Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
freekernelpstviewer.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\Kernel Outlook PST Viewer.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\SelFolder.gif (copy)
|
GIF image data, version 89a, 92 x 92
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\SelFolder.mht (copy)
|
news or mail, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\arrow.gif (copy)
|
GIF image data, version 89a, 7 x 6
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\completed.gif (copy)
|
GIF image data, version 89a, 48 x 48
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\completed.html (copy)
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-7173N.tmp
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-73PA0.tmp
|
GIF image data, version 89a, 92 x 92
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-A2NJ6.tmp
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-GCUB4.tmp
|
GIF image data, version 89a, 7 x 6
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-GK0ST.tmp
|
GIF image data, version 89a, 48 x 48
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-I80GQ.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-IGNSG.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-O0368.tmp
|
ISO-8859 text, with very long lines (820), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-TAPQG.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\is-TEVFK.tmp
|
news or mail, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\license.txt (copy)
|
ISO-8859 text, with very long lines (820), with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\unins000.dat
|
InnoSetup Log Kernel Outlook PST Viewer, version 0x30, 6428 bytes, 888683\user, "C:\Program Files (x86)\Kernel Outlook PST
Viewer"
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\waiting.gif (copy)
|
GIF image data, version 89a, 32 x 32
|
dropped
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\zlib1.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel Outlook PST Viewer\Kernel Outlook PST Viewer.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Tue Oct 1 14:26:40 2024, mtime=Tue Oct 1 14:26:41 2024, atime=Thu Apr 9 22:08:40 2020, length=45826952, window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel Outlook PST Viewer\Uninstall Kernel Outlook PST Viewer .lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Tue Oct 1 14:26:40 2024, mtime=Tue Oct 1 14:26:40 2024, atime=Tue Oct 1 14:26:11 2024, length=747685, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\stylesheet.css
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\wbk8331.tmp
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BCG8871.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\BCG8882.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-1BHTD.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-T9FS9.tmp\freekernelpstviewer.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF24F34BCB53784E18.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFDD7E1EC1D3616C63.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Kernel Outlook PST Viewer.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Tue Oct 1 14:26:40 2024, mtime=Tue Oct 1 14:26:42 2024, atime=Thu Apr 9 22:08:40 2020, length=45826952, window=hide
|
dropped
|
||
|
C:\Users\user\Desktop\Kernel Outlook PST Viewer .lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Tue Oct 1 14:26:40 2024, mtime=Tue Oct 1 14:26:42 2024, atime=Thu Apr 9 22:08:40 2020, length=45826952, window=hide
|
dropped
|
||
|
C:\Windows\SysWOW64\RICHTX32.OCX (copy)
|
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Windows\SysWOW64\is-1E6U8.tmp
|
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3300_1558915851\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3300_1558915851\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3300_1558915851\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3300_1558915851\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping3300_1558915851\sets.json
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 174
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 175
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 176
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 177
|
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 178
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 179
|
ASCII text, with very long lines (23730)
|
downloaded
|
||
|
Chrome Cache Entry: 180
|
PNG image data, 8 x 5, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 181
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 182
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 183
|
HTML document, ASCII text, with very long lines (1749), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 184
|
data
|
downloaded
|
||
|
Chrome Cache Entry: 185
|
ISO Media, AVIF Image
|
dropped
|
||
|
Chrome Cache Entry: 186
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 187
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
downloaded
|
||
|
Chrome Cache Entry: 188
|
ASCII text, with very long lines (1559)
|
dropped
|
||
|
Chrome Cache Entry: 189
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 190
|
ASCII text, with very long lines (21136)
|
dropped
|
||
|
Chrome Cache Entry: 191
|
ASCII text, with very long lines (7711)
|
dropped
|
||
|
Chrome Cache Entry: 192
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 193
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 194
|
ASCII text, with very long lines (4852), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 195
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 196
|
PNG image data, 199 x 46, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 197
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 198
|
ASCII text, with very long lines (6514), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 199
|
ASCII text, with very long lines (3259), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 200
|
Web Open Font Format (Version 2), TrueType, length 61160, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 201
|
data
|
dropped
|
||
|
Chrome Cache Entry: 202
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 203
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 204
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 205
|
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 206
|
PNG image data, 111 x 36, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 207
|
PNG image data, 143 x 19, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 208
|
ASCII text, with very long lines (4269)
|
dropped
|
||
|
Chrome Cache Entry: 209
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 210
|
ISO Media, AVIF Image
|
downloaded
|
||
|
Chrome Cache Entry: 211
|
ASCII text, with very long lines (1559)
|
downloaded
|
||
|
Chrome Cache Entry: 212
|
Unicode text, UTF-8 text, with very long lines (11407), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 213
|
ASCII text, with very long lines (390), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 214
|
PNG image data, 111 x 36, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 215
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 216
|
PNG image data, 390 x 260, 8-bit colormap, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 217
|
ASCII text, with very long lines (7711)
|
downloaded
|
||
|
Chrome Cache Entry: 218
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 219
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 220
|
ASCII text, with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 221
|
ASCII text, with very long lines (5364), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 222
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 223
|
ASCII text, with very long lines (390), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 224
|
ASCII text, with very long lines (23730)
|
dropped
|
||
|
Chrome Cache Entry: 225
|
PNG image data, 390 x 260, 8-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 226
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 227
|
Unicode text, UTF-8 text, with very long lines (50522), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 228
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
Chrome Cache Entry: 229
|
data
|
dropped
|
||
|
Chrome Cache Entry: 230
|
Java source, ASCII text, with very long lines (49245)
|
downloaded
|
||
|
Chrome Cache Entry: 231
|
Unicode text, UTF-8 text, with very long lines (11407), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 232
|
Unicode text, UTF-8 text, with very long lines (2748), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 233
|
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
|
dropped
|
||
|
Chrome Cache Entry: 234
|
ASCII text, with very long lines (37509)
|
downloaded
|
||
|
Chrome Cache Entry: 235
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 236
|
PNG image data, 356 x 51, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 237
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 238
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 239
|
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 240
|
Unicode text, UTF-8 text, with very long lines (2748), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 241
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 242
|
ASCII text, with very long lines (7449), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 243
|
ASCII text, with very long lines (37509)
|
dropped
|
||
|
Chrome Cache Entry: 244
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 245
|
Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 246
|
Unicode text, UTF-8 text, with very long lines (50522), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 247
|
HTML document, ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 248
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 249
|
HTML document, Unicode text, UTF-8 text, with very long lines (1241), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 250
|
Java source, ASCII text, with very long lines (49245)
|
dropped
|
||
|
Chrome Cache Entry: 251
|
ASCII text, with very long lines (306)
|
dropped
|
||
|
Chrome Cache Entry: 252
|
Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 253
|
ASCII text, with very long lines (4269)
|
downloaded
|
||
|
Chrome Cache Entry: 254
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 255
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 256
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 257
|
ASCII text, with very long lines (4852), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 258
|
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 259
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 260
|
PNG image data, 146 x 40, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 261
|
Java source, ASCII text, with very long lines (493)
|
dropped
|
||
|
Chrome Cache Entry: 262
|
ASCII text, with very long lines (3259), with no line terminators
|
dropped
|
||
|
Chrome Cache Entry: 263
|
RIFF (little-endian) data, Web/P image
|
dropped
|
||
|
Chrome Cache Entry: 264
|
PNG image data, 8 x 5, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 265
|
PNG image data, 146 x 40, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 266
|
PNG image data, 143 x 19, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 267
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 268
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 269
|
PNG image data, 356 x 51, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 270
|
Java source, ASCII text, with very long lines (493)
|
downloaded
|
||
|
Chrome Cache Entry: 271
|
PNG image data, 199 x 46, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 272
|
ASCII text, with very long lines (2942), with CRLF line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 273
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 274
|
ASCII text, with very long lines (21136)
|
downloaded
|
||
|
Chrome Cache Entry: 275
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 276
|
ASCII text, with very long lines (306)
|
downloaded
|
There are 134 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\freekernelpstviewer.exe
|
"C:\Users\user\Desktop\freekernelpstviewer.exe"
|
||
|
C:\Users\user\AppData\Local\Temp\is-T9FS9.tmp\freekernelpstviewer.tmp
|
"C:\Users\user\AppData\Local\Temp\is-T9FS9.tmp\freekernelpstviewer.tmp" /SL5="$10432,4877973,80384,C:\Users\user\Desktop\freekernelpstviewer.exe"
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\system32\Redemption.dll"
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\system32\ProfMan.dll"
|
||
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\system32\Redemption.dll"
|
||
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\system32\ProfMan.dll"
|
||
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\SysWOW64\Redemption64.dll"
|
||
|
C:\Windows\System32\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\SysWOW64\ProfMan64.dll"
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\SysWOW64\Redemption64.dll"
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /u /s "C:\Windows\SysWOW64\ProfMan64.dll"
|
||
|
C:\Windows\SysWOW64\regsvr32.exe
|
"C:\Windows\system32\regsvr32.exe" /s "C:\Windows\system32\RICHTX32.OCX"
|
||
|
C:\Program Files (x86)\Kernel Outlook PST Viewer\Kernel Outlook PST Viewer.exe
|
"C:\Program Files (x86)\Kernel Outlook PST Viewer\Kernel Outlook PST Viewer.exe"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.nucleustechnologies.com/thanks-for-installing-kernel-pst-viewer.html
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1856,i,4981765526884018428,11496894683768264734,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://wieistmeineip.de
|
unknown
|
||
|
https://mercadoshops.com.co
|
unknown
|
||
|
https://www.nucleustechnologies.com/email-to-pdf-converter/
|
unknown
|
||
|
https://www.nucleustechnologies.com/office-365-migration/
|
unknown
|
||
|
https://mercadolivre.com
|
unknown
|
||
|
https://www.nucleustechnologies.com/lotus-notes-to-office365.html
|
unknown
|
||
|
https://www.nucleustechnologies.com/eula.pdf
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew20/tick-book-black.png)
|
unknown
|
||
|
https://medonet.pl
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew20/shp-demo.png)
|
unknown
|
||
|
https://mercadoshops.com.br
|
unknown
|
||
|
https://www.nucleustechnologies.com/database-recovery.html
|
unknown
|
||
|
https://johndeere.com
|
unknown
|
||
|
https://elfinancierocr.com
|
unknown
|
||
|
https://bolasport.com
|
unknown
|
||
|
https://www.nucleustechnologies.com/News.html
|
unknown
|
||
|
https://desimartini.com
|
unknown
|
||
|
https://hearty.app
|
unknown
|
||
|
https://www.nucleustechnologies.com
|
unknown
|
||
|
https://mercadoshops.com
|
unknown
|
||
|
https://nlc.hu
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew20/cloud-serv-bg.png)
|
unknown
|
||
|
https://p106.net
|
unknown
|
||
|
https://www.nucleustechnologies.com/sql-backup-recovery/
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew20/prod-spr-El.png
|
67.227.166.81
|
||
|
https://secure.livechatinc.com/
|
unknown
|
||
|
https://songshare.com
|
unknown
|
||
|
https://smaker.pl
|
unknown
|
||
|
https://p24.hu
|
unknown
|
||
|
https://24.hu
|
unknown
|
||
|
https://www.nucleustechnologies.com/Disclaimer.html
|
unknown
|
||
|
https://www.nucleustechnologies.com/lotus-notes-to-outlook.html
|
unknown
|
||
|
https://mightytext.net
|
unknown
|
||
|
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline
|
unknown
|
||
|
https://hazipatika.com
|
unknown
|
||
|
https://joyreactor.com
|
unknown
|
||
|
https://eworkbookcloud.com
|
unknown
|
||
|
https://chennien.com
|
unknown
|
||
|
https://drimer.travel
|
unknown
|
||
|
https://www.nucleustechnologies.com/Data-Recovery-Software.html
|
unknown
|
||
|
https://www.nucleustechnologies.com/partner-resources.html
|
unknown
|
||
|
https://mercadopago.cl
|
unknown
|
||
|
https://www.nucleustechnologies.com/resellers-programme.html
|
unknown
|
||
|
https://naukri.com
|
unknown
|
||
|
https://interia.pl
|
unknown
|
||
|
https://www.nucleustechnologies.com/nl/
|
unknown
|
||
|
https://bonvivir.com
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew20/cli-4.png
|
67.227.166.81
|
||
|
https://sapo.io
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew20/arw-menu-up.png)
|
unknown
|
||
|
https://www.nucleustechnologies.com/pdf-repair.html
|
unknown
|
||
|
https://www.nucleustechnologies.com/imagenew/dmca.webp
|
67.227.166.81
|
||
|
https://welt.de
|
unknown
|
||
|
https://poalim.site
|
unknown
|
||
|
https://drimer.io
|
unknown
|
||
|
https://infoedgeindia.com
|
unknown
|
||
|
https://blackrockadvisorelite.it
|
unknown
|
||
|
https://www.nucleustechnologies.com/find-partners.html
|
unknown
|
||
|
https://cognitive-ai.ru
|
unknown
|
||
|
https://www.nucleustechnologies.com/notes-conversion-suite.html
|
unknown
|
||
|
https://cafemedia.com
|
unknown
|
||
|
https://graziadaily.co.uk
|
unknown
|
||
|
https://thirdspace.org.au
|
unknown
|
||
|
https://www.nucleustechnologies.com/cloud-migration.html
|
unknown
|
||
|
https://mercadoshops.com.ar
|
unknown
|
||
|
https://commentcamarche.com
|
unknown
|
||
|
https://rws3nvtvt.com
|
unknown
|
||
|
https://www.nucleustechnologies.com/data-recovery.html
|
unknown
|
||
|
https://mercadolivre.com.br
|
unknown
|
||
|
https://www.nucleustechnologies.com/vhd-recovery.html
|
unknown
|
||
|
https://clmbtech.com
|
unknown
|
||
|
https://www.nucleustechnologies.com/exchange-suite.html
|
unknown
|
||
|
https://salemovefinancial.com
|
unknown
|
||
|
https://mercadopago.com.br
|
unknown
|
||
|
https://www.nucleustechnologies.com/zimbra-mailbox-backup/
|
unknown
|
||
|
https://commentcamarche.net
|
unknown
|
||
|
https://hj.rs
|
unknown
|
||
|
https://reactjs.org/link/react-polyfills
|
unknown
|
||
|
http://www.cknotes.com/?p=217WSAECONNRESET
|
unknown
|
||
|
https://hearty.me
|
unknown
|
||
|
https://mercadolibre.com.gt
|
unknown
|
||
|
https://indiatodayne.in
|
unknown
|
||
|
https://www.nucleustechnologies.com/bkf-repair.html
|
unknown
|
||
|
https://idbs-staging.com
|
unknown
|
||
|
https://mercadolibre.co.cr
|
unknown
|
||
|
https://prisjakt.no
|
unknown
|
||
|
https://kompas.com
|
unknown
|
||
|
https://www.nucleustechnologies.com/edb-to-pst.html
|
unknown
|
||
|
https://player.pl
|
unknown
|
||
|
https://mercadopago.com.ar
|
unknown
|
||
|
https://mercadolibre.com.hn
|
unknown
|
||
|
https://tucarro.com.co
|
unknown
|
||
|
https://www.nucleustechnologies.com/cssnew/freeware-download.css
|
67.227.166.81
|
||
|
https://terazgotuje.pl
|
unknown
|
||
|
https://cdn.livechatinc.com/direct-link/livechat-chat-with-us.png
|
unknown
|
||
|
https://www.dmca.com/Protection/Status.aspx?ID=ca3ccfe6-3d1a-4c62-aacd-e28198ab9e61&refurl=https
|
unknown
|
||
|
http://www.remobjects.com/psU
|
unknown
|
||
|
http://www.cknotes.com/?p=217
|
unknown
|
||
|
https://www.nucleustechnologies.com/repair-excel-file.php
|
unknown
|
||
|
http://www.cknotes.com/?p=210
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
googleads.g.doubleclick.net
|
216.58.206.34
|
||
|
improvely-com-2021-1842759544.us-east-1.elb.amazonaws.com
|
3.224.56.91
|
||
|
www.google.com
|
172.217.18.4
|
||
|
td.doubleclick.net
|
142.250.185.130
|
||
|
nucleustechnologies.com
|
67.227.166.81
|
||
|
ax-0001.ax-msedge.net
|
150.171.27.10
|
||
|
www.nucleustechnologies.com
|
unknown
|
||
|
lepide.iljmp.com
|
unknown
|
||
|
secure.livechatinc.com
|
unknown
|
||
|
206.23.85.13.in-addr.arpa
|
unknown
|
||
|
api.livechatinc.com
|
unknown
|
||
|
accounts.livechatinc.com
|
unknown
|
||
|
cdn.livechatinc.com
|
unknown
|
There are 3 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.217.18.4
|
www.google.com
|
United States
|
||
|
216.58.206.34
|
googleads.g.doubleclick.net
|
United States
|
||
|
192.168.2.8
|
unknown
|
unknown
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
67.227.166.81
|
nucleustechnologies.com
|
United States
|
||
|
150.171.27.10
|
ax-0001.ax-msedge.net
|
United States
|
||
|
3.224.56.91
|
improvely-com-2021-1842759544.us-east-1.elb.amazonaws.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.130
|
td.doubleclick.net
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: Setup Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: App Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: Icon Group
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: User
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: Selected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: Deselected Tasks
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Inno Setup: Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
QuietUninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Kernel Outlook PST Viewer_is1
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl\CLSID
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl\CurVer
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl.1
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl.1\CLSID
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\VersionIndependentProgID
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\ProgID
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\Version
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\MiscStatus
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\MiscStatus\1
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\ToolboxBitmap32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2\FLAGS
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2\0\win32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2\HELPDIR
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ED117630-4090-11CF-8981-00AA00688B10}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{ED117630-4090-11CF-8981-00AA00688B10}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED117630-4090-11CF-8981-00AA00688B10}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED117630-4090-11CF-8981-00AA00688B10}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}\TypeLib
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}\TypeLib
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}\ProxyStubClsid32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}\InprocServer32
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}\InprocServer32
|
ThreadingModel
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Kernel for Outlook PST Repair VIEWER12p\Kernel for Outlook PST Repair\Settings
|
ApplicationLook
|
There are 80 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
F94000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
15B8000
|
unkown
|
page readonly
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
2F9F000
|
unkown
|
page readonly
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
CBB000
|
stack
|
page read and write
|
||
|
15BC000
|
unkown
|
page readonly
|
||
|
30AD000
|
heap
|
page read and write
|
||
|
8E7A000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
74F000
|
stack
|
page read and write
|
||
|
15CB000
|
unkown
|
page readonly
|
||
|
5DC1000
|
trusted library allocation
|
page read and write
|
||
|
49F000
|
unkown
|
page write copy
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
6A0000
|
direct allocation
|
page execute and read and write
|
||
|
1A8F000
|
unkown
|
page readonly
|
||
|
540000
|
heap
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
1593000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
1009000
|
unkown
|
page readonly
|
||
|
3340000
|
heap
|
page read and write
|
||
|
8083000
|
heap
|
page read and write
|
||
|
27AF000
|
stack
|
page read and write
|
||
|
49C000
|
unkown
|
page write copy
|
||
|
3420000
|
heap
|
page read and write
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
806F000
|
heap
|
page read and write
|
||
|
F88000
|
unkown
|
page readonly
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5DF3000
|
trusted library allocation
|
page read and write
|
||
|
30B1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2FEA000
|
heap
|
page read and write
|
||
|
154C000
|
unkown
|
page readonly
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
8D0C000
|
stack
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
E6F000
|
unkown
|
page readonly
|
||
|
155F000
|
unkown
|
page readonly
|
||
|
1029000
|
unkown
|
page readonly
|
||
|
8B0C000
|
stack
|
page read and write
|
||
|
2FFB000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
3120000
|
trusted library allocation
|
page read and write
|
||
|
1957000
|
unkown
|
page readonly
|
||
|
EB8000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
174A000
|
unkown
|
page readonly
|
||
|
DC3000
|
unkown
|
page read and write
|
||
|
154E000
|
unkown
|
page readonly
|
||
|
8E0F000
|
stack
|
page read and write
|
||
|
5DF0000
|
trusted library allocation
|
page read and write
|
||
|
F24000
|
unkown
|
page readonly
|
||
|
5DCA000
|
trusted library allocation
|
page read and write
|
||
|
15C5000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
49B000
|
unkown
|
page write copy
|
||
|
544000
|
heap
|
page read and write
|
||
|
5DB8000
|
trusted library allocation
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
2D5A000
|
heap
|
page read and write
|
||
|
8079000
|
heap
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
5BD6000
|
trusted library allocation
|
page read and write
|
||
|
4DE0000
|
heap
|
page read and write
|
||
|
1975000
|
unkown
|
page readonly
|
||
|
5DAE000
|
trusted library allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
3081000
|
heap
|
page read and write
|
||
|
8089000
|
heap
|
page read and write
|
||
|
F19000
|
unkown
|
page readonly
|
||
|
F24000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
2080000
|
direct allocation
|
page read and write
|
||
|
8085000
|
heap
|
page read and write
|
||
|
FE9000
|
unkown
|
page readonly
|
||
|
F2D000
|
unkown
|
page readonly
|
||
|
3100000
|
direct allocation
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
1550000
|
unkown
|
page readonly
|
||
|
154C000
|
unkown
|
page readonly
|
||
|
1595000
|
unkown
|
page readonly
|
||
|
1B2A000
|
unkown
|
page readonly
|
||
|
FE9000
|
unkown
|
page readonly
|
||
|
15B8000
|
unkown
|
page readonly
|
||
|
DB4F000
|
stack
|
page read and write
|
||
|
D67000
|
heap
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
875000
|
heap
|
page read and write
|
||
|
321A000
|
heap
|
page read and write
|
||
|
8084000
|
heap
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
E83000
|
unkown
|
page readonly
|
||
|
1A82000
|
unkown
|
page readonly
|
||
|
15B8000
|
unkown
|
page readonly
|
||
|
80A2000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
466E000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7B5000
|
heap
|
page read and write
|
||
|
1F0F000
|
stack
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
8E70000
|
heap
|
page read and write
|
||
|
8070000
|
heap
|
page read and write
|
||
|
808A000
|
heap
|
page read and write
|
||
|
15BE000
|
unkown
|
page readonly
|
||
|
80A1000
|
heap
|
page read and write
|
||
|
5E0C000
|
trusted library allocation
|
page read and write
|
||
|
8084000
|
heap
|
page read and write
|
||
|
2D3E000
|
stack
|
page read and write
|
||
|
1032000
|
unkown
|
page readonly
|
||
|
4D4C000
|
stack
|
page read and write
|
||
|
1B2A000
|
unkown
|
page readonly
|
||
|
21B8000
|
direct allocation
|
page read and write
|
||
|
1AFD000
|
unkown
|
page readonly
|
||
|
8073000
|
heap
|
page read and write
|
||
|
8E72000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
BF3000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
174A000
|
unkown
|
page readonly
|
||
|
15C3000
|
unkown
|
page readonly
|
||
|
146E000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1597000
|
unkown
|
page readonly
|
||
|
2F8B000
|
stack
|
page read and write
|
||
|
807B000
|
heap
|
page read and write
|
||
|
49F000
|
stack
|
page read and write
|
||
|
5D90000
|
heap
|
page read and write
|
||
|
E6F000
|
unkown
|
page readonly
|
||
|
1E5000
|
heap
|
page read and write
|
||
|
31C000
|
stack
|
page read and write
|
||
|
F7F000
|
unkown
|
page readonly
|
||
|
5BD0000
|
trusted library allocation
|
page read and write
|
||
|
33C0000
|
heap
|
page read and write
|
||
|
971F000
|
unkown
|
page read and write
|
||
|
1A69000
|
unkown
|
page readonly
|
||
|
49D000
|
unkown
|
page read and write
|
||
|
4E57000
|
heap
|
page read and write
|
||
|
20030000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
718000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2CE0000
|
heap
|
page read and write
|
||
|
15C7000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
1561000
|
unkown
|
page readonly
|
||
|
1090000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
1B97000
|
unkown
|
page readonly
|
||
|
805F000
|
heap
|
page read and write
|
||
|
79BE000
|
stack
|
page read and write
|
||
|
8E4C000
|
heap
|
page read and write
|
||
|
5DFE000
|
trusted library allocation
|
page read and write
|
||
|
5DB0000
|
trusted library allocation
|
page read and write
|
||
|
1475000
|
unkown
|
page readonly
|
||
|
91000
|
stack
|
page read and write
|
||
|
23A0000
|
heap
|
page read and write
|
||
|
8EFC000
|
heap
|
page read and write
|
||
|
FC8000
|
unkown
|
page readonly
|
||
|
282F000
|
stack
|
page read and write
|
||
|
8091000
|
heap
|
page read and write
|
||
|
21BC000
|
direct allocation
|
page read and write
|
||
|
15C3000
|
unkown
|
page readonly
|
||
|
80AD000
|
heap
|
page read and write
|
||
|
5DFC000
|
trusted library allocation
|
page read and write
|
||
|
412000
|
unkown
|
page readonly
|
||
|
15C7000
|
unkown
|
page readonly
|
||
|
808A000
|
heap
|
page read and write
|
||
|
E7A000
|
unkown
|
page readonly
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
1E8F000
|
stack
|
page read and write
|
||
|
1987000
|
unkown
|
page readonly
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
FC8000
|
unkown
|
page readonly
|
||
|
5BD4000
|
trusted library allocation
|
page read and write
|
||
|
563D000
|
stack
|
page read and write
|
||
|
1990000
|
unkown
|
page readonly
|
||
|
21B7000
|
direct allocation
|
page read and write
|
||
|
E41000
|
unkown
|
page readonly
|
||
|
FFD000
|
unkown
|
page readonly
|
||
|
4AD000
|
unkown
|
page readonly
|
||
|
1980000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
1CB000
|
stack
|
page read and write
|
||
|
4D88000
|
heap
|
page read and write
|
||
|
30B6000
|
heap
|
page read and write
|
||
|
70E000
|
stack
|
page read and write
|
||
|
15C3000
|
unkown
|
page readonly
|
||
|
15C5000
|
unkown
|
page readonly
|
||
|
2300000
|
direct allocation
|
page read and write
|
||
|
FFD000
|
unkown
|
page readonly
|
||
|
FDD000
|
unkown
|
page readonly
|
||
|
CD82000
|
trusted library allocation
|
page read and write
|
||
|
349E000
|
stack
|
page read and write
|
||
|
46AF000
|
stack
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
F2D000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1599000
|
unkown
|
page readonly
|
||
|
7EB000
|
stack
|
page read and write
|
||
|
30B2000
|
heap
|
page read and write
|
||
|
1744000
|
unkown
|
page readonly
|
||
|
8E9B000
|
heap
|
page read and write
|
||
|
1475000
|
unkown
|
page readonly
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
7160000
|
trusted library allocation
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
809D000
|
heap
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
F73000
|
unkown
|
page readonly
|
||
|
588000
|
heap
|
page read and write
|
||
|
EF8000
|
unkown
|
page readonly
|
||
|
D50000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
8E2B000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
15AF000
|
unkown
|
page readonly
|
||
|
191E000
|
unkown
|
page readonly
|
||
|
32F0000
|
direct allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
8073000
|
heap
|
page read and write
|
||
|
5DE8000
|
trusted library allocation
|
page read and write
|
||
|
5548000
|
heap
|
page read and write
|
||
|
7AF000
|
heap
|
page read and write
|
||
|
56C1000
|
heap
|
page read and write
|
||
|
806A000
|
heap
|
page read and write
|
||
|
15CB000
|
unkown
|
page readonly
|
||
|
4E03000
|
heap
|
page read and write
|
||
|
7AD000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
2DB000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
8020000
|
heap
|
page read and write
|
||
|
15C7000
|
unkown
|
page readonly
|
||
|
4B7000
|
heap
|
page read and write
|
||
|
F7F000
|
unkown
|
page readonly
|
||
|
50C0000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
30CD000
|
heap
|
page read and write
|
||
|
8073000
|
heap
|
page read and write
|
||
|
1591000
|
unkown
|
page readonly
|
||
|
2300000
|
direct allocation
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
10DB000
|
heap
|
page read and write
|
||
|
40E000
|
unkown
|
page write copy
|
||
|
8E5E000
|
heap
|
page read and write
|
||
|
101D000
|
unkown
|
page readonly
|
||
|
1032000
|
unkown
|
page readonly
|
||
|
1029000
|
unkown
|
page readonly
|
||
|
1975000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
FC8000
|
unkown
|
page readonly
|
||
|
EB8000
|
unkown
|
page readonly
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
8072000
|
heap
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
663E000
|
stack
|
page read and write
|
||
|
7D3F000
|
stack
|
page read and write
|
||
|
80A0000
|
heap
|
page read and write
|
||
|
148D000
|
unkown
|
page readonly
|
||
|
15AF000
|
unkown
|
page readonly
|
||
|
158F000
|
unkown
|
page readonly
|
||
|
5E06000
|
trusted library allocation
|
page read and write
|
||
|
673F000
|
stack
|
page read and write
|
||
|
1B74000
|
unkown
|
page readonly
|
||
|
1AFD000
|
unkown
|
page readonly
|
||
|
8930000
|
trusted library section
|
page readonly
|
||
|
2B3C000
|
stack
|
page read and write
|
||
|
EE4000
|
unkown
|
page readonly
|
||
|
8B5C000
|
stack
|
page read and write
|
||
|
156C000
|
unkown
|
page readonly
|
||
|
808A000
|
heap
|
page read and write
|
||
|
899E000
|
stack
|
page read and write
|
||
|
15CB000
|
unkown
|
page readonly
|
||
|
595000
|
heap
|
page read and write
|
||
|
1A79000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
15BE000
|
unkown
|
page readonly
|
||
|
8E20000
|
heap
|
page read and write
|
||
|
FDD000
|
unkown
|
page readonly
|
||
|
1753000
|
unkown
|
page readonly
|
||
|
EA3000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1563000
|
unkown
|
page readonly
|
||
|
DC3000
|
unkown
|
page write copy
|
||
|
8E50000
|
heap
|
page read and write
|
||
|
E8F000
|
unkown
|
page readonly
|
||
|
1A69000
|
unkown
|
page readonly
|
||
|
6087000
|
direct allocation
|
page read and write
|
||
|
5EC0000
|
heap
|
page read and write
|
||
|
E8F000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
ECF000
|
unkown
|
page readonly
|
||
|
870000
|
heap
|
page read and write
|
||
|
1980000
|
unkown
|
page readonly
|
||
|
450000
|
heap
|
page read and write
|
||
|
5E04000
|
trusted library allocation
|
page read and write
|
||
|
30D8000
|
heap
|
page read and write
|
||
|
ED8000
|
unkown
|
page readonly
|
||
|
5DAA000
|
trusted library allocation
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
1957000
|
unkown
|
page readonly
|
||
|
E150000
|
trusted library allocation
|
page read and write
|
||
|
CD64000
|
trusted library allocation
|
page read and write
|
||
|
1A8F000
|
unkown
|
page readonly
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
4D84000
|
heap
|
page read and write
|
||
|
1A82000
|
unkown
|
page readonly
|
||
|
710000
|
heap
|
page read and write
|
||
|
5D97000
|
heap
|
page read and write
|
||
|
F7F000
|
unkown
|
page readonly
|
||
|
8069000
|
heap
|
page read and write
|
||
|
156E000
|
unkown
|
page readonly
|
||
|
8036000
|
heap
|
page read and write
|
||
|
8084000
|
heap
|
page read and write
|
||
|
8E61000
|
heap
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
7FE42000
|
trusted library allocation
|
page execute read
|
||
|
4E64000
|
heap
|
page read and write
|
||
|
155F000
|
unkown
|
page readonly
|
||
|
1AFD000
|
unkown
|
page readonly
|
||
|
3100000
|
heap
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
F19000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1947000
|
unkown
|
page readonly
|
||
|
1486000
|
unkown
|
page readonly
|
||
|
8073000
|
heap
|
page read and write
|
||
|
1032000
|
unkown
|
page readonly
|
||
|
8096000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
4C9F000
|
stack
|
page read and write
|
||
|
5BDF000
|
trusted library allocation
|
page read and write
|
||
|
EC4000
|
unkown
|
page readonly
|
||
|
1FB0000
|
heap
|
page read and write
|
||
|
D5B000
|
heap
|
page read and write
|
||
|
156E000
|
unkown
|
page readonly
|
||
|
191E000
|
unkown
|
page readonly
|
||
|
760000
|
heap
|
page read and write
|
||
|
4AB000
|
heap
|
page read and write
|
||
|
5DAC000
|
trusted library allocation
|
page read and write
|
||
|
80A2000
|
heap
|
page read and write
|
||
|
80B1000
|
heap
|
page read and write
|
||
|
2F9F000
|
unkown
|
page readonly
|
||
|
5DE0000
|
trusted library allocation
|
page read and write
|
||
|
5E08000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
1B10000
|
unkown
|
page readonly
|
||
|
7EBC000
|
stack
|
page read and write
|
||
|
8073000
|
heap
|
page read and write
|
||
|
1593000
|
unkown
|
page readonly
|
||
|
1565000
|
unkown
|
page readonly
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
3100000
|
direct allocation
|
page read and write
|
||
|
15C9000
|
unkown
|
page readonly
|
||
|
FD4000
|
unkown
|
page readonly
|
||
|
2E7F000
|
stack
|
page read and write
|
||
|
23A4000
|
heap
|
page read and write
|
||
|
1563000
|
unkown
|
page readonly
|
||
|
40C000
|
unkown
|
page read and write
|
||
|
10E7000
|
heap
|
page read and write
|
||
|
F19000
|
unkown
|
page readonly
|
||
|
15C9000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1080000
|
heap
|
page read and write
|
||
|
156A000
|
unkown
|
page readonly
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
107B000
|
stack
|
page read and write
|
||
|
F88000
|
unkown
|
page readonly
|
||
|
15AF000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8079000
|
heap
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
8079000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
ED8000
|
unkown
|
page readonly
|
||
|
FFD000
|
unkown
|
page readonly
|
||
|
5DA8000
|
trusted library allocation
|
page read and write
|
||
|
5DF8000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
heap
|
page read and write
|
||
|
1987000
|
unkown
|
page readonly
|
||
|
890000
|
heap
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
47D0000
|
heap
|
page read and write
|
||
|
49B000
|
unkown
|
page read and write
|
||
|
5DBC000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
unkown
|
page readonly
|
||
|
155A000
|
unkown
|
page readonly
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
147C000
|
unkown
|
page readonly
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
1A79000
|
unkown
|
page readonly
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
FE9000
|
unkown
|
page readonly
|
||
|
18C000
|
stack
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
34C5000
|
heap
|
page read and write
|
||
|
8E33000
|
heap
|
page read and write
|
||
|
156A000
|
unkown
|
page readonly
|
||
|
1B10000
|
unkown
|
page readonly
|
||
|
2E3E000
|
stack
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1987000
|
unkown
|
page readonly
|
||
|
1744000
|
unkown
|
page readonly
|
||
|
DFA000
|
unkown
|
page write copy
|
||
|
8CAF000
|
stack
|
page read and write
|
||
|
E7A000
|
unkown
|
page readonly
|
||
|
192A000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
15BA000
|
unkown
|
page readonly
|
||
|
1599000
|
unkown
|
page readonly
|
||
|
7F9000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
EA3000
|
unkown
|
page readonly
|
||
|
1599000
|
unkown
|
page readonly
|
||
|
1947000
|
unkown
|
page readonly
|
||
|
15B1000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
15C9000
|
unkown
|
page readonly
|
||
|
E41000
|
unkown
|
page readonly
|
||
|
21C8000
|
direct allocation
|
page read and write
|
||
|
4DB000
|
heap
|
page read and write
|
||
|
101D000
|
unkown
|
page readonly
|
||
|
15B1000
|
unkown
|
page readonly
|
||
|
337E000
|
stack
|
page read and write
|
||
|
154C000
|
unkown
|
page readonly
|
||
|
2084000
|
direct allocation
|
page read and write
|
||
|
FA8000
|
unkown
|
page readonly
|
||
|
1567000
|
unkown
|
page readonly
|
||
|
F88000
|
unkown
|
page readonly
|
||
|
1595000
|
unkown
|
page readonly
|
||
|
F04000
|
unkown
|
page readonly
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
21C8000
|
direct allocation
|
page read and write
|
||
|
8B000
|
stack
|
page read and write
|
||
|
146E000
|
unkown
|
page readonly
|
||
|
155A000
|
unkown
|
page readonly
|
||
|
21E1000
|
direct allocation
|
page read and write
|
||
|
808A000
|
heap
|
page read and write
|
||
|
FD4000
|
unkown
|
page readonly
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
1567000
|
unkown
|
page readonly
|
||
|
25B4000
|
unkown
|
page readonly
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
FDD000
|
unkown
|
page readonly
|
||
|
BF3000
|
unkown
|
page readonly
|
||
|
40C000
|
unkown
|
page write copy
|
||
|
F24000
|
unkown
|
page readonly
|
||
|
15BC000
|
unkown
|
page readonly
|
||
|
33FA000
|
heap
|
page read and write
|
||
|
30B5000
|
heap
|
page read and write
|
||
|
148D000
|
unkown
|
page readonly
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
E83000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
E380000
|
heap
|
page read and write
|
||
|
2AFB000
|
stack
|
page read and write
|
||
|
1B10000
|
unkown
|
page readonly
|
||
|
EF8000
|
unkown
|
page readonly
|
||
|
380000
|
heap
|
page read and write
|
||
|
14B000
|
stack
|
page read and write
|
||
|
F73000
|
unkown
|
page readonly
|
||
|
3490000
|
heap
|
page read and write
|
||
|
21E3000
|
direct allocation
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
2B7F000
|
stack
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
80B8000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
DF0000
|
unkown
|
page write copy
|
||
|
ED8000
|
unkown
|
page readonly
|
||
|
1565000
|
unkown
|
page readonly
|
||
|
158F000
|
unkown
|
page readonly
|
||
|
892D000
|
stack
|
page read and write
|
||
|
59BD000
|
stack
|
page read and write
|
||
|
1B2A000
|
unkown
|
page readonly
|
||
|
8079000
|
heap
|
page read and write
|
||
|
E6F000
|
unkown
|
page readonly
|
||
|
882E000
|
stack
|
page read and write
|
||
|
808A000
|
heap
|
page read and write
|
||
|
101D000
|
unkown
|
page readonly
|
||
|
2FCC000
|
stack
|
page read and write
|
||
|
DC4E000
|
stack
|
page read and write
|
||
|
2001F000
|
unkown
|
page write copy
|
||
|
8600000
|
trusted library allocation
|
page read and write
|
||
|
156A000
|
unkown
|
page readonly
|
||
|
8075000
|
heap
|
page read and write
|
||
|
826F000
|
stack
|
page read and write
|
||
|
F0D000
|
unkown
|
page readonly
|
||
|
30B5000
|
heap
|
page read and write
|
||
|
4CDD000
|
stack
|
page read and write
|
||
|
21B0000
|
direct allocation
|
page read and write
|
||
|
15C5000
|
unkown
|
page readonly
|
||
|
79F000
|
heap
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
816C000
|
stack
|
page read and write
|
||
|
30F0000
|
direct allocation
|
page read and write
|
||
|
809D000
|
heap
|
page read and write
|
||
|
4D1E000
|
stack
|
page read and write
|
||
|
154E000
|
unkown
|
page readonly
|
||
|
4810000
|
heap
|
page read and write
|
||
|
EC4000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
F04000
|
unkown
|
page readonly
|
||
|
35C0000
|
heap
|
page read and write
|
||
|
297C000
|
stack
|
page read and write
|
||
|
7FBE000
|
stack
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
669000
|
heap
|
page read and write
|
||
|
F94000
|
unkown
|
page readonly
|
||
|
134F000
|
stack
|
page read and write
|
||
|
1990000
|
unkown
|
page readonly
|
||
|
8E96000
|
heap
|
page read and write
|
||
|
15BA000
|
unkown
|
page readonly
|
||
|
30F0000
|
direct allocation
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1990000
|
unkown
|
page readonly
|
||
|
DC50000
|
trusted library allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
147C000
|
unkown
|
page readonly
|
||
|
5D5E000
|
stack
|
page read and write
|
||
|
1753000
|
unkown
|
page readonly
|
||
|
8079000
|
heap
|
page read and write
|
||
|
EA3000
|
unkown
|
page readonly
|
||
|
EB8000
|
unkown
|
page readonly
|
||
|
156C000
|
unkown
|
page readonly
|
||
|
3320000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
155F000
|
unkown
|
page readonly
|
||
|
5DCC000
|
trusted library allocation
|
page read and write
|
||
|
8079000
|
heap
|
page read and write
|
||
|
ECF000
|
unkown
|
page readonly
|
||
|
5DD8000
|
trusted library allocation
|
page read and write
|
||
|
60A6000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
158F000
|
unkown
|
page readonly
|
||
|
1744000
|
unkown
|
page readonly
|
||
|
1597000
|
unkown
|
page readonly
|
||
|
8EE0000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1957000
|
unkown
|
page readonly
|
||
|
808B000
|
heap
|
page read and write
|
||
|
1567000
|
unkown
|
page readonly
|
||
|
154E000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
1591000
|
unkown
|
page readonly
|
||
|
2D6B000
|
heap
|
page read and write
|
||
|
8010000
|
heap
|
page read and write
|
||
|
E8F000
|
unkown
|
page readonly
|
||
|
8E67000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
808B000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
CD50000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
unkown
|
page readonly
|
||
|
146E000
|
unkown
|
page readonly
|
||
|
192A000
|
unkown
|
page readonly
|
||
|
2091000
|
direct allocation
|
page read and write
|
||
|
5103000
|
heap
|
page read and write
|
||
|
E28000
|
unkown
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
F2D000
|
unkown
|
page readonly
|
||
|
80AB000
|
heap
|
page read and write
|
||
|
191E000
|
unkown
|
page readonly
|
||
|
FB4000
|
unkown
|
page readonly
|
||
|
56C1000
|
heap
|
page read and write
|
||
|
FA8000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
ECF000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
80AF000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
7C3E000
|
stack
|
page read and write
|
||
|
809B000
|
heap
|
page read and write
|
||
|
462F000
|
stack
|
page read and write
|
||
|
806F000
|
heap
|
page read and write
|
||
|
8079000
|
heap
|
page read and write
|
||
|
82C000
|
stack
|
page read and write
|
||
|
58BF000
|
stack
|
page read and write
|
||
|
FF4000
|
unkown
|
page readonly
|
||
|
5DBE000
|
trusted library allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
EE4000
|
unkown
|
page readonly
|
||
|
4E5B000
|
heap
|
page read and write
|
||
|
4CF0000
|
heap
|
page read and write
|
||
|
1591000
|
unkown
|
page readonly
|
||
|
80A7000
|
heap
|
page read and write
|
||
|
807E000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
15BA000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E41000
|
unkown
|
page readonly
|
||
|
8BAE000
|
stack
|
page read and write
|
||
|
8080000
|
heap
|
page read and write
|
||
|
7EE000
|
heap
|
page read and write
|
||
|
5BBF000
|
stack
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
15BC000
|
unkown
|
page readonly
|
||
|
807A000
|
heap
|
page read and write
|
||
|
5DC8000
|
trusted library allocation
|
page read and write
|
||
|
5DBA000
|
trusted library allocation
|
page read and write
|
||
|
2001E000
|
unkown
|
page read and write
|
||
|
F0D000
|
unkown
|
page readonly
|
||
|
2091000
|
direct allocation
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
7FE40000
|
trusted library allocation
|
page execute read
|
||
|
F9F000
|
unkown
|
page readonly
|
||
|
1486000
|
unkown
|
page readonly
|
||
|
8084000
|
heap
|
page read and write
|
||
|
EAF000
|
unkown
|
page readonly
|
||
|
FB4000
|
unkown
|
page readonly
|
||
|
15B1000
|
unkown
|
page readonly
|
||
|
304E000
|
heap
|
page read and write
|
||
|
192A000
|
unkown
|
page readonly
|
||
|
665000
|
heap
|
page read and write
|
||
|
DED000
|
unkown
|
page read and write
|
||
|
8083000
|
heap
|
page read and write
|
||
|
30A1000
|
heap
|
page read and write
|
||
|
1597000
|
unkown
|
page readonly
|
||
|
148D000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
FB4000
|
unkown
|
page readonly
|
||
|
1550000
|
unkown
|
page readonly
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
7ABF000
|
stack
|
page read and write
|
||
|
8073000
|
heap
|
page read and write
|
||
|
809D000
|
heap
|
page read and write
|
||
|
F0D000
|
unkown
|
page readonly
|
||
|
1595000
|
unkown
|
page readonly
|
||
|
34CA000
|
heap
|
page read and write
|
||
|
1975000
|
unkown
|
page readonly
|
||
|
1B74000
|
unkown
|
page readonly
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
808A000
|
heap
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
570000
|
heap
|
page read and write
|
||
|
8073000
|
heap
|
page read and write
|
||
|
1A69000
|
unkown
|
page readonly
|
||
|
1563000
|
unkown
|
page readonly
|
||
|
6760000
|
heap
|
page read and write
|
||
|
1029000
|
unkown
|
page readonly
|
||
|
2098000
|
direct allocation
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1B74000
|
unkown
|
page readonly
|
||
|
FD4000
|
unkown
|
page readonly
|
||
|
80B4000
|
heap
|
page read and write
|
||
|
1009000
|
unkown
|
page readonly
|
||
|
8F08000
|
heap
|
page read and write
|
||
|
4AD000
|
unkown
|
page readonly
|
||
|
156C000
|
unkown
|
page readonly
|
||
|
1947000
|
unkown
|
page readonly
|
||
|
8072000
|
heap
|
page read and write
|
||
|
5D93000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
809A000
|
heap
|
page read and write
|
||
|
174A000
|
unkown
|
page readonly
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
3016000
|
heap
|
page read and write
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
1A82000
|
unkown
|
page readonly
|
||
|
400000
|
heap
|
page read and write
|
||
|
25B4000
|
unkown
|
page readonly
|
||
|
573F000
|
stack
|
page read and write
|
||
|
1B97000
|
unkown
|
page readonly
|
||
|
F73000
|
unkown
|
page readonly
|
||
|
E83000
|
unkown
|
page readonly
|
||
|
EE4000
|
unkown
|
page readonly
|
||
|
214C000
|
direct allocation
|
page read and write
|
||
|
5E0E000
|
trusted library allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
866F000
|
stack
|
page read and write
|
||
|
8EF1000
|
heap
|
page read and write
|
||
|
DF9000
|
unkown
|
page read and write
|
||
|
1009000
|
unkown
|
page readonly
|
||
|
8E91000
|
heap
|
page read and write
|
||
|
4DF0000
|
heap
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
545000
|
heap
|
page read and write
|
||
|
CD50000
|
trusted library allocation
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
8092000
|
heap
|
page read and write
|
||
|
155A000
|
unkown
|
page readonly
|
||
|
8EFA000
|
heap
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
8EF8000
|
heap
|
page read and write
|
||
|
807A000
|
heap
|
page read and write
|
||
|
1753000
|
unkown
|
page readonly
|
||
|
808A000
|
heap
|
page read and write
|
||
|
4950000
|
heap
|
page read and write
|
||
|
808A000
|
heap
|
page read and write
|
||
|
8080000
|
heap
|
page read and write
|
||
|
1593000
|
unkown
|
page readonly
|
||
|
80A5000
|
heap
|
page read and write
|
||
|
15BE000
|
unkown
|
page readonly
|
||
|
520000
|
heap
|
page read and write
|
||
|
1475000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
1115000
|
heap
|
page read and write
|
||
|
10010000
|
unkown
|
page readonly
|
||
|
8075000
|
heap
|
page read and write
|
||
|
F04000
|
unkown
|
page readonly
|
||
|
1561000
|
unkown
|
page readonly
|
||
|
8096000
|
heap
|
page read and write
|
||
|
1565000
|
unkown
|
page readonly
|
||
|
EF8000
|
unkown
|
page readonly
|
||
|
1000A000
|
unkown
|
page readonly
|
||
|
E3B1000
|
heap
|
page read and write
|
||
|
8E86000
|
heap
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
1A79000
|
unkown
|
page readonly
|
||
|
1561000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
DC5000
|
unkown
|
page write copy
|
||
|
544000
|
heap
|
page read and write
|
||
|
5DDA000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
unkown
|
page readonly
|
||
|
18B000
|
stack
|
page read and write
|
||
|
F9F000
|
unkown
|
page readonly
|
||
|
8079000
|
heap
|
page read and write
|
||
|
8084000
|
heap
|
page read and write
|
||
|
EAF000
|
unkown
|
page readonly
|
||
|
1110000
|
heap
|
page read and write
|
||
|
E7A000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
E3D6000
|
heap
|
page read and write
|
||
|
8081000
|
heap
|
page read and write
|
||
|
806F000
|
heap
|
page read and write
|
||
|
1570000
|
unkown
|
page readonly
|
||
|
EC4000
|
unkown
|
page readonly
|
||
|
8E6B000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
1980000
|
unkown
|
page readonly
|
||
|
544000
|
heap
|
page read and write
|
||
|
1B97000
|
unkown
|
page readonly
|
||
|
20000000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
1F8F000
|
stack
|
page read and write
|
||
|
1486000
|
unkown
|
page readonly
|
||
|
FA8000
|
unkown
|
page readonly
|
||
|
F9F000
|
unkown
|
page readonly
|
||
|
804A000
|
heap
|
page read and write
|
||
|
147C000
|
unkown
|
page readonly
|
||
|
8081000
|
heap
|
page read and write
|
||
|
1A8F000
|
unkown
|
page readonly
|
||
|
808C000
|
heap
|
page read and write
|
||
|
8080000
|
heap
|
page read and write
|
||
|
8E2D000
|
heap
|
page read and write
|
||
|
5544000
|
heap
|
page read and write
|
||
|
20001000
|
unkown
|
page execute read
|
||
|
400000
|
unkown
|
page readonly
|
||
|
F94000
|
unkown
|
page readonly
|
||
|
293B000
|
stack
|
page read and write
|
There are 779 hidden memdumps, click here to show them.