Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
J4zGPhVRV3.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\vp8decoder.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\vp8encoder.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\webmmux.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\webmvorbisdecoder.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\webmvorbisencoder.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Remote Manipulator System\eventmsg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI7E5B.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\{827D98D4-CA0D-43D0-8133-225659FBBC61}\ARPPRODUCTICON.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\{827D98D4-CA0D-43D0-8133-225659FBBC61}\UNINST_Uninstall_R_3B1E3C8B7D0945898DA82CEEED02F0C7.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\{827D98D4-CA0D-43D0-8133-225659FBBC61}\server_config_C8E9A92497A149D695F92E4E3AE550F0.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\{827D98D4-CA0D-43D0-8133-225659FBBC61}\server_start_C00864331B9D4391A8A26292A601EBE2.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\{827D98D4-CA0D-43D0-8133-225659FBBC61}\server_stop_27D7873393984316BEA10FB36BB4D2F9.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\417380.rbs
|
data
|
modified
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\EULA.rtf
|
Rich Text Format data, version 1, ANSI, code page 1251, default middle east language ID 1025
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\MessageBox.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\VPDAgent.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\emf2pdf.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\fwproc.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\pdfout.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\printer.ico
|
MS Windows icon resource - 6 icons, 32x32, 4 bits/pixel, 16x16, 4 bits/pixel
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\progressbar.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\properties.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\rppd.lng
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\srvinst.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\vpd_sdk.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\vpdisp.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\msvcp120.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\msvcr120.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\ntprint.inf
|
Windows setup INFormation
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\printer.ico
|
MS Windows icon resource - 6 icons, 32x32, 4 bits/pixel, 16x16, 4 bits/pixel
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\rppd.gpd
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\rppd.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\rppd.lng
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\rppdpm.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\rppdui.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\setupdrv.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\stdnames_vpd.gpd
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\unidrv_rppd.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\unidrv_rppd.hlp
|
MS Windows 3.1 help, Tue Apr 17 13:11:56 2001, 21225 bytes
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\unidrvui_rppd.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\unires_vpd.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\vccorlib120.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\msvcp120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\msvcr120.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\ntprint.inf
|
Windows setup INFormation
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\printer.ico
|
MS Windows icon resource - 6 icons, 32x32, 4 bits/pixel, 16x16, 4 bits/pixel
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\rppd.gpd
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\rppd.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\rppd.lng
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\rppdpm.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\rppdui.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\setupdrv.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\stdnames_vpd.gpd
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\unidrv_rppd.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\unidrv_rppd.hlp
|
MS Windows 3.1 help, Tue Apr 17 13:11:56 2001, 21225 bytes
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\unidrvui_rppd.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\unires_vpd.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\vccorlib120.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\eventmsg.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\libasset32.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Remote Manipulator System - Host\libcodec32.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xa3735c0b, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\ProgramData\Remote Manipulator System\Logs\rms_log_2024-10.html
|
HTML document, ASCII text, with CR line terminators
|
dropped
|
||
|
C:\ProgramData\Remote Manipulator System\install.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Remote Manipulator System\msi\70510_{827D98D4-CA0D-43D0-8133-225659FBBC61}\winrar.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: RMS - Host 7.5, Comments: This installer contains the logic and data
to install RMS - Host 7.5, Keywords: Installer,MSI,Database, Subject: RMS - Host 7.5, Author: TektonIT, Ter-Osipov A.V., Security:
1, Number of Pages: 200, Name of Creating Application: InstallShield 2021 - Premier Edition with Virtualization Pack 27,
Last Saved Time/Date: Fri Sep 20 18:23:47 2024, Create Time/Date: Fri Sep 20 18:23:47 2024, Last Printed: Fri Sep 20 18:23:47
2024, Revision Number: {C457692F-C69F-4EF4-B4C9-3DF451F76F30}, Code page: 1251, Template: Intel;1049
|
dropped
|
||
|
C:\ProgramData\regid.1991-06.com.microsoft\regid.1991-06.com.microsoft_Windows-10-Pro.swidtag
|
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\278627ed-fc24-4e0b-bb23-271ee4eddacd.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\57d15819-7592-4652-9025-a1ea97ba9cb4.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State~RF42a2d6.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\TransportSecurity (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\f7949625-9da5-4523-ab9b-73e297971f3f.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 15, database pages 21, cookie 0x5, schema 4,
UTF-8, version-valid-for 15
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
|
Certificate, Version=3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents
|
SQLite 3.x database, last written using SQLite version 3040000, file counter 25, database pages 3, cookie 0x2, schema 4, UTF-8,
version-valid-for 25
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-10-29 11-51-49-757.log
|
ASCII text, with very long lines (393)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
|
ASCII text, with very long lines (393), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\49bf621b-c5e0-4a54-8bd5-5c2d5aeba465.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 33081
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\4e9412d0-5eb2-4ee7-b136-1df5f3aa75c7.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 5111142
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\b6bcbe39-8da8-4ef5-8b86-bf9488d7b993.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 299538
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\acrocef_low\be033063-4763-4196-9c5a-1e2174b195ec.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1311022
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\file.pdf
|
PDF document, version 1.7, 1 pages
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\winrar.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: RMS - Host 7.5, Comments: This installer contains the logic and data
to install RMS - Host 7.5, Keywords: Installer,MSI,Database, Subject: RMS - Host 7.5, Author: TektonIT, Ter-Osipov A.V., Security:
1, Number of Pages: 200, Name of Creating Application: InstallShield 2021 - Premier Edition with Virtualization Pack 27,
Last Saved Time/Date: Fri Sep 20 18:23:47 2024, Create Time/Date: Fri Sep 20 18:23:47 2024, Last Printed: Fri Sep 20 18:23:47
2024, Revision Number: {C457692F-C69F-4EF4-B4C9-3DF451F76F30}, Code page: 1251, Template: Intel;1049
|
dropped
|
||
|
C:\Windows\Installer\41737e.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: RMS - Host 7.5, Comments: This installer contains the logic and data
to install RMS - Host 7.5, Keywords: Installer,MSI,Database, Subject: RMS - Host 7.5, Author: TektonIT, Ter-Osipov A.V., Security:
1, Number of Pages: 200, Name of Creating Application: InstallShield 2021 - Premier Edition with Virtualization Pack 27,
Last Saved Time/Date: Fri Sep 20 18:23:47 2024, Create Time/Date: Fri Sep 20 18:23:47 2024, Last Printed: Fri Sep 20 18:23:47
2024, Revision Number: {C457692F-C69F-4EF4-B4C9-3DF451F76F30}, Code page: 1251, Template: Intel;1049
|
dropped
|
||
|
C:\Windows\Installer\417381.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Number of Characters: 0, Last
Saved By: InstallShield, Number of Words: 0, Title: RMS - Host 7.5, Comments: This installer contains the logic and data
to install RMS - Host 7.5, Keywords: Installer,MSI,Database, Subject: RMS - Host 7.5, Author: TektonIT, Ter-Osipov A.V., Security:
1, Number of Pages: 200, Name of Creating Application: InstallShield 2021 - Premier Edition with Virtualization Pack 27,
Last Saved Time/Date: Fri Sep 20 18:23:47 2024, Create Time/Date: Fri Sep 20 18:23:47 2024, Last Printed: Fri Sep 20 18:23:47
2024, Revision Number: {C457692F-C69F-4EF4-B4C9-3DF451F76F30}, Code page: 1251, Template: Intel;1049
|
dropped
|
||
|
C:\Windows\Installer\MSI8830.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A62E94087F64223B9812F11186592BA
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 4770 bytes, 1 file, at 0x2c +A "disallowedcert.stl", number 1, 1 datablock,
0x1 compression
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9CB4373A4252DE8D2212929836304EC5_6C354C532D063DF5607A63BA827F5164
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A1D627669EFC8CD4F21BCF387D97F9B5_E818918BC57803438E0E0146A88425A7
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50385F8EB1F713E33924A830D7A2A41C
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD92F95DED26541D3AF7F44DC7914843
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A62E94087F64223B9812F11186592BA
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9CB4373A4252DE8D2212929836304EC5_6C354C532D063DF5607A63BA827F5164
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A1D627669EFC8CD4F21BCF387D97F9B5_E818918BC57803438E0E0146A88425A7
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50385F8EB1F713E33924A830D7A2A41C
|
data
|
dropped
|
||
|
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD92F95DED26541D3AF7F44DC7914843
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF1D68A25D9EB316F1.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF49649112289761ED.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF549F7F686D014070.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF5903583D1FF3E44E.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF5B3F3D97000D85E1.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF69983B8D9E93C771.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF6B9E8091C3A2E56D.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF6EDFFD5D53F3641A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF7213E1D3B9FF115C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFBA83223C3E4FEFF2.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFE60ABF5300CEFCCC.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFE6BF8ED199B0F265.TMP
|
data
|
dropped
|
There are 126 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k wsappx -p -s ClipSVC
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s wscsvc
|
|
|
|
C:\Users\user\Desktop\J4zGPhVRV3.exe
|
"C:\Users\user\Desktop\J4zGPhVRV3.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k LocalService -s W32Time
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe" -msi_copy "C:\Users\user~1\AppData\Local\Temp\winrar.msi"
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe" /silentinstall
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe" -firewall
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe" /start
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe" -service
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe" -firewall
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe"
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe" /tray
|
|
|
|
C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
|
"C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe" /tray
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
|
|
|
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user~1\AppData\Local\Temp\file.pdf"
|
||
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user~1\AppData\Local\Temp\winrar.msi" /qn
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
|
||
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
|
"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0"
--lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=2112
--field-trial-handle=1740,i,9168305141304841160,3939740794304371731,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker
/prefetch:8
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 454D404CF2CD6CFC0CCDA935FCCB9601
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 15 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.remoteutilities.com/support/docs/installing-and-uninstalling/
|
unknown
|
||
|
https://curl.se/docs/http-cookies.html
|
unknown
|
||
|
http://update.tektonit.ru/upgrade.ini
|
unknown
|
||
|
http://update.tektonit.ru/upgrade_beta.ini
|
unknown
|
||
|
http://madExcept.comU
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV21C:
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
https://curl.se/docs/alt-svc.html
|
unknown
|
||
|
http://www.symauth.com/cps0(
|
unknown
|
||
|
http://rmansys.ru/internet-id/
|
unknown
|
||
|
http://standards.iso.org/iso/19770/-2/2009/schema.xsd
|
unknown
|
||
|
https://curl.se/docs/hsts.html
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod1C:
|
unknown
|
||
|
https://gcc.gnu.org/bugsrg/bugs/):
|
unknown
|
||
|
http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
|
unknown
|
||
|
http://www.symauth.com/rpa00
|
unknown
|
||
|
https://rmansys.ru/remote-access//rmansys.ru/remote-access/
|
unknown
|
||
|
https://rmansys.ru/remote-access//rmansys.ru/remote-access/O
|
unknown
|
||
|
https://rmansys.ru/remote-access/
|
unknown
|
||
|
http://www.flexerasoftware.com0
|
unknown
|
||
|
https://rmansys.ru/IS_PREVENT_DOWNGRADE_EXITZ_DOWNGRADE_DETECTED;Z_UPGRADE_DETECTED;COMPANYNAME;INST
|
unknown
|
||
|
http://www.inkscape.org/namespaces/inkscape
|
unknown
|
||
|
https://www.remoteutilities.com/buy/money-back-guarantee.php
|
unknown
|
||
|
https://www.remoteutilities.com/about/privacy-policy.php
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
x1.i.lencr.org
|
unknown
|
||
|
time.windows.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
111.90.140.51
|
unknown
|
Malaysia
|
||
|
111.90.140.34
|
unknown
|
Malaysia
|
||
|
96.6.160.189
|
unknown
|
United States
|
||
|
127.0.0.1
|
unknown
|
unknown
|
||
|
65.21.245.7
|
unknown
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
|
STATE
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{8D80504A-0826-40C5-97E1-EBC68F953792} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\msiexec.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\msiexec.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\417380.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\417380.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5052F47A02BDEA469F8EAB572D83BA8
|
4D89D728D0AC0D341833226595BFCB16
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6364F69515D55F943B4B3F3C669ECD32
|
00000000000000000000000000000000
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2A013281E9DC1714CA1DA3DE2D061AF5
|
4D89D728D0AC0D341833226595BFCB16
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1ABE421E8CFC34144AACB9676F71902E
|
4D89D728D0AC0D341833226595BFCB16
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6BF33E458B6814BAD1904D3FB1F7AF
|
4D89D728D0AC0D341833226595BFCB16
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\common\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Remote Manipulator System - Host\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x64\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Remote Manipulator System - Host\Printer\x86\
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\RMS Host Installer
|
Security
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\RMS Host Installer
|
General
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\RMS Host Installer
|
CallbackSettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
RegOwner
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
RegCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
ProductID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\509B38EF4554FFD4794F292971C81B17
|
4D89D728D0AC0D341833226595BFCB16
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{827D98D4-CA0D-43D0-8133-225659FBBC61}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\4D89D728D0AC0D341833226595BFCB16
|
RMS
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\Features
|
RMS
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{827D98D4-CA0D-43D0-8133-225659FBBC61}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D89D728D0AC0D341833226595BFCB16\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\509B38EF4554FFD4794F292971C81B17
|
4D89D728D0AC0D341833226595BFCB16
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16\SourceList\Media
|
DiskPrompt
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4D89D728D0AC0D341833226595BFCB16\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D69B561148F01C77C54578C10926DF5B856976AD
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time\Config
|
LastKnownGoodTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
Security
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
General
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
CallbackSettings
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
FUSClientPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
InternetId
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
Certificates
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Remote Manipulator System - host\Remote Manipulator System - host
service
|
EventMessageFile
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Remote Manipulator System - host\Remote Manipulator System - host
service
|
TypesSupported
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Remote Manipulator System - host
|
MaxSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
CalendarRecordSettings
|
||
|
HKEY_USERS.DEFAULT\Software\Classes\Local Settings\MuiCache\1f\417C44EB
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERS.DEFAULT\Software\Classes\Local Settings\MuiCache\1f\417C44EB
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
General
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
General
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\TektonIT\RMS Host\Host\Parameters
|
Certificates
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8
|
Blob
|
||
|
HKEY_USERS.DEFAULT\Software\Classes\Local Settings\MuiCache\1f\417C44EB
|
@%systemroot%\system32\FirewallControlPanel.dll,-12122
|
There are 113 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3741000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
4212000
|
direct allocation
|
page read and write
|
||
|
1D0D1C52000
|
heap
|
page read and write
|
||
|
4F0000
|
unkown
|
page readonly
|
||
|
210F000
|
heap
|
page read and write
|
||
|
7D5F000
|
stack
|
page read and write
|
||
|
7A5E000
|
stack
|
page read and write
|
||
|
18AC000
|
unkown
|
page readonly
|
||
|
18377393000
|
heap
|
page read and write
|
||
|
3191000
|
direct allocation
|
page read and write
|
||
|
3C38000
|
direct allocation
|
page read and write
|
||
|
2019000
|
heap
|
page read and write
|
||
|
1FC3000
|
heap
|
page read and write
|
||
|
25A1000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
3614000
|
direct allocation
|
page read and write
|
||
|
3253000
|
direct allocation
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
149C000
|
unkown
|
page read and write
|
||
|
D27907E000
|
stack
|
page read and write
|
||
|
4228000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1837B394000
|
heap
|
page read and write
|
||
|
E8B000
|
unkown
|
page read and write
|
||
|
36C0000
|
direct allocation
|
page read and write
|
||
|
40C0000
|
heap
|
page read and write
|
||
|
31D3000
|
direct allocation
|
page read and write
|
||
|
155E000
|
unkown
|
page read and write
|
||
|
3BDD000
|
direct allocation
|
page read and write
|
||
|
4E08000
|
direct allocation
|
page read and write
|
||
|
18377328000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
F73000
|
unkown
|
page read and write
|
||
|
3B7F000
|
direct allocation
|
page read and write
|
||
|
E88000
|
unkown
|
page write copy
|
||
|
6C698000
|
unkown
|
page execute read
|
||
|
627E000
|
stack
|
page read and write
|
||
|
53BF000
|
stack
|
page read and write
|
||
|
1D0D1C13000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1965000
|
unkown
|
page readonly
|
||
|
18EE000
|
unkown
|
page readonly
|
||
|
2006F3F0000
|
trusted library allocation
|
page read and write
|
||
|
529B000
|
trusted library allocation
|
page read and write
|
||
|
2006F504000
|
heap
|
page read and write
|
||
|
D2778FE000
|
stack
|
page read and write
|
||
|
1E64000
|
heap
|
page read and write
|
||
|
6CACB000
|
unkown
|
page readonly
|
||
|
1837731C000
|
heap
|
page read and write
|
||
|
1498000
|
unkown
|
page read and write
|
||
|
9F9F000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
9B9F000
|
stack
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
8A2000
|
unkown
|
page execute read
|
||
|
4DE7000
|
direct allocation
|
page read and write
|
||
|
3BA8000
|
direct allocation
|
page read and write
|
||
|
736D000
|
heap
|
page read and write
|
||
|
2006EB60000
|
heap
|
page read and write
|
||
|
1C10000
|
heap
|
page read and write
|
||
|
2576000
|
direct allocation
|
page read and write
|
||
|
14BE000
|
unkown
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
2101000
|
heap
|
page read and write
|
||
|
2C9727B000
|
stack
|
page read and write
|
||
|
374E000
|
direct allocation
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
1BEE000
|
stack
|
page read and write
|
||
|
18377326000
|
heap
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
15963480000
|
heap
|
page read and write
|
||
|
253C000
|
direct allocation
|
page read and write
|
||
|
1498000
|
unkown
|
page read and write
|
||
|
1DC8000
|
heap
|
page read and write
|
||
|
795F000
|
stack
|
page read and write
|
||
|
18377328000
|
heap
|
page read and write
|
||
|
639000
|
unkown
|
page execute read
|
||
|
1837B3E5000
|
heap
|
page read and write
|
||
|
194F000
|
stack
|
page read and write
|
||
|
4DF0000
|
direct allocation
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
3C0D000
|
direct allocation
|
page read and write
|
||
|
1BC9000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
3CD3000
|
direct allocation
|
page read and write
|
||
|
18B0000
|
unkown
|
page readonly
|
||
|
210D000
|
heap
|
page read and write
|
||
|
5895000
|
direct allocation
|
page read and write
|
||
|
3DF3000
|
heap
|
page read and write
|
||
|
15963655000
|
heap
|
page read and write
|
||
|
828DEFB000
|
stack
|
page read and write
|
||
|
3C21000
|
direct allocation
|
page read and write
|
||
|
36E9000
|
direct allocation
|
page read and write
|
||
|
1E54000
|
heap
|
page read and write
|
||
|
7EA60000
|
direct allocation
|
page read and write
|
||
|
3A03000
|
heap
|
page read and write
|
||
|
5081000
|
heap
|
page read and write
|
||
|
719E000
|
stack
|
page read and write
|
||
|
20074400000
|
trusted library allocation
|
page read and write
|
||
|
4DAE000
|
direct allocation
|
page read and write
|
||
|
3BE2000
|
direct allocation
|
page read and write
|
||
|
20B0000
|
direct allocation
|
page execute and read and write
|
||
|
41F7000
|
direct allocation
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
192F000
|
unkown
|
page readonly
|
||
|
612C000
|
stack
|
page read and write
|
||
|
326F000
|
direct allocation
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
2669000
|
direct allocation
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
8D4000
|
unkown
|
page execute read
|
||
|
234E000
|
stack
|
page read and write
|
||
|
20FE000
|
heap
|
page read and write
|
||
|
1FFD000
|
heap
|
page read and write
|
||
|
257D000
|
direct allocation
|
page read and write
|
||
|
2699A460000
|
heap
|
page read and write
|
||
|
1E47000
|
heap
|
page read and write
|
||
|
8F9F000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
2006FA40000
|
trusted library allocation
|
page read and write
|
||
|
3B99000
|
direct allocation
|
page read and write
|
||
|
379B000
|
direct allocation
|
page read and write
|
||
|
2006EC40000
|
heap
|
page read and write
|
||
|
7E150000
|
direct allocation
|
page read and write
|
||
|
2029000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
1718000
|
heap
|
page read and write
|
||
|
6C9FF000
|
unkown
|
page readonly
|
||
|
73D5000
|
heap
|
page read and write
|
||
|
32D2000
|
direct allocation
|
page read and write
|
||
|
B35F000
|
stack
|
page read and write
|
||
|
7365000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
155F000
|
unkown
|
page read and write
|
||
|
3BF8000
|
direct allocation
|
page read and write
|
||
|
22CEE238000
|
heap
|
page read and write
|
||
|
20F8000
|
heap
|
page read and write
|
||
|
2699AC02000
|
trusted library allocation
|
page read and write
|
||
|
201D000
|
heap
|
page read and write
|
||
|
3850000
|
direct allocation
|
page read and write
|
||
|
26852A48000
|
heap
|
page read and write
|
||
|
183794F4000
|
heap
|
page read and write
|
||
|
E88000
|
unkown
|
page read and write
|
||
|
32E0000
|
direct allocation
|
page read and write
|
||
|
2006ECAF000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
3212000
|
direct allocation
|
page read and write
|
||
|
7781B7E000
|
unkown
|
page readonly
|
||
|
1FA5000
|
heap
|
page read and write
|
||
|
2699A471000
|
heap
|
page read and write
|
||
|
F1A84FF000
|
stack
|
page read and write
|
||
|
26853332000
|
heap
|
page read and write
|
||
|
2007430A000
|
heap
|
page read and write
|
||
|
54F0000
|
heap
|
page read and write
|
||
|
666E000
|
stack
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1E00000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
1E78000
|
heap
|
page read and write
|
||
|
373F000
|
direct allocation
|
page read and write
|
||
|
1837B2B5000
|
heap
|
page read and write
|
||
|
3C2F000
|
direct allocation
|
page read and write
|
||
|
2001000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
56D7000
|
heap
|
page read and write
|
||
|
B55F000
|
stack
|
page read and write
|
||
|
18377309000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
193B000
|
unkown
|
page readonly
|
||
|
3741000
|
heap
|
page read and write
|
||
|
D2776F7000
|
stack
|
page read and write
|
||
|
828D32E000
|
stack
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
318B000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
3126000
|
direct allocation
|
page read and write
|
||
|
500E000
|
stack
|
page read and write
|
||
|
3268000
|
direct allocation
|
page read and write
|
||
|
3740000
|
heap
|
page read and write
|
||
|
73B4000
|
heap
|
page read and write
|
||
|
183795B4000
|
heap
|
page read and write
|
||
|
16EC000
|
heap
|
page read and write
|
||
|
20DF000
|
heap
|
page read and write
|
||
|
6C95A000
|
unkown
|
page readonly
|
||
|
36FD000
|
direct allocation
|
page read and write
|
||
|
3E40000
|
heap
|
page read and write
|
||
|
1DBE000
|
stack
|
page read and write
|
||
|
D2780FB000
|
stack
|
page read and write
|
||
|
7B5F000
|
stack
|
page read and write
|
||
|
32BC000
|
direct allocation
|
page read and write
|
||
|
E8B000
|
unkown
|
page read and write
|
||
|
2A81000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1EFE000
|
stack
|
page read and write
|
||
|
2084000
|
heap
|
page read and write
|
||
|
2699A431000
|
heap
|
page read and write
|
||
|
2006FC20000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
1D0D1BE0000
|
trusted library allocation
|
page read and write
|
||
|
1837730E000
|
heap
|
page read and write
|
||
|
3DCE000
|
stack
|
page read and write
|
||
|
3B11000
|
direct allocation
|
page read and write
|
||
|
16D7000
|
heap
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
30FF000
|
direct allocation
|
page read and write
|
||
|
3770000
|
direct allocation
|
page execute and read and write
|
||
|
41E3000
|
direct allocation
|
page read and write
|
||
|
3198000
|
direct allocation
|
page read and write
|
||
|
3713000
|
direct allocation
|
page read and write
|
||
|
192E000
|
stack
|
page read and write
|
||
|
7FB20000
|
direct allocation
|
page read and write
|
||
|
7FF69E571000
|
unkown
|
page execute read
|
||
|
52AD000
|
trusted library allocation
|
page read and write
|
||
|
3156000
|
direct allocation
|
page read and write
|
||
|
1D5E000
|
stack
|
page read and write
|
||
|
23F0000
|
direct allocation
|
page execute and read and write
|
||
|
3B78000
|
direct allocation
|
page read and write
|
||
|
1B2E000
|
stack
|
page read and write
|
||
|
2091000
|
heap
|
page read and write
|
||
|
7E599000
|
direct allocation
|
page read and write
|
||
|
1837730E000
|
heap
|
page read and write
|
||
|
20F6000
|
heap
|
page read and write
|
||
|
183792FA000
|
heap
|
page read and write
|
||
|
3BD1000
|
direct allocation
|
page read and write
|
||
|
6C490000
|
unkown
|
page readonly
|
||
|
F4A000
|
unkown
|
page read and write
|
||
|
16F9000
|
heap
|
page read and write
|
||
|
1F9B000
|
heap
|
page read and write
|
||
|
24328D00000
|
heap
|
page read and write
|
||
|
5674000
|
heap
|
page read and write
|
||
|
2593000
|
direct allocation
|
page read and write
|
||
|
9D9F000
|
stack
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
20FF000
|
heap
|
page read and write
|
||
|
1837B429000
|
heap
|
page read and write
|
||
|
2006F51A000
|
heap
|
page read and write
|
||
|
183773C5000
|
heap
|
page read and write
|
||
|
31D8000
|
direct allocation
|
page read and write
|
||
|
3BD0000
|
heap
|
page read and write
|
||
|
1B1A000
|
heap
|
page read and write
|
||
|
20CE000
|
stack
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
D27710C000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
2518000
|
direct allocation
|
page read and write
|
||
|
24E1000
|
direct allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
556C000
|
heap
|
page read and write
|
||
|
3C28000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
3328000
|
direct allocation
|
page read and write
|
||
|
3B8E000
|
direct allocation
|
page read and write
|
||
|
10D9000
|
unkown
|
page readonly
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
314A000
|
direct allocation
|
page read and write
|
||
|
18379532000
|
heap
|
page read and write
|
||
|
F45000
|
unkown
|
page read and write
|
||
|
1932000
|
unkown
|
page readonly
|
||
|
24D2000
|
direct allocation
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
54DE000
|
stack
|
page read and write
|
||
|
6CAC6000
|
unkown
|
page read and write
|
||
|
26852950000
|
trusted library allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
73CE000
|
heap
|
page read and write
|
||
|
2037000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
5425000
|
direct allocation
|
page read and write
|
||
|
56B5000
|
heap
|
page read and write
|
||
|
2432A680000
|
trusted library allocation
|
page read and write
|
||
|
1BD0000
|
heap
|
page read and write
|
||
|
31FE000
|
direct allocation
|
page read and write
|
||
|
B211F7E000
|
stack
|
page read and write
|
||
|
637F000
|
stack
|
page read and write
|
||
|
1E62000
|
heap
|
page read and write
|
||
|
7390000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
18377309000
|
heap
|
page read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
6C736000
|
unkown
|
page execute read
|
||
|
201D000
|
heap
|
page read and write
|
||
|
14BD000
|
unkown
|
page read and write
|
||
|
59AA000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
155F000
|
unkown
|
page read and write
|
||
|
6C7AF000
|
unkown
|
page execute read
|
||
|
3BB0000
|
direct allocation
|
page read and write
|
||
|
31AE000
|
direct allocation
|
page read and write
|
||
|
590A000
|
direct allocation
|
page read and write
|
||
|
6C93D000
|
unkown
|
page read and write
|
||
|
1493000
|
unkown
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
326F000
|
direct allocation
|
page read and write
|
||
|
1E59000
|
heap
|
page read and write
|
||
|
622E000
|
stack
|
page read and write
|
||
|
14A4000
|
unkown
|
page read and write
|
||
|
22CEE27A000
|
heap
|
page read and write
|
||
|
4D9B000
|
direct allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
31F7000
|
direct allocation
|
page read and write
|
||
|
CFE000
|
unkown
|
page execute read
|
||
|
1F83000
|
heap
|
page read and write
|
||
|
738C000
|
heap
|
page read and write
|
||
|
26853302000
|
heap
|
page read and write
|
||
|
1437000
|
stack
|
page read and write
|
||
|
53E3000
|
direct allocation
|
page read and write
|
||
|
24328BB0000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
6C9D7000
|
unkown
|
page readonly
|
||
|
73B0000
|
heap
|
page read and write
|
||
|
593E000
|
direct allocation
|
page read and write
|
||
|
2006F790000
|
trusted library allocation
|
page read and write
|
||
|
18377328000
|
heap
|
page read and write
|
||
|
73AE000
|
heap
|
page read and write
|
||
|
16FD000
|
heap
|
page read and write
|
||
|
328E000
|
stack
|
page read and write
|
||
|
31DA000
|
direct allocation
|
page read and write
|
||
|
18379531000
|
heap
|
page read and write
|
||
|
7388000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
26852A48000
|
heap
|
page read and write
|
||
|
7407000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1FC7000
|
heap
|
page read and write
|
||
|
73A7000
|
heap
|
page read and write
|
||
|
3750000
|
heap
|
page read and write
|
||
|
18377260000
|
heap
|
page read and write
|
||
|
5901000
|
direct allocation
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
E5D000
|
unkown
|
page execute read
|
||
|
7E620000
|
direct allocation
|
page read and write
|
||
|
1837B255000
|
heap
|
page read and write
|
||
|
4231000
|
direct allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
1837B3B5000
|
heap
|
page read and write
|
||
|
2006EC73000
|
heap
|
page read and write
|
||
|
263A000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
20E2000
|
heap
|
page read and write
|
||
|
18377346000
|
heap
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
16D3000
|
heap
|
page read and write
|
||
|
212A000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
32B5000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1493000
|
unkown
|
page read and write
|
||
|
F6D000
|
unkown
|
page write copy
|
||
|
183773B2000
|
heap
|
page read and write
|
||
|
4E17000
|
direct allocation
|
page read and write
|
||
|
7382000
|
heap
|
page read and write
|
||
|
393F000
|
stack
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
6C609000
|
unkown
|
page execute read
|
||
|
8901D7F000
|
unkown
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
1AEE000
|
stack
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
1973000
|
unkown
|
page readonly
|
||
|
1906000
|
unkown
|
page readonly
|
||
|
1E4A000
|
heap
|
page read and write
|
||
|
4DBE000
|
direct allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
2A53000
|
heap
|
page read and write
|
||
|
7388000
|
heap
|
page read and write
|
||
|
5140000
|
heap
|
page read and write
|
||
|
5401000
|
direct allocation
|
page read and write
|
||
|
36E1000
|
direct allocation
|
page read and write
|
||
|
18C5000
|
unkown
|
page readonly
|
||
|
4DF8000
|
direct allocation
|
page read and write
|
||
|
7780E7E000
|
unkown
|
page readonly
|
||
|
183795B3000
|
heap
|
page read and write
|
||
|
31EF000
|
direct allocation
|
page read and write
|
||
|
18DA000
|
unkown
|
page readonly
|
||
|
E95000
|
unkown
|
page read and write
|
||
|
26852840000
|
heap
|
page read and write
|
||
|
20DB000
|
heap
|
page read and write
|
||
|
A00000
|
unkown
|
page execute read
|
||
|
6C73A000
|
unkown
|
page execute read
|
||
|
4EB000
|
stack
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
1E9A000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
819F000
|
stack
|
page read and write
|
||
|
20E8000
|
heap
|
page read and write
|
||
|
325A000
|
direct allocation
|
page read and write
|
||
|
14D5000
|
unkown
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1593000
|
unkown
|
page read and write
|
||
|
200741E0000
|
trusted library allocation
|
page read and write
|
||
|
3C0F000
|
heap
|
page read and write
|
||
|
736C000
|
heap
|
page read and write
|
||
|
22CEE24E000
|
heap
|
page read and write
|
||
|
1837AA5E000
|
heap
|
page read and write
|
||
|
7781D7E000
|
stack
|
page read and write
|
||
|
3244000
|
direct allocation
|
page read and write
|
||
|
F1A7FBB000
|
stack
|
page read and write
|
||
|
324B000
|
direct allocation
|
page read and write
|
||
|
338E000
|
stack
|
page read and write
|
||
|
1FDD000
|
heap
|
page read and write
|
||
|
22CEE300000
|
heap
|
page read and write
|
||
|
2109000
|
heap
|
page read and write
|
||
|
3277000
|
direct allocation
|
page read and write
|
||
|
EC7000
|
unkown
|
page read and write
|
||
|
1C28000
|
heap
|
page read and write
|
||
|
1837731D000
|
heap
|
page read and write
|
||
|
1E59000
|
heap
|
page read and write
|
||
|
7FF69E5CB000
|
unkown
|
page write copy
|
||
|
73D7000
|
heap
|
page read and write
|
||
|
1E52000
|
heap
|
page read and write
|
||
|
9FD000
|
unkown
|
page execute read
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
1939000
|
unkown
|
page readonly
|
||
|
16FD000
|
heap
|
page read and write
|
||
|
3E00000
|
heap
|
page read and write
|
||
|
2006EC8C000
|
heap
|
page read and write
|
||
|
73BD000
|
heap
|
page read and write
|
||
|
423A000
|
direct allocation
|
page read and write
|
||
|
16D3000
|
heap
|
page read and write
|
||
|
20D1000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
566D000
|
heap
|
page read and write
|
||
|
2108000
|
heap
|
page read and write
|
||
|
6C961000
|
unkown
|
page readonly
|
||
|
5274000
|
direct allocation
|
page read and write
|
||
|
1E31000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
3E00000
|
heap
|
page read and write
|
||
|
58A5000
|
direct allocation
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
4E38000
|
direct allocation
|
page read and write
|
||
|
3221000
|
direct allocation
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
549E000
|
stack
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
1C20000
|
heap
|
page read and write
|
||
|
6C560000
|
unkown
|
page execute read
|
||
|
E95000
|
unkown
|
page read and write
|
||
|
E95000
|
unkown
|
page read and write
|
||
|
2108000
|
heap
|
page read and write
|
||
|
3794000
|
direct allocation
|
page read and write
|
||
|
26852A13000
|
heap
|
page read and write
|
||
|
1678000
|
heap
|
page read and write
|
||
|
159635B0000
|
trusted library allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1E54000
|
heap
|
page read and write
|
||
|
1E66000
|
heap
|
page read and write
|
||
|
1E4D000
|
heap
|
page read and write
|
||
|
2006ECAB000
|
heap
|
page read and write
|
||
|
1BB0000
|
heap
|
page read and write
|
||
|
3782000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
1BC5000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
488000
|
stack
|
page read and write
|
||
|
5982000
|
direct allocation
|
page read and write
|
||
|
2A9D000
|
heap
|
page read and write
|
||
|
1900000
|
unkown
|
page readonly
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
6CAE000
|
stack
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
7200000
|
remote allocation
|
page read and write
|
||
|
53F2000
|
direct allocation
|
page read and write
|
||
|
4225000
|
direct allocation
|
page read and write
|
||
|
7B750000
|
direct allocation
|
page read and write
|
||
|
1593000
|
unkown
|
page read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
15963613000
|
heap
|
page read and write
|
||
|
6C719000
|
unkown
|
page execute read
|
||
|
1573000
|
unkown
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
6C939000
|
unkown
|
page read and write
|
||
|
16EC000
|
heap
|
page read and write
|
||
|
41BE000
|
direct allocation
|
page read and write
|
||
|
736A000
|
heap
|
page read and write
|
||
|
3BC1000
|
direct allocation
|
page read and write
|
||
|
200742F3000
|
heap
|
page read and write
|
||
|
4C7C000
|
heap
|
page read and write
|
||
|
26852A37000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
1BDB000
|
heap
|
page read and write
|
||
|
1BAB000
|
stack
|
page read and write
|
||
|
320B000
|
direct allocation
|
page read and write
|
||
|
1FA8000
|
heap
|
page read and write
|
||
|
22CEE1E0000
|
heap
|
page read and write
|
||
|
4E1E000
|
direct allocation
|
page read and write
|
||
|
3770000
|
direct allocation
|
page read and write
|
||
|
26852A16000
|
heap
|
page read and write
|
||
|
18C1000
|
unkown
|
page readonly
|
||
|
1837B25A000
|
heap
|
page read and write
|
||
|
7FF69E5DE000
|
unkown
|
page readonly
|
||
|
2699A402000
|
heap
|
page read and write
|
||
|
2000000
|
heap
|
page read and write
|
||
|
4363000
|
heap
|
page read and write
|
||
|
543A000
|
direct allocation
|
page read and write
|
||
|
31A8000
|
direct allocation
|
page read and write
|
||
|
1D0D2402000
|
trusted library allocation
|
page read and write
|
||
|
1D0D1D02000
|
heap
|
page read and write
|
||
|
53D5000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
24328C67000
|
heap
|
page read and write
|
||
|
14DB000
|
unkown
|
page read and write
|
||
|
1FB4000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
1FFD000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
1837B41E000
|
heap
|
page read and write
|
||
|
201C000
|
heap
|
page read and write
|
||
|
1F3E000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
599D000
|
stack
|
page read and write
|
||
|
E88000
|
unkown
|
page read and write
|
||
|
E95000
|
unkown
|
page read and write
|
||
|
16FC000
|
heap
|
page read and write
|
||
|
3785000
|
direct allocation
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
5747000
|
heap
|
page read and write
|
||
|
566B000
|
heap
|
page read and write
|
||
|
20DF000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
3C1C000
|
direct allocation
|
page read and write
|
||
|
1FE5000
|
heap
|
page read and write
|
||
|
24E8000
|
direct allocation
|
page read and write
|
||
|
2699A502000
|
heap
|
page read and write
|
||
|
200746E0000
|
trusted library allocation
|
page read and write
|
||
|
1E61000
|
heap
|
page read and write
|
||
|
3193000
|
direct allocation
|
page read and write
|
||
|
14DB000
|
unkown
|
page read and write
|
||
|
31CB000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
201D000
|
heap
|
page read and write
|
||
|
3289000
|
direct allocation
|
page read and write
|
||
|
19C5000
|
heap
|
page read and write
|
||
|
2D8E000
|
stack
|
page read and write
|
||
|
1FCD000
|
heap
|
page read and write
|
||
|
3130000
|
direct allocation
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
56E1000
|
heap
|
page read and write
|
||
|
2699A3B0000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
1F30000
|
heap
|
page read and write
|
||
|
2D56000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
541F000
|
stack
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
B75F000
|
stack
|
page read and write
|
||
|
174E000
|
stack
|
page read and write
|
||
|
14BE000
|
unkown
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
155F000
|
unkown
|
page read and write
|
||
|
1D70000
|
heap
|
page read and write
|
||
|
ECA000
|
unkown
|
page read and write
|
||
|
5672000
|
heap
|
page read and write
|
||
|
151F000
|
unkown
|
page read and write
|
||
|
778137E000
|
unkown
|
page readonly
|
||
|
19CA000
|
heap
|
page read and write
|
||
|
F7D000
|
unkown
|
page readonly
|
||
|
6C6EF000
|
unkown
|
page execute read
|
||
|
7FF69E571000
|
unkown
|
page execute read
|
||
|
2699A44E000
|
heap
|
page read and write
|
||
|
2699AB30000
|
remote allocation
|
page read and write
|
||
|
1BD0000
|
heap
|
page read and write
|
||
|
254B000
|
direct allocation
|
page read and write
|
||
|
20074254000
|
heap
|
page read and write
|
||
|
1837B3EA000
|
heap
|
page read and write
|
||
|
20074150000
|
trusted library allocation
|
page read and write
|
||
|
6C909000
|
unkown
|
page read and write
|
||
|
2481000
|
direct allocation
|
page read and write
|
||
|
32A0000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
210F000
|
heap
|
page read and write
|
||
|
26853318000
|
heap
|
page read and write
|
||
|
1E7E000
|
stack
|
page read and write
|
||
|
2C975FD000
|
stack
|
page read and write
|
||
|
1837BE29000
|
heap
|
page read and write
|
||
|
1573000
|
unkown
|
page read and write
|
||
|
7417000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
508D000
|
stack
|
page read and write
|
||
|
6C7BD000
|
unkown
|
page execute read
|
||
|
2568000
|
direct allocation
|
page read and write
|
||
|
14C3000
|
unkown
|
page read and write
|
||
|
2F4F000
|
stack
|
page read and write
|
||
|
235D000
|
heap
|
page read and write
|
||
|
828D6FE000
|
stack
|
page read and write
|
||
|
3170000
|
direct allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
18379531000
|
heap
|
page read and write
|
||
|
2509000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
59A1000
|
direct allocation
|
page read and write
|
||
|
2685332E000
|
heap
|
page read and write
|
||
|
1969000
|
unkown
|
page readonly
|
||
|
3C12000
|
direct allocation
|
page read and write
|
||
|
7362000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
829F000
|
stack
|
page read and write
|
||
|
2699A413000
|
heap
|
page read and write
|
||
|
319A000
|
direct allocation
|
page read and write
|
||
|
378C000
|
direct allocation
|
page read and write
|
||
|
41F4000
|
direct allocation
|
page read and write
|
||
|
36F0000
|
direct allocation
|
page execute and read and write
|
||
|
EF1000
|
unkown
|
page execute read
|
||
|
73EE000
|
heap
|
page read and write
|
||
|
3B21000
|
direct allocation
|
page read and write
|
||
|
7352000
|
heap
|
page read and write
|
||
|
1498000
|
unkown
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
A03000
|
unkown
|
page execute read
|
||
|
3BDB000
|
direct allocation
|
page read and write
|
||
|
6C4C1000
|
unkown
|
page execute read
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
259A000
|
direct allocation
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
3168000
|
direct allocation
|
page read and write
|
||
|
24DA000
|
direct allocation
|
page read and write
|
||
|
6C6F2000
|
unkown
|
page execute read
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
D277FFE000
|
unkown
|
page readonly
|
||
|
73DD000
|
heap
|
page read and write
|
||
|
18377393000
|
heap
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
1FBF000
|
stack
|
page read and write
|
||
|
22CEE213000
|
heap
|
page read and write
|
||
|
313C000
|
direct allocation
|
page read and write
|
||
|
24328D02000
|
heap
|
page read and write
|
||
|
5077000
|
heap
|
page read and write
|
||
|
1E25000
|
heap
|
page read and write
|
||
|
7F5D0000
|
direct allocation
|
page read and write
|
||
|
1BA0000
|
heap
|
page read and write
|
||
|
629000
|
unkown
|
page execute read
|
||
|
3741000
|
heap
|
page read and write
|
||
|
EAA000
|
unkown
|
page write copy
|
||
|
6C910000
|
unkown
|
page readonly
|
||
|
54BB000
|
heap
|
page read and write
|
||
|
14A6000
|
unkown
|
page read and write
|
||
|
1837734F000
|
heap
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
22CEE24C000
|
heap
|
page read and write
|
||
|
3BC5000
|
direct allocation
|
page read and write
|
||
|
2527000
|
direct allocation
|
page read and write
|
||
|
20AF000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
22CEEA15000
|
heap
|
page read and write
|
||
|
4F98000
|
heap
|
page read and write
|
||
|
3213000
|
direct allocation
|
page read and write
|
||
|
148B000
|
unkown
|
page read and write
|
||
|
18F3000
|
unkown
|
page readonly
|
||
|
3721000
|
heap
|
page read and write
|
||
|
6C93D000
|
unkown
|
page read and write
|
||
|
317F000
|
direct allocation
|
page read and write
|
||
|
4C76000
|
heap
|
page read and write
|
||
|
EB9000
|
unkown
|
page read and write
|
||
|
2699A400000
|
heap
|
page read and write
|
||
|
1437000
|
stack
|
page read and write
|
||
|
7F230000
|
direct allocation
|
page read and write
|
||
|
1921000
|
unkown
|
page readonly
|
||
|
2084000
|
heap
|
page read and write
|
||
|
4E58000
|
direct allocation
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
148B000
|
unkown
|
page read and write
|
||
|
14BD000
|
unkown
|
page read and write
|
||
|
183794B3000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
F3F000
|
unkown
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
1FA8000
|
heap
|
page read and write
|
||
|
2006ED17000
|
heap
|
page read and write
|
||
|
31B6000
|
direct allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1E80000
|
heap
|
page read and write
|
||
|
3BBE000
|
direct allocation
|
page read and write
|
||
|
54F1000
|
heap
|
page read and write
|
||
|
2006EC9F000
|
heap
|
page read and write
|
||
|
3B4C000
|
direct allocation
|
page read and write
|
||
|
18377354000
|
heap
|
page read and write
|
||
|
1FFD000
|
heap
|
page read and write
|
||
|
2699A460000
|
heap
|
page read and write
|
||
|
31D2000
|
direct allocation
|
page read and write
|
||
|
4231000
|
direct allocation
|
page read and write
|
||
|
14C4000
|
unkown
|
page read and write
|
||
|
4E0F000
|
direct allocation
|
page read and write
|
||
|
6C55A000
|
unkown
|
page execute read
|
||
|
1D0D1C37000
|
heap
|
page read and write
|
||
|
51A5000
|
direct allocation
|
page read and write
|
||
|
648F000
|
stack
|
page read and write
|
||
|
7F510000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
6CAF2000
|
unkown
|
page read and write
|
||
|
2006F3B1000
|
trusted library allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
7EE50000
|
direct allocation
|
page read and write
|
||
|
1FD0000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
58FA000
|
direct allocation
|
page read and write
|
||
|
40F6000
|
heap
|
page read and write
|
||
|
40C1000
|
heap
|
page read and write
|
||
|
1E6A000
|
heap
|
page read and write
|
||
|
1837731C000
|
heap
|
page read and write
|
||
|
73A1000
|
heap
|
page read and write
|
||
|
EA5000
|
unkown
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
7D3000
|
unkown
|
page execute read
|
||
|
32F6000
|
direct allocation
|
page read and write
|
||
|
1E52000
|
heap
|
page read and write
|
||
|
1EA1000
|
heap
|
page read and write
|
||
|
200742C3000
|
heap
|
page read and write
|
||
|
20E9000
|
heap
|
page read and write
|
||
|
5F9E000
|
stack
|
page read and write
|
||
|
1E80000
|
heap
|
page read and write
|
||
|
2026000
|
heap
|
page read and write
|
||
|
4E57000
|
direct allocation
|
page read and write
|
||
|
1F97000
|
heap
|
page read and write
|
||
|
5E63000
|
heap
|
page read and write
|
||
|
525F000
|
direct allocation
|
page read and write
|
||
|
98A0000
|
heap
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
A15E000
|
stack
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
1E95000
|
heap
|
page read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
2084000
|
heap
|
page read and write
|
||
|
20074400000
|
trusted library allocation
|
page read and write
|
||
|
14DB000
|
unkown
|
page read and write
|
||
|
4E58000
|
direct allocation
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
879C000
|
stack
|
page read and write
|
||
|
2031000
|
heap
|
page read and write
|
||
|
7381000
|
heap
|
page read and write
|
||
|
5A9D000
|
stack
|
page read and write
|
||
|
8E9F000
|
stack
|
page read and write
|
||
|
153B000
|
stack
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
200742E2000
|
heap
|
page read and write
|
||
|
5962000
|
direct allocation
|
page read and write
|
||
|
41F9000
|
direct allocation
|
page read and write
|
||
|
37C6000
|
direct allocation
|
page read and write
|
||
|
1701000
|
heap
|
page read and write
|
||
|
324C000
|
direct allocation
|
page read and write
|
||
|
31A6000
|
direct allocation
|
page read and write
|
||
|
3D08000
|
direct allocation
|
page read and write
|
||
|
E8D000
|
unkown
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
73DA000
|
heap
|
page read and write
|
||
|
526D000
|
direct allocation
|
page read and write
|
||
|
3B71000
|
direct allocation
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
3BC0000
|
direct allocation
|
page execute and read and write
|
||
|
1F8F000
|
heap
|
page read and write
|
||
|
2685333A000
|
heap
|
page read and write
|
||
|
24328D13000
|
heap
|
page read and write
|
||
|
22CEE200000
|
heap
|
page read and write
|
||
|
1E69000
|
heap
|
page read and write
|
||
|
20074130000
|
trusted library allocation
|
page read and write
|
||
|
4C5C000
|
heap
|
page read and write
|
||
|
2006ECAF000
|
heap
|
page read and write
|
||
|
22CEEA02000
|
heap
|
page read and write
|
||
|
1F48000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
174D000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1837735B000
|
heap
|
page read and write
|
||
|
25DF000
|
direct allocation
|
page read and write
|
||
|
4030000
|
heap
|
page read and write
|
||
|
715F000
|
stack
|
page read and write
|
||
|
5412000
|
direct allocation
|
page read and write
|
||
|
2006EC7B000
|
heap
|
page read and write
|
||
|
EBE000
|
unkown
|
page read and write
|
||
|
E5B000
|
unkown
|
page execute read
|
||
|
5969000
|
direct allocation
|
page read and write
|
||
|
31D9000
|
direct allocation
|
page read and write
|
||
|
73A7000
|
heap
|
page read and write
|
||
|
F1F000
|
unkown
|
page read and write
|
||
|
1FE9000
|
heap
|
page read and write
|
||
|
16FF000
|
heap
|
page read and write
|
||
|
24328BF0000
|
trusted library allocation
|
page read and write
|
||
|
1D0D1C6E000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
5E9E000
|
stack
|
page read and write
|
||
|
422A000
|
direct allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
31AF000
|
direct allocation
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
18379635000
|
heap
|
page read and write
|
||
|
15963702000
|
heap
|
page read and write
|
||
|
53A8000
|
direct allocation
|
page read and write
|
||
|
73C7000
|
heap
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
1D0D1C48000
|
heap
|
page read and write
|
||
|
153F000
|
unkown
|
page read and write
|
||
|
651E000
|
stack
|
page read and write
|
||
|
F34000
|
unkown
|
page read and write
|
||
|
A21000
|
unkown
|
page execute read
|
||
|
D278AFE000
|
unkown
|
page readonly
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
1BC0000
|
heap
|
page read and write
|
||
|
5560000
|
heap
|
page read and write
|
||
|
6C6B2000
|
unkown
|
page execute read
|
||
|
2027000
|
heap
|
page read and write
|
||
|
2006ECA1000
|
heap
|
page read and write
|
||
|
2006ECA1000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
3218000
|
direct allocation
|
page read and write
|
||
|
193F000
|
unkown
|
page readonly
|
||
|
32C4000
|
direct allocation
|
page read and write
|
||
|
4C51000
|
heap
|
page read and write
|
||
|
18379635000
|
heap
|
page read and write
|
||
|
3B53000
|
direct allocation
|
page read and write
|
||
|
2491000
|
direct allocation
|
page read and write
|
||
|
31E8000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
254E000
|
stack
|
page read and write
|
||
|
53CE000
|
direct allocation
|
page read and write
|
||
|
7384000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
E88000
|
unkown
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
4E79000
|
direct allocation
|
page read and write
|
||
|
200E000
|
heap
|
page read and write
|
||
|
200744D0000
|
remote allocation
|
page read and write
|
||
|
739E000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
2006EC96000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
4217000
|
direct allocation
|
page read and write
|
||
|
170C000
|
heap
|
page read and write
|
||
|
1D0D1C69000
|
heap
|
page read and write
|
||
|
1534000
|
unkown
|
page read and write
|
||
|
2006EC2B000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
7377000
|
heap
|
page read and write
|
||
|
192C000
|
unkown
|
page readonly
|
||
|
1F7A000
|
heap
|
page read and write
|
||
|
183792E0000
|
heap
|
page read and write
|
||
|
3720000
|
heap
|
page read and write
|
||
|
4C56000
|
heap
|
page read and write
|
||
|
22CEE285000
|
heap
|
page read and write
|
||
|
828DCFE000
|
stack
|
page read and write
|
||
|
4E50000
|
direct allocation
|
page read and write
|
||
|
148E000
|
unkown
|
page read and write
|
||
|
1BCA000
|
heap
|
page read and write
|
||
|
31F5000
|
direct allocation
|
page read and write
|
||
|
3768000
|
direct allocation
|
page read and write
|
||
|
3DF0000
|
heap
|
page read and write
|
||
|
52A7000
|
trusted library allocation
|
page read and write
|
||
|
755F000
|
stack
|
page read and write
|
||
|
20EB000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
2085000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
183773B5000
|
heap
|
page read and write
|
||
|
35B5000
|
heap
|
page read and write
|
||
|
1E4F000
|
heap
|
page read and write
|
||
|
73A5000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page read and write
|
||
|
2104000
|
heap
|
page read and write
|
||
|
1E6F000
|
heap
|
page read and write
|
||
|
1998000
|
unkown
|
page readonly
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
7200000
|
remote allocation
|
page read and write
|
||
|
6C944000
|
unkown
|
page readonly
|
||
|
2A72000
|
heap
|
page read and write
|
||
|
18377500000
|
heap
|
page read and write
|
||
|
686E000
|
stack
|
page read and write
|
||
|
778197E000
|
unkown
|
page readonly
|
||
|
73E7000
|
heap
|
page read and write
|
||
|
6C7B7000
|
unkown
|
page execute read
|
||
|
1E90000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
4E48000
|
direct allocation
|
page read and write
|
||
|
3243000
|
direct allocation
|
page read and write
|
||
|
2006ED13000
|
heap
|
page read and write
|
||
|
4020000
|
heap
|
page read and write
|
||
|
31E8000
|
direct allocation
|
page read and write
|
||
|
1596363B000
|
heap
|
page read and write
|
||
|
201D000
|
heap
|
page read and write
|
||
|
EC3000
|
unkown
|
page read and write
|
||
|
3BD1000
|
heap
|
page read and write
|
||
|
20DC000
|
heap
|
page read and write
|
||
|
3227000
|
direct allocation
|
page read and write
|
||
|
1E66000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
3143000
|
direct allocation
|
page read and write
|
||
|
24328C2B000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
13EC000
|
unkown
|
page execute read
|
||
|
1837735B000
|
heap
|
page read and write
|
||
|
735C000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
3782000
|
heap
|
page read and write
|
||
|
1837B303000
|
heap
|
page read and write
|
||
|
1936000
|
unkown
|
page readonly
|
||
|
53AF000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
3252000
|
direct allocation
|
page read and write
|
||
|
3259000
|
direct allocation
|
page read and write
|
||
|
2019000
|
heap
|
page read and write
|
||
|
1FFA000
|
heap
|
page read and write
|
||
|
58E2000
|
direct allocation
|
page read and write
|
||
|
1FFA000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
18E2000
|
unkown
|
page readonly
|
||
|
323C000
|
direct allocation
|
page read and write
|
||
|
22CEE970000
|
trusted library allocation
|
page read and write
|
||
|
1E24000
|
heap
|
page read and write
|
||
|
2022000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
5517000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
1837B35A000
|
heap
|
page read and write
|
||
|
F4A000
|
unkown
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
6C639000
|
unkown
|
page execute read
|
||
|
224E000
|
stack
|
page read and write
|
||
|
839F000
|
stack
|
page read and write
|
||
|
2432A6C0000
|
remote allocation
|
page read and write
|
||
|
58F8000
|
direct allocation
|
page read and write
|
||
|
183794F1000
|
heap
|
page read and write
|
||
|
3F50000
|
heap
|
page read and write
|
||
|
73D7000
|
heap
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
1544000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
1514000
|
unkown
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
587F000
|
direct allocation
|
page read and write
|
||
|
31EF000
|
direct allocation
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
368F000
|
heap
|
page read and write
|
||
|
73E8000
|
heap
|
page read and write
|
||
|
14CF000
|
unkown
|
page read and write
|
||
|
2114000
|
heap
|
page read and write
|
||
|
5EDE000
|
stack
|
page read and write
|
||
|
73D7000
|
heap
|
page read and write
|
||
|
778187E000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
EBA000
|
unkown
|
page read and write
|
||
|
1746000
|
heap
|
page read and write
|
||
|
200700A0000
|
trusted library allocation
|
page read and write
|
||
|
4DC6000
|
direct allocation
|
page read and write
|
||
|
200742F7000
|
heap
|
page read and write
|
||
|
1EA1000
|
heap
|
page read and write
|
||
|
2006ECFE000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1E10000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
26852A00000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
909F000
|
stack
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
20074140000
|
trusted library allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
F6B000
|
unkown
|
page read and write
|
||
|
3197000
|
direct allocation
|
page read and write
|
||
|
317F000
|
direct allocation
|
page read and write
|
||
|
1A2E000
|
stack
|
page read and write
|
||
|
18377306000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
3B62000
|
direct allocation
|
page read and write
|
||
|
1837761E000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
16DE000
|
heap
|
page read and write
|
||
|
20D7000
|
heap
|
page read and write
|
||
|
2006ECA9000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
18377615000
|
heap
|
page read and write
|
||
|
E7D000
|
unkown
|
page execute read
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
3B87000
|
direct allocation
|
page read and write
|
||
|
6C9DE000
|
unkown
|
page readonly
|
||
|
3257000
|
direct allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
18379432000
|
heap
|
page read and write
|
||
|
73CF000
|
heap
|
page read and write
|
||
|
5217000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
15963E02000
|
trusted library allocation
|
page read and write
|
||
|
1701000
|
heap
|
page read and write
|
||
|
4DD2000
|
direct allocation
|
page read and write
|
||
|
1F88000
|
heap
|
page read and write
|
||
|
1593000
|
unkown
|
page read and write
|
||
|
153B000
|
stack
|
page read and write
|
||
|
F6C000
|
unkown
|
page read and write
|
||
|
18377310000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
2006EC78000
|
heap
|
page read and write
|
||
|
20074270000
|
trusted library allocation
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
5918000
|
direct allocation
|
page read and write
|
||
|
1837734F000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
521E000
|
direct allocation
|
page read and write
|
||
|
5561000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
25D0000
|
direct allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
26852B02000
|
heap
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
52A2000
|
trusted library allocation
|
page read and write
|
||
|
4217000
|
direct allocation
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
20E3000
|
heap
|
page read and write
|
||
|
1596362B000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
1FF6000
|
heap
|
page read and write
|
||
|
1D0D1C00000
|
heap
|
page read and write
|
||
|
324E000
|
stack
|
page read and write
|
||
|
14CB000
|
unkown
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page read and write
|
||
|
20075000000
|
heap
|
page read and write
|
||
|
CFB000
|
unkown
|
page execute read
|
||
|
6C950000
|
unkown
|
page readonly
|
||
|
3741000
|
heap
|
page read and write
|
||
|
828DDFF000
|
stack
|
page read and write
|
||
|
18377610000
|
heap
|
page read and write
|
||
|
6A2E000
|
stack
|
page read and write
|
||
|
B06000
|
unkown
|
page execute read
|
||
|
549F000
|
heap
|
page read and write
|
||
|
183795F4000
|
heap
|
page read and write
|
||
|
14D9000
|
unkown
|
page read and write
|
||
|
1D0D1AD0000
|
heap
|
page read and write
|
||
|
20D6000
|
heap
|
page read and write
|
||
|
2409000
|
heap
|
page read and write
|
||
|
18379431000
|
heap
|
page read and write
|
||
|
183793F1000
|
heap
|
page read and write
|
||
|
2006EC5B000
|
heap
|
page read and write
|
||
|
2106000
|
heap
|
page read and write
|
||
|
3720000
|
heap
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
5878000
|
direct allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
4360000
|
heap
|
page read and write
|
||
|
373F000
|
stack
|
page read and write
|
||
|
3BF1000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
18379635000
|
heap
|
page read and write
|
||
|
7407000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
1BDA000
|
heap
|
page read and write
|
||
|
2006F400000
|
heap
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
1E66000
|
heap
|
page read and write
|
||
|
183795F5000
|
heap
|
page read and write
|
||
|
19A6000
|
unkown
|
page readonly
|
||
|
31A0000
|
direct allocation
|
page read and write
|
||
|
EB9000
|
unkown
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
765D000
|
stack
|
page read and write
|
||
|
2006EB30000
|
heap
|
page read and write
|
||
|
1FAD000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
3C23000
|
direct allocation
|
page read and write
|
||
|
2006F402000
|
heap
|
page read and write
|
||
|
F4A000
|
unkown
|
page read and write
|
||
|
330C000
|
direct allocation
|
page read and write
|
||
|
1471000
|
unkown
|
page execute read
|
||
|
20AE000
|
heap
|
page read and write
|
||
|
32CB000
|
direct allocation
|
page read and write
|
||
|
2544000
|
direct allocation
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
20DB000
|
heap
|
page read and write
|
||
|
20FC000
|
heap
|
page read and write
|
||
|
1FAC000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
372A000
|
direct allocation
|
page read and write
|
||
|
F6B000
|
unkown
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
16F4000
|
heap
|
page read and write
|
||
|
14C4000
|
unkown
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
1D0D1C16000
|
heap
|
page read and write
|
||
|
6C767000
|
unkown
|
page execute read
|
||
|
3781000
|
heap
|
page read and write
|
||
|
31EE000
|
direct allocation
|
page read and write
|
||
|
929F000
|
stack
|
page read and write
|
||
|
4F9000
|
unkown
|
page execute read
|
||
|
1923000
|
unkown
|
page readonly
|
||
|
828D7FE000
|
stack
|
page read and write
|
||
|
2006ED02000
|
heap
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
15963580000
|
heap
|
page read and write
|
||
|
4E40000
|
direct allocation
|
page read and write
|
||
|
5FEC000
|
stack
|
page read and write
|
||
|
2027000
|
heap
|
page read and write
|
||
|
1D0D1BB0000
|
heap
|
page read and write
|
||
|
1E56000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
15A8000
|
unkown
|
page readonly
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
320C000
|
direct allocation
|
page read and write
|
||
|
D2790FE000
|
unkown
|
page readonly
|
||
|
2031000
|
heap
|
page read and write
|
||
|
22CEE4E0000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
18B9000
|
unkown
|
page readonly
|
||
|
166C000
|
stack
|
page read and write
|
||
|
73BD000
|
heap
|
page read and write
|
||
|
26852820000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
366F000
|
stack
|
page read and write
|
||
|
14DB000
|
unkown
|
page read and write
|
||
|
7780B9C000
|
stack
|
page read and write
|
||
|
22CEE22B000
|
heap
|
page read and write
|
||
|
1F1E000
|
stack
|
page read and write
|
||
|
316F000
|
direct allocation
|
page read and write
|
||
|
20074400000
|
trusted library allocation
|
page read and write
|
||
|
41C8000
|
direct allocation
|
page read and write
|
||
|
E97000
|
unkown
|
page read and write
|
||
|
73CE000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
508C000
|
heap
|
page read and write
|
||
|
26852A87000
|
heap
|
page read and write
|
||
|
1DFE000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1990000
|
unkown
|
page readonly
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
148B000
|
unkown
|
page read and write
|
||
|
919D000
|
stack
|
page read and write
|
||
|
5971000
|
direct allocation
|
page read and write
|
||
|
4212000
|
direct allocation
|
page read and write
|
||
|
201D000
|
heap
|
page read and write
|
||
|
329A000
|
direct allocation
|
page read and write
|
||
|
235B000
|
heap
|
page read and write
|
||
|
183773B2000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
B45F000
|
stack
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
7F600000
|
direct allocation
|
page read and write
|
||
|
553000
|
unkown
|
page execute read
|
||
|
1714000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
2148000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1E49000
|
heap
|
page read and write
|
||
|
5E1D000
|
stack
|
page read and write
|
||
|
183794B3000
|
heap
|
page read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
16FC000
|
heap
|
page read and write
|
||
|
20074212000
|
heap
|
page read and write
|
||
|
3850000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
14C3000
|
unkown
|
page read and write
|
||
|
1EBC000
|
stack
|
page read and write
|
||
|
F6E000
|
unkown
|
page read and write
|
||
|
148B000
|
unkown
|
page write copy
|
||
|
2006F3E0000
|
trusted library allocation
|
page read and write
|
||
|
408D000
|
stack
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
201D000
|
heap
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
1501000
|
unkown
|
page read and write
|
||
|
2699AB30000
|
remote allocation
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
B21207E000
|
unkown
|
page readonly
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
183773C5000
|
heap
|
page read and write
|
||
|
209E000
|
heap
|
page read and write
|
||
|
14C7000
|
unkown
|
page read and write
|
||
|
51C9000
|
heap
|
page read and write
|
||
|
20074111000
|
trusted library allocation
|
page read and write
|
||
|
2058000
|
heap
|
page read and write
|
||
|
170B000
|
heap
|
page read and write
|
||
|
1E66000
|
heap
|
page read and write
|
||
|
1E4C000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
3261000
|
direct allocation
|
page read and write
|
||
|
18379100000
|
heap
|
page read and write
|
||
|
1960000
|
unkown
|
page readonly
|
||
|
4E60000
|
direct allocation
|
page read and write
|
||
|
159634A0000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
3D8E000
|
stack
|
page read and write
|
||
|
1E6E000
|
heap
|
page read and write
|
||
|
40FF000
|
heap
|
page read and write
|
||
|
25F1000
|
direct allocation
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
62A000
|
unkown
|
page execute read
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
29F5000
|
heap
|
page read and write
|
||
|
3268000
|
direct allocation
|
page read and write
|
||
|
197D000
|
unkown
|
page readonly
|
||
|
3741000
|
heap
|
page read and write
|
||
|
58B3000
|
direct allocation
|
page read and write
|
||
|
20F4000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
31BC000
|
direct allocation
|
page read and write
|
||
|
4CE20FE000
|
stack
|
page read and write
|
||
|
32A8000
|
direct allocation
|
page read and write
|
||
|
26852A32000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
20074780000
|
trusted library allocation
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
18377326000
|
heap
|
page read and write
|
||
|
E88000
|
unkown
|
page read and write
|
||
|
20074200000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
314B000
|
direct allocation
|
page read and write
|
||
|
2432A6C0000
|
remote allocation
|
page read and write
|
||
|
18377362000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
73D2000
|
heap
|
page read and write
|
||
|
7780EFC000
|
stack
|
page read and write
|
||
|
3B3F000
|
direct allocation
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
20FF000
|
heap
|
page read and write
|
||
|
258C000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
7FF69E5B8000
|
unkown
|
page readonly
|
||
|
419A000
|
direct allocation
|
page read and write
|
||
|
2006EC00000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
31F6000
|
direct allocation
|
page read and write
|
||
|
86DF000
|
stack
|
page read and write
|
||
|
73A4000
|
heap
|
page read and write
|
||
|
3183000
|
direct allocation
|
page read and write
|
||
|
63A0000
|
trusted library allocation
|
page read and write
|
||
|
183794B3000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
2007422F000
|
heap
|
page read and write
|
||
|
17A8000
|
heap
|
page read and write
|
||
|
240B000
|
heap
|
page read and write
|
||
|
3153000
|
direct allocation
|
page read and write
|
||
|
31C9000
|
direct allocation
|
page read and write
|
||
|
3BEF000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page read and write
|
||
|
20DC000
|
heap
|
page read and write
|
||
|
18C9000
|
unkown
|
page readonly
|
||
|
20F8000
|
heap
|
page read and write
|
||
|
1E53000
|
heap
|
page read and write
|
||
|
14D5000
|
unkown
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
4CE1CDB000
|
stack
|
page read and write
|
||
|
603E000
|
stack
|
page read and write
|
||
|
4E38000
|
direct allocation
|
page read and write
|
||
|
20074420000
|
trusted library allocation
|
page read and write
|
||
|
20EB000
|
heap
|
page read and write
|
||
|
73B9000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
1BCB000
|
heap
|
page read and write
|
||
|
2A71000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
775F000
|
stack
|
page read and write
|
||
|
741D000
|
heap
|
page read and write
|
||
|
2535000
|
direct allocation
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
6C7DC000
|
unkown
|
page execute read
|
||
|
B85F000
|
stack
|
page read and write
|
||
|
2A62000
|
heap
|
page read and write
|
||
|
6C9EF000
|
unkown
|
page readonly
|
||
|
7388000
|
heap
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
2584000
|
direct allocation
|
page read and write
|
||
|
16F4000
|
heap
|
page read and write
|
||
|
1837730E000
|
heap
|
page read and write
|
||
|
3CC4000
|
direct allocation
|
page read and write
|
||
|
7E5F000
|
stack
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1837B3B1000
|
heap
|
page read and write
|
||
|
37DC000
|
direct allocation
|
page read and write
|
||
|
18377386000
|
heap
|
page read and write
|
||
|
1E1E000
|
stack
|
page read and write
|
||
|
73A1000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
1EA1000
|
heap
|
page read and write
|
||
|
196B000
|
unkown
|
page readonly
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
20EA000
|
heap
|
page read and write
|
||
|
2107000
|
heap
|
page read and write
|
||
|
183794B5000
|
heap
|
page read and write
|
||
|
14D2000
|
unkown
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
4DD9000
|
direct allocation
|
page read and write
|
||
|
193E000
|
stack
|
page read and write
|
||
|
52AA000
|
trusted library allocation
|
page read and write
|
||
|
83DE000
|
stack
|
page read and write
|
||
|
18AA000
|
unkown
|
page readonly
|
||
|
1654000
|
heap
|
page read and write
|
||
|
210A000
|
heap
|
page read and write
|
||
|
1E62000
|
heap
|
page read and write
|
||
|
3C69000
|
direct allocation
|
page read and write
|
||
|
37D4000
|
direct allocation
|
page read and write
|
||
|
1705000
|
heap
|
page read and write
|
||
|
26852AAD000
|
heap
|
page read and write
|
||
|
1934000
|
unkown
|
page readonly
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
5660000
|
heap
|
page read and write
|
||
|
9DB000
|
unkown
|
page execute read
|
||
|
7392000
|
heap
|
page read and write
|
||
|
36D1000
|
direct allocation
|
page read and write
|
||
|
527C000
|
direct allocation
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
18377326000
|
heap
|
page read and write
|
||
|
3291000
|
direct allocation
|
page read and write
|
||
|
763000
|
unkown
|
page execute read
|
||
|
7FF69E5B8000
|
unkown
|
page readonly
|
||
|
63CE000
|
trusted library allocation
|
page read and write
|
||
|
4350000
|
heap
|
page read and write
|
||
|
35CE000
|
stack
|
page read and write
|
||
|
14D7000
|
unkown
|
page read and write
|
||
|
3C3E000
|
direct allocation
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
16F9000
|
heap
|
page read and write
|
||
|
1493000
|
unkown
|
page read and write
|
||
|
1FFD000
|
heap
|
page read and write
|
||
|
26853202000
|
heap
|
page read and write
|
||
|
F0A000
|
unkown
|
page read and write
|
||
|
D21000
|
unkown
|
page execute read
|
||
|
F1A85FE000
|
stack
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
EC1000
|
unkown
|
page read and write
|
||
|
1E25000
|
heap
|
page read and write
|
||
|
22CEE294000
|
heap
|
page read and write
|
||
|
1E4A000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
3C51000
|
direct allocation
|
page read and write
|
||
|
3C37000
|
direct allocation
|
page read and write
|
||
|
1837B3B3000
|
heap
|
page read and write
|
||
|
3C03000
|
direct allocation
|
page read and write
|
||
|
3731000
|
direct allocation
|
page read and write
|
||
|
4FB0000
|
heap
|
page read and write
|
||
|
4C71000
|
heap
|
page read and write
|
||
|
3293000
|
direct allocation
|
page read and write
|
||
|
6C491000
|
unkown
|
page execute read
|
||
|
18377328000
|
heap
|
page read and write
|
||
|
3C1A000
|
direct allocation
|
page read and write
|
||
|
4CE21FE000
|
stack
|
page readonly
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
2699A45D000
|
heap
|
page read and write
|
||
|
24328BC0000
|
heap
|
page read and write
|
||
|
18377306000
|
heap
|
page read and write
|
||
|
1837731C000
|
heap
|
page read and write
|
||
|
2520000
|
direct allocation
|
page read and write
|
||
|
2019000
|
heap
|
page read and write
|
||
|
183772D8000
|
heap
|
page read and write
|
||
|
7362000
|
heap
|
page read and write
|
||
|
3BD4000
|
direct allocation
|
page read and write
|
||
|
200741E0000
|
trusted library allocation
|
page read and write
|
||
|
197F000
|
unkown
|
page readonly
|
||
|
195E000
|
unkown
|
page readonly
|
||
|
3276000
|
direct allocation
|
page read and write
|
||
|
183793F9000
|
heap
|
page read and write
|
||
|
261C000
|
direct allocation
|
page read and write
|
||
|
5296000
|
trusted library allocation
|
page read and write
|
||
|
3C75000
|
direct allocation
|
page read and write
|
||
|
1E6E000
|
heap
|
page read and write
|
||
|
519C000
|
direct allocation
|
page read and write
|
||
|
325A000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
2641000
|
direct allocation
|
page read and write
|
||
|
35D0000
|
direct allocation
|
page read and write
|
||
|
8D9F000
|
stack
|
page read and write
|
||
|
7FF69E5DA000
|
unkown
|
page readonly
|
||
|
3BD9000
|
direct allocation
|
page read and write
|
||
|
7FF69E5DA000
|
unkown
|
page readonly
|
||
|
1654000
|
heap
|
page read and write
|
||
|
20F2000
|
heap
|
page read and write
|
||
|
2006EB50000
|
heap
|
page read and write
|
||
|
2088000
|
heap
|
page read and write
|
||
|
22CEE302000
|
heap
|
page read and write
|
||
|
18377220000
|
heap
|
page read and write
|
||
|
949F000
|
stack
|
page read and write
|
||
|
3CCC000
|
direct allocation
|
page read and write
|
||
|
2A81000
|
heap
|
page read and write
|
||
|
7C5F000
|
stack
|
page read and write
|
||
|
20074112000
|
trusted library allocation
|
page read and write
|
||
|
3E1C000
|
heap
|
page read and write
|
||
|
1E02000
|
heap
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
198C000
|
stack
|
page read and write
|
||
|
18379635000
|
heap
|
page read and write
|
||
|
1707000
|
heap
|
page read and write
|
||
|
1BDC000
|
heap
|
page read and write
|
||
|
7FF69E5D4000
|
unkown
|
page read and write
|
||
|
331A000
|
direct allocation
|
page read and write
|
||
|
736B000
|
heap
|
page read and write
|
||
|
1498000
|
unkown
|
page read and write
|
||
|
32FD000
|
direct allocation
|
page read and write
|
||
|
60CE000
|
stack
|
page read and write
|
||
|
2C976FE000
|
unkown
|
page readonly
|
||
|
4F0000
|
unkown
|
page readonly
|
||
|
202E000
|
heap
|
page read and write
|
||
|
6C6F000
|
stack
|
page read and write
|
||
|
7781BFE000
|
stack
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
240A000
|
heap
|
page read and write
|
||
|
1F9C000
|
heap
|
page read and write
|
||
|
20DB000
|
heap
|
page read and write
|
||
|
18EE000
|
stack
|
page read and write
|
||
|
5280000
|
trusted library allocation
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
735C000
|
heap
|
page read and write
|
||
|
22CEEA00000
|
heap
|
page read and write
|
||
|
15963600000
|
heap
|
page read and write
|
||
|
207E000
|
heap
|
page read and write
|
||
|
3C14000
|
direct allocation
|
page read and write
|
||
|
5249000
|
direct allocation
|
page read and write
|
||
|
9E9F000
|
stack
|
page read and write
|
||
|
18CD000
|
unkown
|
page readonly
|
||
|
1544000
|
heap
|
page read and write
|
||
|
5998000
|
direct allocation
|
page read and write
|
||
|
20074410000
|
trusted library allocation
|
page read and write
|
||
|
183772D0000
|
heap
|
page read and write
|
||
|
5945000
|
direct allocation
|
page read and write
|
||
|
36CF000
|
direct allocation
|
page read and write
|
||
|
1FF7000
|
heap
|
page read and write
|
||
|
3CA8000
|
direct allocation
|
page read and write
|
||
|
18379103000
|
trusted library allocation
|
page read and write
|
||
|
1837D262000
|
heap
|
page read and write
|
||
|
7367000
|
heap
|
page read and write
|
||
|
3C30000
|
direct allocation
|
page read and write
|
||
|
32D9000
|
direct allocation
|
page read and write
|
||
|
737D000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
41A1000
|
direct allocation
|
page read and write
|
||
|
155F000
|
unkown
|
page read and write
|
||
|
4F90000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
53C5000
|
direct allocation
|
page read and write
|
||
|
D2781FE000
|
unkown
|
page readonly
|
||
|
1437000
|
stack
|
page read and write
|
||
|
22CEE240000
|
heap
|
page read and write
|
||
|
7EFC0000
|
direct allocation
|
page read and write
|
||
|
1BDE000
|
heap
|
page read and write
|
||
|
323C000
|
direct allocation
|
page read and write
|
||
|
1F40000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
26853328000
|
heap
|
page read and write
|
||
|
1FB4000
|
heap
|
page read and write
|
||
|
979D000
|
stack
|
page read and write
|
||
|
14D5000
|
unkown
|
page read and write
|
||
|
1FD8000
|
heap
|
page read and write
|
||
|
4010000
|
direct allocation
|
page execute and read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
676F000
|
stack
|
page read and write
|
||
|
6EEF000
|
stack
|
page read and write
|
||
|
370C000
|
direct allocation
|
page read and write
|
||
|
1E5C000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
2699A42B000
|
heap
|
page read and write
|
||
|
2007424F000
|
heap
|
page read and write
|
||
|
6C7DF000
|
unkown
|
page execute read
|
||
|
9D9000
|
unkown
|
page execute read
|
||
|
2432A802000
|
trusted library allocation
|
page read and write
|
||
|
D2779FE000
|
unkown
|
page readonly
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
39F0000
|
direct allocation
|
page execute and read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1837730F000
|
heap
|
page read and write
|
||
|
14D7000
|
unkown
|
page read and write
|
||
|
148B000
|
unkown
|
page read and write
|
||
|
2105000
|
heap
|
page read and write
|
||
|
6C725000
|
unkown
|
page execute read
|
||
|
24F7000
|
direct allocation
|
page read and write
|
||
|
5A8F000
|
stack
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
36F1000
|
heap
|
page read and write
|
||
|
959D000
|
stack
|
page read and write
|
||
|
200744D0000
|
remote allocation
|
page read and write
|
||
|
1FC3000
|
heap
|
page read and write
|
||
|
1D4E000
|
stack
|
page read and write
|
||
|
5487000
|
heap
|
page read and write
|
||
|
36F0000
|
direct allocation
|
page execute and read and write
|
||
|
1E4B000
|
heap
|
page read and write
|
||
|
20CE000
|
heap
|
page read and write
|
||
|
37EA000
|
direct allocation
|
page read and write
|
||
|
31E0000
|
direct allocation
|
page read and write
|
||
|
705F000
|
stack
|
page read and write
|
||
|
1750000
|
heap
|
page read and write
|
||
|
26853324000
|
heap
|
page read and write
|
||
|
18377326000
|
heap
|
page read and write
|
||
|
18377330000
|
heap
|
page read and write
|
||
|
200742FB000
|
heap
|
page read and write
|
||
|
5987000
|
direct allocation
|
page read and write
|
||
|
2699AB30000
|
remote allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
1597000
|
unkown
|
page read and write
|
||
|
73E7000
|
heap
|
page read and write
|
||
|
18377504000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
828D9FE000
|
stack
|
page read and write
|
||
|
2699A440000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
3A50000
|
heap
|
page read and write
|
||
|
24328C40000
|
heap
|
page read and write
|
||
|
201E000
|
stack
|
page read and write
|
||
|
3C06000
|
heap
|
page read and write
|
||
|
73B7000
|
heap
|
page read and write
|
||
|
24328D28000
|
heap
|
page read and write
|
||
|
8C9F000
|
stack
|
page read and write
|
||
|
3BFC000
|
direct allocation
|
page read and write
|
||
|
1971000
|
unkown
|
page readonly
|
||
|
200741F0000
|
trusted library allocation
|
page read and write
|
||
|
1E4A000
|
heap
|
page read and write
|
||
|
41F9000
|
direct allocation
|
page read and write
|
||
|
183773C5000
|
heap
|
page read and write
|
||
|
18379635000
|
heap
|
page read and write
|
||
|
5672000
|
heap
|
page read and write
|
||
|
41BE000
|
direct allocation
|
page read and write
|
||
|
16FC000
|
heap
|
page read and write
|
||
|
3F8E000
|
heap
|
page read and write
|
||
|
32A7000
|
direct allocation
|
page read and write
|
||
|
1837B383000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
73DF000
|
heap
|
page read and write
|
||
|
3BCC000
|
direct allocation
|
page read and write
|
||
|
200740F0000
|
trusted library allocation
|
page read and write
|
||
|
170E000
|
heap
|
page read and write
|
||
|
1523000
|
unkown
|
page read and write
|
||
|
3211000
|
direct allocation
|
page read and write
|
||
|
340E000
|
stack
|
page read and write
|
||
|
4C50000
|
heap
|
page read and write
|
||
|
1FC7000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1E60000
|
heap
|
page read and write
|
||
|
4E60000
|
direct allocation
|
page read and write
|
||
|
18E7000
|
unkown
|
page readonly
|
||
|
14A6000
|
unkown
|
page read and write
|
||
|
208E000
|
heap
|
page read and write
|
||
|
3B41000
|
heap
|
page read and write
|
||
|
1D0D1C5F000
|
heap
|
page read and write
|
||
|
3AD0000
|
direct allocation
|
page read and write
|
||
|
1E04000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
20074242000
|
heap
|
page read and write
|
||
|
EB9000
|
unkown
|
page read and write
|
||
|
1837B357000
|
heap
|
page read and write
|
||
|
F2A000
|
unkown
|
page read and write
|
||
|
3235000
|
direct allocation
|
page read and write
|
||
|
1F40000
|
heap
|
page read and write
|
||
|
3759000
|
direct allocation
|
page read and write
|
||
|
1E67000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
661F000
|
stack
|
page read and write
|
||
|
2026000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
1573000
|
unkown
|
page read and write
|
||
|
3204000
|
direct allocation
|
page read and write
|
||
|
20AE000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
31A7000
|
direct allocation
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
26852A68000
|
heap
|
page read and write
|
||
|
6C695000
|
unkown
|
page execute read
|
||
|
58C2000
|
direct allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
31CB000
|
direct allocation
|
page read and write
|
||
|
3BB0000
|
direct allocation
|
page read and write
|
||
|
14CF000
|
unkown
|
page read and write
|
||
|
204E000
|
stack
|
page read and write
|
||
|
73E4000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
1E6F000
|
heap
|
page read and write
|
||
|
1758000
|
heap
|
page read and write
|
||
|
14AC000
|
unkown
|
page write copy
|
||
|
1573000
|
unkown
|
page read and write
|
||
|
2C974FE000
|
unkown
|
page readonly
|
||
|
1BD5000
|
heap
|
page read and write
|
||
|
1FEC000
|
heap
|
page read and write
|
||
|
1E51000
|
heap
|
page read and write
|
||
|
2350000
|
heap
|
page read and write
|
||
|
1C10000
|
heap
|
page read and write
|
||
|
16E8000
|
heap
|
page read and write
|
||
|
20F3000
|
heap
|
page read and write
|
||
|
ECA000
|
unkown
|
page read and write
|
||
|
7FF69E5DF000
|
unkown
|
page readonly
|
||
|
24BC000
|
direct allocation
|
page read and write
|
||
|
7CC50000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
2132000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
16E9000
|
heap
|
page read and write
|
||
|
24328C00000
|
heap
|
page read and write
|
||
|
7420000
|
heap
|
page read and write
|
||
|
889D000
|
stack
|
page read and write
|
||
|
190F000
|
stack
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
3BD1000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
14CB000
|
unkown
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
7781A7D000
|
stack
|
page read and write
|
||
|
58D1000
|
direct allocation
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
2104000
|
heap
|
page read and write
|
||
|
2006ECAF000
|
heap
|
page read and write
|
||
|
1925000
|
unkown
|
page readonly
|
||
|
159D000
|
unkown
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
20FD000
|
heap
|
page read and write
|
||
|
1837735E000
|
heap
|
page read and write
|
||
|
15A6000
|
unkown
|
page readonly
|
||
|
26A4000
|
direct allocation
|
page read and write
|
||
|
6CAC7000
|
unkown
|
page write copy
|
||
|
54BF000
|
stack
|
page read and write
|
||
|
3C10000
|
direct allocation
|
page read and write
|
||
|
169E000
|
stack
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1E51000
|
heap
|
page read and write
|
||
|
7407000
|
heap
|
page read and write
|
||
|
1982000
|
unkown
|
page readonly
|
||
|
2A8D000
|
heap
|
page read and write
|
||
|
155A000
|
unkown
|
page read and write
|
||
|
183792F0000
|
trusted library allocation
|
page read and write
|
||
|
15E8000
|
heap
|
page read and write
|
||
|
3CBD000
|
direct allocation
|
page read and write
|
||
|
20074450000
|
trusted library allocation
|
page read and write
|
||
|
18377301000
|
heap
|
page read and write
|
||
|
183794B3000
|
heap
|
page read and write
|
||
|
3BA1000
|
direct allocation
|
page read and write
|
||
|
18377360000
|
heap
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
2671000
|
direct allocation
|
page read and write
|
||
|
1B10000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
96E000
|
unkown
|
page execute read
|
||
|
6C728000
|
unkown
|
page execute read
|
||
|
6C76A000
|
unkown
|
page execute read
|
||
|
1E46000
|
heap
|
page read and write
|
||
|
20074302000
|
heap
|
page read and write
|
||
|
148E000
|
unkown
|
page read and write
|
||
|
2004000
|
heap
|
page read and write
|
||
|
2050000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
4223000
|
heap
|
page read and write
|
||
|
20DD000
|
heap
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
3161000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1DC0000
|
heap
|
page read and write
|
||
|
2006F500000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1733000
|
heap
|
page read and write
|
||
|
5070000
|
heap
|
page read and write
|
||
|
3177000
|
direct allocation
|
page read and write
|
||
|
69AC000
|
stack
|
page read and write
|
||
|
317C000
|
direct allocation
|
page read and write
|
||
|
1BAB000
|
stack
|
page read and write
|
||
|
321F000
|
direct allocation
|
page read and write
|
||
|
4140000
|
direct allocation
|
page read and write
|
||
|
3CB6000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
8901E7E000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
785F000
|
stack
|
page read and write
|
||
|
321A000
|
direct allocation
|
page read and write
|
||
|
2006F415000
|
heap
|
page read and write
|
||
|
39F0000
|
heap
|
page read and write
|
||
|
7360000
|
heap
|
page read and write
|
||
|
1EFB000
|
stack
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
3196000
|
direct allocation
|
page read and write
|
||
|
3722000
|
direct allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
989F000
|
stack
|
page read and write
|
||
|
54E0000
|
heap
|
page read and write
|
||
|
7E010000
|
direct allocation
|
page read and write
|
||
|
183794B3000
|
heap
|
page read and write
|
||
|
16AC000
|
heap
|
page read and write
|
||
|
2432A6C0000
|
remote allocation
|
page read and write
|
||
|
20074260000
|
trusted library allocation
|
page read and write
|
||
|
25CE000
|
stack
|
page read and write
|
||
|
153B000
|
stack
|
page read and write
|
||
|
20E7000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
19E1000
|
unkown
|
page readonly
|
||
|
1951000
|
unkown
|
page readonly
|
||
|
18379572000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
3710000
|
direct allocation
|
page read and write
|
||
|
41CE000
|
direct allocation
|
page read and write
|
||
|
20074261000
|
heap
|
page read and write
|
||
|
3C84000
|
direct allocation
|
page read and write
|
||
|
233F000
|
stack
|
page read and write
|
||
|
1409000
|
unkown
|
page execute read
|
||
|
7200000
|
remote allocation
|
page read and write
|
||
|
F49000
|
unkown
|
page read and write
|
||
|
6C4C0000
|
unkown
|
page readonly
|
||
|
B211BDB000
|
stack
|
page read and write
|
||
|
19B0000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
3298000
|
direct allocation
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page read and write
|
||
|
1FCE000
|
heap
|
page read and write
|
||
|
681000
|
unkown
|
page execute read
|
||
|
200744D0000
|
remote allocation
|
page read and write
|
||
|
3268000
|
direct allocation
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
31FD000
|
direct allocation
|
page read and write
|
||
|
20AE000
|
heap
|
page read and write
|
||
|
2006EC13000
|
heap
|
page read and write
|
||
|
3F8B000
|
stack
|
page read and write
|
||
|
A09D000
|
stack
|
page read and write
|
||
|
1706000
|
heap
|
page read and write
|
||
|
31C3000
|
direct allocation
|
page read and write
|
||
|
4DE0000
|
direct allocation
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
4E26000
|
direct allocation
|
page read and write
|
||
|
4E04000
|
direct allocation
|
page read and write
|
||
|
18379472000
|
heap
|
page read and write
|
||
|
E8D000
|
unkown
|
page read and write
|
||
|
6C981000
|
unkown
|
page readonly
|
||
|
31E1000
|
direct allocation
|
page read and write
|
||
|
208C000
|
heap
|
page read and write
|
||
|
37F1000
|
direct allocation
|
page read and write
|
||
|
1FC6000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
1837B277000
|
heap
|
page read and write
|
||
|
1E59000
|
heap
|
page read and write
|
||
|
1BF0000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
1710000
|
heap
|
page read and write
|
||
|
16DD000
|
heap
|
page read and write
|
||
|
24328C13000
|
heap
|
page read and write
|
||
|
191B000
|
unkown
|
page readonly
|
||
|
1DF9000
|
heap
|
page read and write
|
||
|
20074150000
|
trusted library allocation
|
page read and write
|
||
|
20B8000
|
heap
|
page read and write
|
||
|
2699A44B000
|
heap
|
page read and write
|
||
|
4E25000
|
direct allocation
|
page read and write
|
||
|
3166000
|
direct allocation
|
page read and write
|
||
|
2088000
|
heap
|
page read and write
|
||
|
41B0000
|
direct allocation
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
7377000
|
heap
|
page read and write
|
||
|
20074154000
|
trusted library allocation
|
page read and write
|
||
|
6C9B7000
|
unkown
|
page readonly
|
||
|
1837B2F2000
|
heap
|
page read and write
|
||
|
1FFD000
|
heap
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
1967000
|
unkown
|
page readonly
|
||
|
1928000
|
unkown
|
page readonly
|
||
|
31C4000
|
direct allocation
|
page read and write
|
||
|
1712000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
18377379000
|
heap
|
page read and write
|
||
|
73E2000
|
heap
|
page read and write
|
||
|
31DF000
|
direct allocation
|
page read and write
|
||
|
1E25000
|
heap
|
page read and write
|
||
|
63C5000
|
trusted library allocation
|
page read and write
|
||
|
1837B315000
|
heap
|
page read and write
|
||
|
200742BE000
|
heap
|
page read and write
|
||
|
16D7000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
3BB7000
|
direct allocation
|
page read and write
|
||
|
25A8000
|
direct allocation
|
page read and write
|
||
|
31D1000
|
direct allocation
|
page read and write
|
||
|
57A0000
|
heap
|
page read and write
|
||
|
7422000
|
heap
|
page read and write
|
||
|
5417000
|
direct allocation
|
page read and write
|
||
|
5705000
|
heap
|
page read and write
|
||
|
20074140000
|
trusted library allocation
|
page read and write
|
||
|
D277EFB000
|
stack
|
page read and write
|
||
|
1498000
|
unkown
|
page read and write
|
||
|
3228000
|
direct allocation
|
page read and write
|
||
|
194F000
|
unkown
|
page readonly
|
||
|
EC5000
|
unkown
|
page read and write
|
||
|
1C4E000
|
heap
|
page read and write
|
||
|
1837B34D000
|
heap
|
page read and write
|
||
|
969F000
|
stack
|
page read and write
|
||
|
3C49000
|
direct allocation
|
page read and write
|
||
|
24C3000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1E70000
|
heap
|
page read and write
|
||
|
5298000
|
direct allocation
|
page read and write
|
||
|
3C28000
|
direct allocation
|
page read and write
|
||
|
2035000
|
heap
|
page read and write
|
||
|
6C7B4000
|
unkown
|
page execute read
|
||
|
599A000
|
direct allocation
|
page read and write
|
||
|
7781E7E000
|
unkown
|
page readonly
|
||
|
3C67000
|
direct allocation
|
page read and write
|
||
|
20AF000
|
heap
|
page read and write
|
||
|
66F000
|
unkown
|
page execute read
|
||
|
4DDE000
|
direct allocation
|
page read and write
|
||
|
549D000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
48B000
|
stack
|
page read and write
|
||
|
566D000
|
heap
|
page read and write
|
||
|
828D335000
|
stack
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
20074222000
|
heap
|
page read and write
|
||
|
1F2E000
|
stack
|
page read and write
|
||
|
1D0D1C02000
|
heap
|
page read and write
|
||
|
2359000
|
heap
|
page read and write
|
||
|
3CE8000
|
direct allocation
|
page read and write
|
||
|
7417000
|
heap
|
page read and write
|
||
|
18377380000
|
heap
|
page read and write
|
||
|
2006ECFE000
|
heap
|
page read and write
|
||
|
EC7000
|
unkown
|
page read and write
|
||
|
3C7C000
|
direct allocation
|
page read and write
|
||
|
1E41000
|
heap
|
page read and write
|
||
|
24EF000
|
direct allocation
|
page read and write
|
||
|
E8D000
|
unkown
|
page read and write
|
||
|
63A6000
|
trusted library allocation
|
page read and write
|
||
|
6C940000
|
unkown
|
page readonly
|
||
|
4F1000
|
unkown
|
page execute read
|
||
|
24FE000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1FFE000
|
heap
|
page read and write
|
||
|
2A7B000
|
heap
|
page read and write
|
||
|
1E07000
|
heap
|
page read and write
|
||
|
7F9F000
|
stack
|
page read and write
|
||
|
18379473000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
20074169000
|
trusted library allocation
|
page read and write
|
||
|
7780F7E000
|
unkown
|
page readonly
|
||
|
4021000
|
heap
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
2006EC91000
|
heap
|
page read and write
|
||
|
1B3B000
|
stack
|
page read and write
|
||
|
3B29000
|
direct allocation
|
page read and write
|
||
|
7F540000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
1BB0000
|
heap
|
page read and write
|
||
|
1989000
|
unkown
|
page readonly
|
||
|
73B4000
|
heap
|
page read and write
|
||
|
4030000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
6C93C000
|
unkown
|
page read and write
|
||
|
6C716000
|
unkown
|
page execute read
|
||
|
20D9000
|
heap
|
page read and write
|
||
|
4220000
|
heap
|
page read and write
|
||
|
1FFF000
|
heap
|
page read and write
|
||
|
328C000
|
direct allocation
|
page read and write
|
||
|
1596000
|
unkown
|
page write copy
|
||
|
B65F000
|
stack
|
page read and write
|
||
|
1E5F000
|
heap
|
page read and write
|
||
|
5499000
|
heap
|
page read and write
|
||
|
3313000
|
direct allocation
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
334E000
|
stack
|
page read and write
|
||
|
200E000
|
heap
|
page read and write
|
||
|
7368000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
F73000
|
unkown
|
page read and write
|
||
|
18377230000
|
heap
|
page readonly
|
||
|
1E54000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
1E59000
|
heap
|
page read and write
|
||
|
621000
|
unkown
|
page execute read
|
||
|
3204000
|
direct allocation
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
20F9000
|
heap
|
page read and write
|
||
|
528A000
|
direct allocation
|
page read and write
|
||
|
7407000
|
heap
|
page read and write
|
||
|
2006F51A000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
5225000
|
direct allocation
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
7365000
|
heap
|
page read and write
|
||
|
3CDA000
|
direct allocation
|
page read and write
|
||
|
2006F502000
|
heap
|
page read and write
|
||
|
235A000
|
heap
|
page read and write
|
||
|
23E0000
|
heap
|
page read and write
|
||
|
7781C7E000
|
unkown
|
page readonly
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
368B000
|
heap
|
page read and write
|
||
|
20074440000
|
trusted library allocation
|
page read and write
|
||
|
2012000
|
heap
|
page read and write
|
||
|
5431000
|
direct allocation
|
page read and write
|
||
|
4E37000
|
direct allocation
|
page read and write
|
||
|
209A000
|
heap
|
page read and write
|
||
|
3C2A000
|
direct allocation
|
page read and write
|
||
|
39F3000
|
heap
|
page read and write
|
||
|
18379573000
|
heap
|
page read and write
|
||
|
3C60000
|
direct allocation
|
page read and write
|
||
|
183773B2000
|
heap
|
page read and write
|
||
|
1837735B000
|
heap
|
page read and write
|
||
|
73A1000
|
heap
|
page read and write
|
||
|
E5B000
|
unkown
|
page execute read
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
63A0000
|
trusted library allocation
|
page read and write
|
||
|
20FF000
|
heap
|
page read and write
|
||
|
183773B2000
|
heap
|
page read and write
|
||
|
1837B3BF000
|
heap
|
page read and write
|
||
|
258E000
|
stack
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
18B3000
|
unkown
|
page readonly
|
||
|
3C58000
|
direct allocation
|
page read and write
|
||
|
1FF5000
|
heap
|
page read and write
|
||
|
240D000
|
heap
|
page read and write
|
||
|
14A5000
|
unkown
|
page read and write
|
||
|
31B5000
|
direct allocation
|
page read and write
|
||
|
37CD000
|
direct allocation
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
1E3E000
|
stack
|
page read and write
|
||
|
212A000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1704000
|
heap
|
page read and write
|
||
|
2037000
|
heap
|
page read and write
|
||
|
6C93D000
|
unkown
|
page read and write
|
||
|
423A000
|
direct allocation
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
1EA2000
|
heap
|
page read and write
|
||
|
18377330000
|
heap
|
page read and write
|
||
|
6CAC5000
|
unkown
|
page readonly
|
||
|
1FC3000
|
heap
|
page read and write
|
||
|
939F000
|
stack
|
page read and write
|
||
|
1E5F000
|
heap
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
26852920000
|
heap
|
page read and write
|
||
|
EFF000
|
unkown
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
EC7000
|
unkown
|
page read and write
|
||
|
24AD000
|
direct allocation
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
16D3000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
34CE000
|
stack
|
page read and write
|
||
|
18377380000
|
heap
|
page read and write
|
||
|
1E5A000
|
heap
|
page read and write
|
||
|
7FF69E570000
|
unkown
|
page readonly
|
||
|
2699A45C000
|
heap
|
page read and write
|
||
|
5935000
|
direct allocation
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
208D000
|
heap
|
page read and write
|
||
|
568F000
|
stack
|
page read and write
|
||
|
1437000
|
stack
|
page read and write
|
||
|
2130000
|
heap
|
page read and write
|
||
|
3738000
|
direct allocation
|
page read and write
|
||
|
1BAB000
|
stack
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
16E8000
|
heap
|
page read and write
|
||
|
200742EC000
|
heap
|
page read and write
|
||
|
58C9000
|
direct allocation
|
page read and write
|
||
|
3BD1000
|
heap
|
page read and write
|
||
|
148B000
|
unkown
|
page read and write
|
||
|
1B15000
|
heap
|
page read and write
|
||
|
18377240000
|
heap
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
14D5000
|
unkown
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
EC7000
|
unkown
|
page read and write
|
||
|
1BFE000
|
stack
|
page read and write
|
||
|
8901FFE000
|
stack
|
page read and write
|
||
|
1709000
|
heap
|
page read and write
|
||
|
56D5000
|
heap
|
page read and write
|
||
|
18EB000
|
unkown
|
page readonly
|
||
|
41B7000
|
direct allocation
|
page read and write
|
||
|
3E11000
|
heap
|
page read and write
|
||
|
5242000
|
direct allocation
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
31BC000
|
direct allocation
|
page read and write
|
||
|
1E24000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
A25E000
|
stack
|
page read and write
|
||
|
20E5000
|
heap
|
page read and write
|
||
|
5E6A000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
58E7000
|
direct allocation
|
page read and write
|
||
|
18BD000
|
unkown
|
page readonly
|
||
|
14C3000
|
unkown
|
page read and write
|
||
|
51C0000
|
heap
|
page read and write
|
||
|
EBE000
|
unkown
|
page read and write
|
||
|
2C973FE000
|
stack
|
page read and write
|
||
|
14A6000
|
unkown
|
page read and write
|
||
|
318A000
|
direct allocation
|
page read and write
|
||
|
3A00000
|
heap
|
page read and write
|
||
|
1E46000
|
heap
|
page read and write
|
||
|
2006ED02000
|
heap
|
page read and write
|
||
|
208C000
|
heap
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
938000
|
unkown
|
page execute read
|
||
|
85DF000
|
stack
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
8A9F000
|
stack
|
page read and write
|
||
|
1FDE000
|
heap
|
page read and write
|
||
|
252E000
|
direct allocation
|
page read and write
|
||
|
18377330000
|
heap
|
page read and write
|
||
|
6C93C000
|
unkown
|
page read and write
|
||
|
3990000
|
direct allocation
|
page read and write
|
||
|
22CEE313000
|
heap
|
page read and write
|
||
|
1573000
|
unkown
|
page read and write
|
||
|
500B000
|
stack
|
page read and write
|
||
|
18379531000
|
heap
|
page read and write
|
||
|
200E000
|
heap
|
page read and write
|
||
|
31E7000
|
direct allocation
|
page read and write
|
||
|
1837C829000
|
heap
|
page read and write
|
||
|
2018000
|
heap
|
page read and write
|
||
|
4000000
|
heap
|
page read and write
|
||
|
E8D000
|
unkown
|
page read and write
|
||
|
1DF8000
|
heap
|
page read and write
|
||
|
1837B427000
|
heap
|
page read and write
|
||
|
2470000
|
direct allocation
|
page read and write
|
||
|
E8B000
|
unkown
|
page read and write
|
||
|
3BED000
|
direct allocation
|
page read and write
|
||
|
5090000
|
heap
|
page read and write
|
||
|
1593000
|
unkown
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
5953000
|
direct allocation
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
20E7000
|
heap
|
page read and write
|
||
|
1837B31A000
|
heap
|
page read and write
|
||
|
1E46000
|
heap
|
page read and write
|
||
|
15963602000
|
heap
|
page read and write
|
||
|
1C00000
|
heap
|
page read and write
|
||
|
1FDC000
|
heap
|
page read and write
|
||
|
1E7F000
|
heap
|
page read and write
|
||
|
203B000
|
heap
|
page read and write
|
||
|
20F9000
|
heap
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
200742BC000
|
heap
|
page read and write
|
||
|
200742F1000
|
heap
|
page read and write
|
||
|
16E6000
|
heap
|
page read and write
|
||
|
327F000
|
direct allocation
|
page read and write
|
||
|
2006F513000
|
heap
|
page read and write
|
||
|
84DE000
|
stack
|
page read and write
|
||
|
1705000
|
heap
|
page read and write
|
||
|
7FF69E570000
|
unkown
|
page readonly
|
||
|
3726000
|
direct allocation
|
page read and write
|
||
|
18D2000
|
unkown
|
page readonly
|
||
|
6CAF2000
|
unkown
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
6C72C000
|
unkown
|
page execute read
|
||
|
1E46000
|
heap
|
page read and write
|
||
|
3C06000
|
direct allocation
|
page read and write
|
||
|
3304000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
B95D000
|
stack
|
page read and write
|
||
|
344E000
|
stack
|
page read and write
|
||
|
4DBF000
|
direct allocation
|
page read and write
|
||
|
2E4E000
|
stack
|
page read and write
|
||
|
377E000
|
direct allocation
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
3189000
|
direct allocation
|
page read and write
|
||
|
6C60C000
|
unkown
|
page execute read
|
||
|
2400000
|
heap
|
page read and write
|
||
|
201D000
|
heap
|
page read and write
|
||
|
1E47000
|
heap
|
page read and write
|
||
|
14C7000
|
unkown
|
page read and write
|
||
|
1837B3F7000
|
heap
|
page read and write
|
||
|
2405000
|
heap
|
page read and write
|
||
|
3A53000
|
heap
|
page read and write
|
||
|
41F2000
|
direct allocation
|
page read and write
|
||
|
161D000
|
heap
|
page read and write
|
||
|
3E10000
|
heap
|
page read and write
|
||
|
4130000
|
heap
|
page read and write
|
||
|
2355000
|
heap
|
page read and write
|
||
|
183792F0000
|
heap
|
page read and write
|
||
|
63B6000
|
trusted library allocation
|
page read and write
|
||
|
31A1000
|
direct allocation
|
page read and write
|
||
|
32E8000
|
direct allocation
|
page read and write
|
||
|
589E000
|
direct allocation
|
page read and write
|
||
|
4C70000
|
heap
|
page read and write
|
||
|
3219000
|
direct allocation
|
page read and write
|
||
|
3744000
|
heap
|
page read and write
|
||
|
63B000
|
unkown
|
page execute read
|
||
|
3741000
|
heap
|
page read and write
|
||
|
54FC000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
18377318000
|
heap
|
page read and write
|
||
|
1E64000
|
heap
|
page read and write
|
||
|
620000
|
unkown
|
page readonly
|
||
|
20074110000
|
trusted library allocation
|
page read and write
|
||
|
F7B000
|
unkown
|
page readonly
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
202E000
|
heap
|
page read and write
|
||
|
170B000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
358E000
|
stack
|
page read and write
|
||
|
1837731C000
|
heap
|
page read and write
|
||
|
3777000
|
direct allocation
|
page read and write
|
||
|
1CCE000
|
stack
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
4E25000
|
direct allocation
|
page read and write
|
||
|
1E87000
|
heap
|
page read and write
|
||
|
1E5E000
|
heap
|
page read and write
|
||
|
324B000
|
direct allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
2013000
|
heap
|
page read and write
|
||
|
22CEE27E000
|
heap
|
page read and write
|
||
|
3853000
|
heap
|
page read and write
|
||
|
14D5000
|
unkown
|
page read and write
|
||
|
2006EB90000
|
trusted library allocation
|
page read and write
|
||
|
31BE000
|
direct allocation
|
page read and write
|
||
|
18377330000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1E0F000
|
heap
|
page read and write
|
||
|
4E3C000
|
direct allocation
|
page read and write
|
||
|
348E000
|
stack
|
page read and write
|
||
|
4E3E000
|
direct allocation
|
page read and write
|
||
|
24328C02000
|
heap
|
page read and write
|
||
|
1E7B000
|
heap
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
14DB000
|
unkown
|
page read and write
|
||
|
2699A3A0000
|
heap
|
page read and write
|
||
|
20074295000
|
heap
|
page read and write
|
||
|
18379636000
|
heap
|
page read and write
|
||
|
1E5F000
|
heap
|
page read and write
|
||
|
3E50000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
3226000
|
direct allocation
|
page read and write
|
||
|
8B9F000
|
stack
|
page read and write
|
||
|
6C93D000
|
unkown
|
page read and write
|
||
|
37F8000
|
direct allocation
|
page read and write
|
||
|
6C93D000
|
unkown
|
page read and write
|
||
|
73BD000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
3C8B000
|
direct allocation
|
page read and write
|
||
|
7FF69E5DE000
|
unkown
|
page write copy
|
||
|
809F000
|
stack
|
page read and write
|
||
|
1E02000
|
heap
|
page read and write
|
||
|
EEE000
|
unkown
|
page read and write
|
||
|
18DF000
|
unkown
|
page readonly
|
||
|
15963622000
|
heap
|
page read and write
|
||
|
14D7000
|
unkown
|
page read and write
|
||
|
15963643000
|
heap
|
page read and write
|
||
|
322E000
|
direct allocation
|
page read and write
|
||
|
22CEE263000
|
heap
|
page read and write
|
||
|
1701000
|
heap
|
page read and write
|
||
|
2029000
|
heap
|
page read and write
|
||
|
3DD0000
|
direct allocation
|
page execute and read and write
|
||
|
1E62000
|
heap
|
page read and write
|
||
|
2511000
|
direct allocation
|
page read and write
|
||
|
73EB000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1E24000
|
heap
|
page read and write
|
||
|
6DEF000
|
stack
|
page read and write
|
||
|
F0E000
|
unkown
|
page read and write
|
||
|
1B0E000
|
stack
|
page read and write
|
||
|
73B1000
|
heap
|
page read and write
|
||
|
260D000
|
direct allocation
|
page read and write
|
||
|
D2789F9000
|
stack
|
page read and write
|
||
|
EBE000
|
unkown
|
page read and write
|
||
|
3780000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
18D6000
|
unkown
|
page readonly
|
||
|
7377000
|
heap
|
page read and write
|
||
|
F1A87FF000
|
stack
|
page read and write
|
||
|
6CAF2000
|
unkown
|
page read and write
|
||
|
209A000
|
heap
|
page read and write
|
||
|
149C000
|
unkown
|
page read and write
|
||
|
183773B2000
|
heap
|
page read and write
|
||
|
52A4000
|
trusted library allocation
|
page read and write
|
||
|
3747000
|
direct allocation
|
page read and write
|
||
|
2F8E000
|
stack
|
page read and write
|
||
|
7419000
|
heap
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
5760000
|
direct allocation
|
page read and write
|
||
|
1BD4000
|
heap
|
page read and write
|
||
|
3C31000
|
direct allocation
|
page read and write
|
||
|
2006ED06000
|
heap
|
page read and write
|
||
|
1837AA50000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
1E7F000
|
heap
|
page read and write
|
||
|
1EA3000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1F44000
|
heap
|
page read and write
|
||
|
6C9C6000
|
unkown
|
page readonly
|
||
|
37E3000
|
direct allocation
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
202A000
|
heap
|
page read and write
|
||
|
3B6A000
|
direct allocation
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
7780A9B000
|
stack
|
page read and write
|
||
|
5510000
|
heap
|
page read and write
|
||
|
6C977000
|
unkown
|
page readonly
|
||
|
2678000
|
direct allocation
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
6B6F000
|
stack
|
page read and write
|
||
|
14BE000
|
unkown
|
page read and write
|
||
|
6CEE000
|
stack
|
page read and write
|
||
|
7362000
|
heap
|
page read and write
|
||
|
4E48000
|
direct allocation
|
page read and write
|
||
|
730F000
|
stack
|
page read and write
|
||
|
1D74000
|
heap
|
page read and write
|
||
|
20074100000
|
trusted library allocation
|
page read and write
|
||
|
2632000
|
direct allocation
|
page read and write
|
||
|
3C92000
|
direct allocation
|
page read and write
|
||
|
EC5000
|
unkown
|
page read and write
|
||
|
21F9000
|
heap
|
page read and write
|
||
|
1DF8000
|
heap
|
page read and write
|
||
|
20F6000
|
heap
|
page read and write
|
||
|
6C71F000
|
unkown
|
page execute read
|
||
|
2006ED29000
|
heap
|
page read and write
|
||
|
31CE000
|
stack
|
page read and write
|
||
|
3321000
|
direct allocation
|
page read and write
|
||
|
24328B90000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
1E48000
|
heap
|
page read and write
|
||
|
1714000
|
heap
|
page read and write
|
||
|
183773C5000
|
heap
|
page read and write
|
||
|
183793F0000
|
heap
|
page read and write
|
||
|
1942000
|
unkown
|
page readonly
|
||
|
19C0000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
3761000
|
direct allocation
|
page read and write
|
||
|
1E14000
|
heap
|
page read and write
|
||
|
153B000
|
stack
|
page read and write
|
||
|
1554000
|
unkown
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
313F000
|
direct allocation
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
3209000
|
direct allocation
|
page read and write
|
||
|
591F000
|
direct allocation
|
page read and write
|
||
|
18377381000
|
heap
|
page read and write
|
||
|
20074110000
|
trusted library allocation
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
32EF000
|
direct allocation
|
page read and write
|
||
|
828DBFE000
|
stack
|
page read and write
|
||
|
7357000
|
heap
|
page read and write
|
||
|
4DC2000
|
direct allocation
|
page read and write
|
||
|
E9F000
|
unkown
|
page read and write
|
||
|
4201000
|
direct allocation
|
page read and write
|
||
|
1E7F000
|
heap
|
page read and write
|
||
|
3781000
|
heap
|
page read and write
|
||
|
202B000
|
heap
|
page read and write
|
||
|
7FF69E5CB000
|
unkown
|
page read and write
|
||
|
2101000
|
heap
|
page read and write
|
||
|
32AE000
|
direct allocation
|
page read and write
|
||
|
2499000
|
direct allocation
|
page read and write
|
||
|
5F1E000
|
stack
|
page read and write
|
||
|
1E14000
|
heap
|
page read and write
|
||
|
1614000
|
heap
|
page read and write
|
||
|
1837B327000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
3C1A000
|
direct allocation
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
24328C77000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
3253000
|
direct allocation
|
page read and write
|
||
|
5283000
|
direct allocation
|
page read and write
|
||
|
2DCE000
|
stack
|
page read and write
|
||
|
3CE1000
|
direct allocation
|
page read and write
|
||
|
1CD0000
|
heap
|
page read and write
|
||
|
19E5000
|
unkown
|
page readonly
|
||
|
6C6A5000
|
unkown
|
page execute read
|
||
|
13FC000
|
unkown
|
page execute read
|
||
|
D2777FE000
|
unkown
|
page readonly
|
||
|
1837B37D000
|
heap
|
page read and write
|
||
|
37A2000
|
direct allocation
|
page read and write
|
||
|
20D4000
|
heap
|
page read and write
|
||
|
25F9000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
1BF4000
|
heap
|
page read and write
|
||
|
22CEE260000
|
heap
|
page read and write
|
||
|
26853300000
|
heap
|
page read and write
|
||
|
7417000
|
heap
|
page read and write
|
||
|
8901C7B000
|
stack
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
20CB000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1D0D1AB0000
|
heap
|
page read and write
|
||
|
170A000
|
heap
|
page read and write
|
||
|
31D7000
|
direct allocation
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
1E03000
|
heap
|
page read and write
|
||
|
178C000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
26C8000
|
direct allocation
|
page read and write
|
||
|
22CEE400000
|
heap
|
page read and write
|
||
|
170B000
|
heap
|
page read and write
|
||
|
A7C000
|
unkown
|
page execute read
|
||
|
41D5000
|
direct allocation
|
page read and write
|
||
|
37B8000
|
direct allocation
|
page read and write
|
||
|
1BCD000
|
heap
|
page read and write
|
||
|
3B3D000
|
direct allocation
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
||
|
696F000
|
stack
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
209E000
|
heap
|
page read and write
|
||
|
3721000
|
heap
|
page read and write
|
||
|
18FE000
|
unkown
|
page readonly
|
||
|
778127D000
|
stack
|
page read and write
|
||
|
22CEE265000
|
heap
|
page read and write
|
||
|
1E6B000
|
heap
|
page read and write
|
||
|
3C6E000
|
direct allocation
|
page read and write
|
||
|
2699A380000
|
heap
|
page read and write
|
||
|
1E06000
|
heap
|
page read and write
|
||
|
2699A3E0000
|
trusted library allocation
|
page read and write
|
||
|
3228000
|
direct allocation
|
page read and write
|
||
|
1C14000
|
heap
|
page read and write
|
||
|
2552000
|
direct allocation
|
page read and write
|
||
|
397F000
|
stack
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
183773B4000
|
heap
|
page read and write
|
||
|
20DA000
|
heap
|
page read and write
|
||
|
40C1000
|
heap
|
page read and write
|
||
|
1E02000
|
heap
|
page read and write
|
||
|
3741000
|
heap
|
page read and write
|
There are 2329 hidden memdumps, click here to show them.