000
|
stack
|
page read and write
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
CB34000
|
unkown
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
8F1000
|
system
|
page execute and read and write
|
||
|
BA2C000
|
stack
|
page read and write
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
44F9000
|
heap
|
page read and write
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
9138000
|
stack
|
page read and write
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
E548000
|
unkown
|
page execute and read and write
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
4C8A000
|
unkown
|
page read and write
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
4637000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
7950000
|
unkown
|
page read and write
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
AB5E000
|
unkown
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
57D9000
|
heap
|
page read and write
|
||
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
CA9A000
|
unkown
|
page read and write
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
CA8B000
|
unkown
|
page read and write
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
459C000
|
heap
|
page read and write
|
||
|
4C98000
|
heap
|
page read and write
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED68C000
|
unkown
|
page readonly
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
5373000
|
unclassified section
|
page execute and read and write
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
AB51000
|
unkown
|
page read and write
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
CAFC000
|
unkown
|
page read and write
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
18A0000
|
unkown
|
page readonly
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
2D3E000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
991F000
|
unkown
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
45A1000
|
heap
|
page read and write
|
||
|
44F6000
|
heap
|
page read and write
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
4591000
|
heap
|
page read and write
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
2A17000
|
heap
|
page read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
4C7A000
|
unkown
|
page read and write
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
5910000
|
heap
|
page read and write
|
||
|
44F5000
|
heap
|
page read and write
|
||
|
F97B000
|
unkown
|
page read and write
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
45A6000
|
heap
|
page read and write
|
||
|
44FD000
|
heap
|
page read and write
|
||
|
5349000
|
unclassified section
|
page execute and read and write
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
7FF5ED1CF000
|
unkown
|
page readonly
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
C9A0000
|
unkown
|
page read and write
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
5389000
|
unclassified section
|
page execute and read and write
|
||
|
CB0F000
|
unkown
|
page read and write
|
||
|
463F000
|
heap
|
page read and write
|
||
|
536B000
|
unclassified section
|
page execute and read and write
|
||
|
44FA000
|
heap
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
CA9A000
|
unkown
|
page read and write
|
||
|
9920000
|
unkown
|
page read and write
|
||
|
5350000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
53B9000
|
heap
|
page read and write
|
||
|
459F000
|
heap
|
page read and write
|
||
|
FDDD000
|
unkown
|
page read and write
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
4595000
|
heap
|
page read and write
|
||
|
CA9A000
|
unkown
|
page read and write
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
CA14000
|
unkown
|
page read and write
|
||
|
A3D3000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page read and write
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
7FF5ED1F6000
|
unkown
|
page readonly
|
||
|
5900000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
26BB000
|
stack
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
10D36000
|
system
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
44F9000
|
heap
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
7FF5ED1CF000
|
unkown
|
page readonly
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
44FA000
|
heap
|
page read and write
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
40C6000
|
heap
|
page read and write
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
4F80000
|
unclassified section
|
page execute and read and write
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
53DE000
|
heap
|
page read and write
|
||
|
30B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
44F0000
|
heap
|
page read and write
|
||
|
4593000
|
heap
|
page read and write
|
||
|
3659000
|
stack
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
4590000
|
heap
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
7FF5ED52F000
|
unkown
|
page readonly
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
44F7000
|
heap
|
page read and write
|
||
|
2A17000
|
heap
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
3401000
|
unkown
|
page read and write
|
||
|
5364000
|
unclassified section
|
page execute and read and write
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
95DB000
|
stack
|
page read and write
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
5357000
|
unclassified section
|
page execute and read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
3090000
|
trusted library allocation
|
page execute and read and write
|
||
|
FDD1000
|
unkown
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
3C3C000
|
heap
|
page read and write
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
C56F000
|
unkown
|
page read and write
|
||
|
CA14000
|
unkown
|
page read and write
|
||
|
9702000
|
unkown
|
page read and write
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
7950000
|
unkown
|
page read and write
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
5371000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
45AC000
|
heap
|
page read and write
|
||
|
45A0000
|
heap
|
page read and write
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
7FF5ED1D6000
|
unkown
|
page readonly
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
2FCC000
|
heap
|
page read and write
|
||
|
9992000
|
unkown
|
page read and write
|
||
|
CB14000
|
unkown
|
page read and write
|
||
|
45A2000
|
heap
|
page read and write
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
B629000
|
stack
|
page read and write
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
896B000
|
stack
|
page read and write
|
||
|
E8A0000
|
system
|
page execute and read and write
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
3748000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
F9B4000
|
unkown
|
page read and write
|
||
|
8BEE000
|
stack
|
page read and write
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
CB3A000
|
unkown
|
page read and write
|
||
|
F8F2000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
309E000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
2FD7000
|
heap
|
page read and write
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
45A2000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
5394000
|
unclassified section
|
page execute and read and write
|
||
|
F976000
|
unkown
|
page read and write
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
883C000
|
stack
|
page read and write
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
97E000
|
system
|
page execute and read and write
|
||
|
525E000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
44FE000
|
heap
|
page read and write
|
||
|
2A05000
|
heap
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
7FF5ED1FC000
|
unkown
|
page readonly
|
||
|
3120000
|
heap
|
page read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
45AB000
|
heap
|
page read and write
|
||
|
5311000
|
unclassified section
|
page execute and read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
44F0000
|
heap
|
page read and write
|
||
|
45A3000
|
heap
|
page read and write
|
||
|
F9B4000
|
unkown
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
5914000
|
heap
|
page read and write
|
||
|
5412000
|
heap
|
page read and write
|
||
|
4EDB000
|
unclassified section
|
page execute and read and write
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
414B000
|
heap
|
page read and write
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
7FF5ED28F000
|
unkown
|
page readonly
|
||
|
53F9000
|
heap
|
page read and write
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
944000
|
system
|
page execute and read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
FDDE000
|
unkown
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
969000
|
system
|
page execute and read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
30F1000
|
trusted library allocation
|
page execute and read and write
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
2802000
|
heap
|
page read and write
|
||
|
5340000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
5557000
|
stack
|
page read and write
|
||
|
2E23000
|
heap
|
page read and write
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
4F6D000
|
direct allocation
|
page execute and read and write
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
4638000
|
heap
|
page read and write
|
||
|
4DCD000
|
direct allocation
|
page execute and read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
A01B000
|
stack
|
page read and write
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
3209000
|
stack
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
8D6E000
|
stack
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
58EF000
|
heap
|
page read and write
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
44F1000
|
heap
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
3150000
|
unkown
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
4E3E000
|
direct allocation
|
page execute and read and write
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
998F000
|
unkown
|
page read and write
|
||
|
B629000
|
stack
|
page read and write
|
||
|
45AA000
|
heap
|
page read and write
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
FDAC000
|
unkown
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
3748000
|
unkown
|
page read and write
|
||
|
AB03000
|
unkown
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
C9EE000
|
unkown
|
page read and write
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
2F00000
|
trusted library allocation
|
page read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
44F3000
|
heap
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
3209000
|
stack
|
page read and write
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
9925000
|
unkown
|
page read and write
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
44FE000
|
heap
|
page read and write
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
9139000
|
stack
|
page read and write
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
7E11000
|
unkown
|
page read and write
|
||
|
3738000
|
unkown
|
page read and write
|
||
|
44F5000
|
heap
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
AB54000
|
unkown
|
page read and write
|
||
|
F9F4000
|
unkown
|
page read and write
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
53EB000
|
heap
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
414B000
|
heap
|
page read and write
|
||
|
13BC000
|
stack
|
page read and write
|
||
|
AB04000
|
unkown
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
7E11000
|
unkown
|
page read and write
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
E6BB000
|
system
|
page execute and read and write
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
7FF5ED644000
|
unkown
|
page readonly
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
45A4000
|
heap
|
page read and write
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
CB3A000
|
unkown
|
page read and write
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
45A0000
|
heap
|
page read and write
|
||
|
7FF5ED68C000
|
unkown
|
page readonly
|
||
|
464E000
|
heap
|
page read and write
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
C9E7000
|
unkown
|
page read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
1220000
|
unkown
|
page readonly
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
CA14000
|
unkown
|
page read and write
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
53A1000
|
unclassified section
|
page execute and read and write
|
||
|
CB84000
|
unkown
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
930000
|
system
|
page execute and read and write
|
||
|
2760000
|
heap
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
44FF000
|
heap
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
970000
|
system
|
page execute and read and write
|
||
|
53D0000
|
heap
|
page read and write
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED1BC000
|
unkown
|
page readonly
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
9929000
|
unkown
|
page read and write
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
AB51000
|
unkown
|
page read and write
|
||
|
44F3000
|
heap
|
page read and write
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
E6FA000
|
system
|
page execute and read and write
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
FDD2000
|
unkown
|
page read and write
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
44FC000
|
heap
|
page read and write
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
53C3000
|
heap
|
page read and write
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
302D000
|
heap
|
page read and write
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
40CC000
|
heap
|
page read and write
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
53CE000
|
heap
|
page read and write
|
||
|
44F4000
|
heap
|
page read and write
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
459C000
|
heap
|
page read and write
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
5557000
|
stack
|
page read and write
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
45A0000
|
heap
|
page read and write
|
||
|
883E000
|
stack
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
7FF5ED6BB000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
53E4000
|
heap
|
page read and write
|
||
|
44F3000
|
heap
|
page read and write
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
AB51000
|
unkown
|
page read and write
|
||
|
F8F2000
|
unkown
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
943B000
|
stack
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
C9ED000
|
unkown
|
page read and write
|
||
|
4DC9000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
34E9000
|
stack
|
page read and write
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
53D2000
|
heap
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
E88E000
|
system
|
page execute and read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
53F3000
|
heap
|
page read and write
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
FDD5000
|
unkown
|
page read and write
|
||
|
4593000
|
heap
|
page read and write
|
||
|
45AE000
|
heap
|
page read and write
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
44FA000
|
heap
|
page read and write
|
||
|
E4A0000
|
unkown
|
page execute and read and write
|
||
|
45A0000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED3AC000
|
unkown
|
page readonly
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
4FF6000
|
unclassified section
|
page read and write
|
||
|
464D000
|
heap
|
page read and write
|
||
|
7FF5ED1D6000
|
unkown
|
page readonly
|
||
|
929000
|
system
|
page execute and read and write
|
||
|
53C9000
|
heap
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
CA45000
|
unkown
|
page read and write
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
4C9A000
|
unkown
|
page read and write
|
||
|
4591000
|
heap
|
page read and write
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
5380000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
7695000
|
stack
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
B728000
|
stack
|
page read and write
|
||
|
9929000
|
unkown
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
920000
|
system
|
page execute and read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
F933000
|
unkown
|
page read and write
|
||
|
3319000
|
stack
|
page read and write
|
||
|
AB5F000
|
unkown
|
page read and write
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
45A9000
|
heap
|
page read and write
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
11C0000
|
unkown
|
page readonly
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
2813000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
44F7000
|
heap
|
page read and write
|
||
|
2CFD000
|
stack
|
page read and write
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
7FF5ED43D000
|
unkown
|
page readonly
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
34E9000
|
stack
|
page read and write
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
414B000
|
heap
|
page read and write
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
B170000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
2A12000
|
heap
|
page read and write
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
FDFF000
|
unkown
|
page read and write
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
58F3000
|
heap
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
4941000
|
heap
|
page read and write
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
923E000
|
stack
|
page read and write
|
||
|
44F7000
|
heap
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
CA86000
|
unkown
|
page read and write
|
||
|
2FCB000
|
heap
|
page read and write
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
968B000
|
unkown
|
page read and write
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
934000
|
system
|
page execute and read and write
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
2DF4000
|
heap
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
4596000
|
heap
|
page read and write
|
||
|
FF6A000
|
heap
|
page read and write
|
||
|
8860000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
C9D3000
|
unkown
|
page read and write
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
3319000
|
stack
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
CB3A000
|
unkown
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
3027000
|
unclassified section
|
page execute and read and write
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
30EE000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
9D64000
|
unkown
|
page read and write
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
414B000
|
heap
|
page read and write
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
40CD000
|
heap
|
page read and write
|
||
|
896B000
|
stack
|
page read and write
|
||
|
849000
|
system
|
page execute and read and write
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
45A4000
|
heap
|
page read and write
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
7979000
|
unkown
|
page read and write
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
494A000
|
heap
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
7FF5ED6B9000
|
unkown
|
page readonly
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
3229000
|
direct allocation
|
page execute and read and write
|
||
|
FF62000
|
heap
|
page read and write
|
||
|
58D7000
|
heap
|
page read and write
|
||
|
45A5000
|
heap
|
page read and write
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
45A2000
|
heap
|
page read and write
|
||
|
CA14000
|
unkown
|
page read and write
|
||
|
58F1000
|
heap
|
page read and write
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
7FF5ED279000
|
unkown
|
page readonly
|
||
|
45A6000
|
heap
|
page read and write
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
9D64000
|
unkown
|
page read and write
|
||
|
2E0F000
|
heap
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
94B000
|
system
|
page execute and read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
AB51000
|
unkown
|
page read and write
|
||
|
CB4A000
|
unkown
|
page read and write
|
There are 1738 hidden memdumps, click here to show them.