Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
na.doc
|
Nim source code, Non-ISO extended-ASCII text, with very long lines (65276), with CR line terminators
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\4q0pGnqqpgTTSL7[1].exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\ihbgfbin.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\Desktop\~$na.doc
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{543080F1-6ACA-4A7A-9279-875599102085}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DB7BB40F-0C2E-47B2-B425-799BEAB45B59}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E7B21753-11AB-4008-8617-6E8AEEEB606B}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E93F3014-D774-4716-B703-31FE7E6367A9}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\fhucv053.rrw.psm1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\zfjdguxk.xia.ps1
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
|
Generic INItialization configuration [folders]
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\na.LNK
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Fri Aug 11 15:42:09
2023, mtime=Fri Aug 11 15:42:09 2023, atime=Wed Oct 30 06:37:24 2024, length=1189943, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
|
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /Automation -Embedding
|
|
|
|
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
|
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
|
|
|
|
C:\Users\user\AppData\Roaming\ihbgfbin.exe
|
"C:\Users\user\AppData\Roaming\ihbgfbin.exe"
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\ihbgfbin.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\ihbgfbin.exe
|
"C:\Users\user\AppData\Roaming\ihbgfbin.exe"
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
|
|
|
C:\Windows\SysWOW64\mstsc.exe
|
"C:\Windows\SysWOW64\mstsc.exe"
|
|
|
|
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
|
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/c del "C:\Users\user\AppData\Roaming\ihbgfbin.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://87.120.84.38/txt/4q0pGnqqpgTTSL7.exe
|
87.120.84.38
|
|
|
|
www.lifeofthobes.uk/btrd/
|
|
||
|
http://www.gynlkj.comReferer:
|
unknown
|
||
|
http://www.docemimocasamentos.com/btrd/www.solarcyborg.com
|
unknown
|
||
|
http://87.120.84.38/txt/4q0pGnqqpgTTSL7.exettC:
|
unknown
|
||
|
http://www.docemimocasamentos.com
|
unknown
|
||
|
http://www.fcno30.com/btrd/
|
unknown
|
||
|
http://www.mbbwa4wp.cfd/btrd/www.fcno30.com
|
unknown
|
||
|
http://www.thecareskin.com/btrd/www.opmk.monster
|
unknown
|
||
|
http://www.education2jobs.comReferer:
|
unknown
|
||
|
http://www.martline.website/btrd/www.affirmationtotebags.com
|
unknown
|
||
|
http://www.ko-or-a-news.com
|
unknown
|
||
|
http://www.ko-or-a-news.com/btrd/
|
unknown
|
||
|
http://www.trygenesisx.com/btrd/
|
unknown
|
||
|
http://www.martline.website/btrd/
|
unknown
|
||
|
http://www.opmk.monsterReferer:
|
unknown
|
||
|
http://www.affirmationtotebags.com
|
unknown
|
||
|
http://www.mbbwa4wp.cfdReferer:
|
unknown
|
||
|
http://www.affirmationtotebags.com/btrd/www.mbbwa4wp.cfd
|
unknown
|
||
|
http://www.jejeesclothing.com/btrd/www.nashexshop.com
|
unknown
|
||
|
http://www.gynlkj.com/btrd/
|
unknown
|
||
|
http://www.ko-or-a-news.com/btrd/www.launchyouglobal.com
|
unknown
|
||
|
http://www.autoitscript.com/autoit3
|
unknown
|
||
|
http://www.fcno30.comReferer:
|
unknown
|
||
|
http://www.opmk.monster/btrd/www.martline.website
|
unknown
|
||
|
http://www.launchyouglobal.com/btrd/
|
unknown
|
||
|
http://www.trygenesisx.com
|
unknown
|
||
|
http://www.solarcyborg.com
|
unknown
|
||
|
http://www.lifeofthobes.uk
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.martline.website
|
unknown
|
||
|
http://www.thecareskin.com
|
unknown
|
||
|
http://www.fcno30.com
|
unknown
|
||
|
http://www.launchyouglobal.com/btrd/www.trygenesisx.com
|
unknown
|
||
|
http://www.gynlkj.com/btrd/www.docemimocasamentos.com
|
unknown
|
||
|
http://www.mbbwa4wp.cfd/btrd/
|
unknown
|
||
|
http://www.piriform.com/ccleanerxe
|
unknown
|
||
|
http://www.trygenesisx.comReferer:
|
unknown
|
||
|
http://www.ko-or-a-news.comReferer:
|
unknown
|
||
|
http://www.jejeesclothing.comReferer:
|
unknown
|
||
|
http://www.nashexshop.com/btrd/
|
unknown
|
||
|
http://www.opmk.monster
|
unknown
|
||
|
http://www.nashexshop.com
|
unknown
|
||
|
http://www.solarcyborg.com/btrd/
|
unknown
|
||
|
http://www.education2jobs.com/btrd/www.lifeofthobes.uk
|
unknown
|
||
|
http://www.solarcyborg.comReferer:
|
unknown
|
||
|
http://www.education2jobs.com
|
unknown
|
||
|
http://www.mbbwa4wp.cfd
|
unknown
|
||
|
http://www.education2jobs.com/btrd/
|
unknown
|
||
|
http://www.affirmationtotebags.comReferer:
|
unknown
|
||
|
http://www.nashexshop.comReferer:
|
unknown
|
||
|
http://www.lifeofthobes.uk/btrd/www.thecareskin.com
|
unknown
|
||
|
http://www.affirmationtotebags.com/btrd/
|
unknown
|
||
|
http://www.docemimocasamentos.com/btrd/
|
unknown
|
||
|
http://www.jejeesclothing.com
|
unknown
|
||
|
http://www.solarcyborg.com/btrd/PUS
|
unknown
|
||
|
http://www.martline.websiteReferer:
|
unknown
|
||
|
http://87.120.84.38/txt/4q0pGnqqpgTTSL7.exeC:
|
unknown
|
||
|
http://java.sun.com
|
unknown
|
||
|
http://www.fcno30.com/btrd/www.ko-or-a-news.com
|
unknown
|
||
|
http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv
|
unknown
|
||
|
http://www.gynlkj.com
|
unknown
|
||
|
http://www.thecareskin.comReferer:
|
unknown
|
||
|
http://www.docemimocasamentos.comReferer:
|
unknown
|
||
|
http://www.launchyouglobal.com
|
unknown
|
||
|
http://www.thecareskin.com/btrd/
|
unknown
|
||
|
http://www.launchyouglobal.comReferer:
|
unknown
|
||
|
http://www.piriform.com/ccleaner
|
unknown
|
||
|
http://87.120.84.38/txt/4q0pGnqqpgTTSL7.exej
|
unknown
|
||
|
http://www.lifeofthobes.uk/btrd/
|
unknown
|
||
|
http://www.trygenesisx.com/btrd/www.jejeesclothing.com
|
unknown
|
||
|
https://support.mozilla.org
|
unknown
|
||
|
http://www.nashexshop.com/btrd/www.gynlkj.com
|
unknown
|
||
|
http://www.jejeesclothing.com/btrd/
|
unknown
|
||
|
http://www.lifeofthobes.ukReferer:
|
unknown
|
||
|
http://www.opmk.monster/btrd/
|
unknown
|
There are 66 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
thecareskin.com
|
13.248.213.45
|
|
|
|
fcno30.com
|
68.66.226.117
|
|
|
|
www.education2jobs.com
|
unknown
|
|
|
|
www.launchyouglobal.com
|
unknown
|
|
|
|
www.thecareskin.com
|
unknown
|
|
|
|
www.opmk.monster
|
unknown
|
|
|
|
www.mbbwa4wp.cfd
|
unknown
|
|
|
|
www.fcno30.com
|
unknown
|
|
|
|
www.lifeofthobes.uk
|
unknown
|
|
|
|
www.ko-or-a-news.com
|
unknown
|
|
|
|
www.affirmationtotebags.com
|
unknown
|
|
|
|
www.trygenesisx.com
|
unknown
|
There are 2 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.248.213.45
|
thecareskin.com
|
United States
|
|
|
|
87.120.84.38
|
unknown
|
Bulgaria
|
|
|
|
68.66.226.117
|
fcno30.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
|
Blob
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
|
Blob
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
|
wr0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Outlook\Journaling\Microsoft Word
|
Enabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
|
MTTT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
|
?t0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
|
6u0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
|
ReviewToken
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\2E724
|
2E724
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Arial Unicode MS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Batang
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@BatangChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@DFKai-SB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Dotum
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@DotumChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@FangSong
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Gulim
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@GulimChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Gungsuh
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@GungsuhChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@KaiTi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Malgun Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Meiryo
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Meiryo UI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Microsoft JhengHei
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@Microsoft YaHei
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MingLiU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MingLiU_HKSCS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MingLiU_HKSCS-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MingLiU-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MS Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MS Mincho
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MS PGothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MS PMincho
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@MS UI Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@NSimSun
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@PMingLiU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@PMingLiU-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@SimHei
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@SimSun
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
@SimSun-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Agency FB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Aharoni
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Algerian
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Andalus
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Angsana New
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
AngsanaUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Aparajita
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Arabic Typesetting
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Arial
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Arial Black
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Arial Narrow
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Arial Rounded MT Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Arial Unicode MS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Baskerville Old Face
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Batang
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
BatangChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bauhaus 93
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bell MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Berlin Sans FB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Berlin Sans FB Demi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bernard MT Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Blackadder ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bodoni MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bodoni MT Black
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bodoni MT Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bodoni MT Poster Compressed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Book Antiqua
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bookman Old Style
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bookshelf Symbol 7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Bradley Hand ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Britannic Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Broadway
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Browallia New
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
BrowalliaUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Brush Script MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Calibri
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Calibri Light
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Californian FB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Calisto MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Cambria
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Cambria Math
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Candara
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Castellar
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Centaur
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Century
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Century Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Century Schoolbook
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Chiller
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Colonna MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Comic Sans MS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Consolas
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Constantia
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Cooper Black
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Copperplate Gothic Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Copperplate Gothic Light
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Corbel
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Cordia New
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
CordiaUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Courier New
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Curlz MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
DaunPenh
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
David
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
DFKai-SB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
DilleniaUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
DokChampa
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Dotum
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
DotumChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Ebrima
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Edwardian Script ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Elephant
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Engravers MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Eras Bold ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Eras Demi ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Eras Light ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Eras Medium ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Estrangelo Edessa
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
EucrosiaUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Euphemia
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
FangSong
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Felix Titling
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Footlight MT Light
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Forte
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Franklin Gothic Book
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Franklin Gothic Demi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Franklin Gothic Demi Cond
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Franklin Gothic Heavy
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Franklin Gothic Medium
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Franklin Gothic Medium Cond
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
FrankRuehl
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
FreesiaUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Freestyle Script
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
French Script MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gabriola
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Garamond
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gautami
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Georgia
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gigi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gill Sans MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gill Sans MT Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gill Sans MT Ext Condensed Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gill Sans Ultra Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gill Sans Ultra Bold Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gisha
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gloucester MT Extra Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Goudy Old Style
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Goudy Stout
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gulim
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
GulimChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Gungsuh
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
GungsuhChe
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Haettenschweiler
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Harlow Solid Italic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Harrington
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
High Tower Text
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Impact
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Imprint MT Shadow
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Informal Roman
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
IrisUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Iskoola Pota
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
JasmineUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Jokerman
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Juice ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
KaiTi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Kalinga
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Kartika
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Khmer UI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
KodchiangUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Kokila
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Kristen ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Kunstler Script
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lao UI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Latha
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Leelawadee
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Levenim MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
LilyUPC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Bright
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Calligraphy
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Console
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Fax
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Handwriting
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Sans
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Sans Typewriter
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Lucida Sans Unicode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Magneto
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Maiandra GD
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Malgun Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Mangal
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Marlett
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Matura MT Script Capitals
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Meiryo
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Meiryo UI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft Himalaya
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft JhengHei
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft New Tai Lue
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft PhagsPa
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft Sans Serif
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft Tai Le
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft Uighur
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft YaHei
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Microsoft Yi Baiti
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MingLiU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MingLiU_HKSCS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MingLiU_HKSCS-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MingLiU-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Miriam
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Miriam Fixed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Mistral
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Modern No. 20
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Mongolian Baiti
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Monotype Corsiva
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MoolBoran
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS Mincho
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS Outlook
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS PGothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS PMincho
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS Reference Sans Serif
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS Reference Specialty
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MS UI Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MT Extra
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
MV Boli
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Narkisim
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Niagara Engraved
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Niagara Solid
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
NSimSun
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Nyala
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
OCR A Extended
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Old English Text MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Onyx
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Palace Script MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Palatino Linotype
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Papyrus
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Parchment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Perpetua
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Perpetua Titling MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Plantagenet Cherokee
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Playbill
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
PMingLiU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
PMingLiU-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Poor Richard
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Pristina
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Raavi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Rage Italic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Ravie
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Rockwell
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Rockwell Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Rockwell Extra Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Rod
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Sakkal Majalla
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Script MT Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Segoe Print
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Segoe Script
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Segoe UI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Segoe UI Light
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Segoe UI Semibold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Segoe UI Symbol
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Shonar Bangla
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Showcard Gothic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Shruti
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
SimHei
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Simplified Arabic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Simplified Arabic Fixed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
SimSun
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
SimSun-ExtB
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Snap ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Stencil
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Sylfaen
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Symbol
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Tahoma
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Tempus Sans ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Times New Roman
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Traditional Arabic
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Trebuchet MS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Tunga
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Tw Cen MT
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Tw Cen MT Condensed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Tw Cen MT Condensed Extra Bold
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Utsaah
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Vani
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Verdana
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Vijaya
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Viner Hand ITC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Vivaldi
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Vladimir Script
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Vrinda
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Webdings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Wide Latin
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Wingdings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Wingdings 2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
|
Wingdings 3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
ProductNonBootFilesIntl_1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
|
1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
WORDFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
VBAFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
|
ProductFiles
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
ProductNonBootFilesIntl_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
|
SavedLegacySettings
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
|
Unpacker
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
{6Q809377-6NS0-444O-8957-N3773S02200R}\Zvpebfbsg Bssvpr\Bssvpr14\JVAJBEQ.RKR
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
|
AutoIt3Script
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
|
WMP11.AssocFile.AVI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
|
CABFolder
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.contact\OpenWithProgids
|
contact_wab_auto_file
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
|
CSSfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
|
dllfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
|
Word.Document.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
|
Word.DocumentMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
|
Word.Document.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
|
Word.Template.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
|
Word.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
|
Word.Template.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DVR\OpenWithProgids
|
MediaCenter.DVR
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DVR-MS\OpenWithProgids
|
MediaCenter.DVR-MS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dwfx\OpenWithProgids
|
Windows.XPSReachViewer
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
|
emffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
|
exefile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
|
fonfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
|
giffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
|
icofile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
|
inifile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
|
pjpegfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
|
lnkfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
|
WMP11.AssocFile.m3u
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
|
WMP11.AssocFile.M4A
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
|
WMP11.AssocFile.MOV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
|
Outlook.File.msg.14
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
|
ocxfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
|
Word.OpenDocumentText.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
|
otffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
|
pngfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
|
PowerPoint.Template.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
|
PowerPoint.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
|
PowerPoint.Template.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
|
PowerPoint.Addin.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
|
PowerPoint.SlideShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
|
PowerPoint.SlideShow.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
|
PowerPoint.Show.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
|
PowerPoint.ShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
|
PowerPoint.Show.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
|
Microsoft.PowerShellXMLData.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
|
Microsoft.PowerShellSessionConfiguration.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
|
rlefile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
|
Word.RTF.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
|
SHCmdFile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
|
SearchFolder
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
|
shtmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
|
PowerPoint.SlideMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
|
PowerPoint.Slide.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
|
sysfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
|
ttcfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
|
ttffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
|
txtfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
|
bootstrap.vsto.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
|
WMP11.AssocFile.WAV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
|
WMP11.AssocFile.WAX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
|
WMP11.AssocFile.WMA
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
|
wmffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
|
WMP11.AssocFile.WMV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\OpenWithProgids
|
WMP11.AssocFile.WPL
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WTV\OpenWithProgids
|
MediaCenter.WTVFile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
|
WMP11.AssocFile.WVX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
|
Excel.AddInMacroEnabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
|
Excel.Sheet.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
|
Excel.SheetBinaryMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
|
Excel.SheetMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
|
Excel.Sheet.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
|
Excel.Template.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
|
Excel.TemplateMacroEnabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
|
Excel.Template
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
|
xmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xps\OpenWithProgids
|
Windows.XPSReachViewer
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
|
xslfile
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
|
EquationEditorFilesIntl_1033
|
There are 412 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
80000
|
system
|
page execute and read and write
|
|
|
|
410000
|
trusted library allocation
|
page read and write
|
|
|
|
3D27000
|
trusted library allocation
|
page read and write
|
|
|
|
140000
|
unclassified section
|
page execute and read and write
|
|
|
|
390000
|
unclassified section
|
page execute and read and write
|
|
|
|
8CE5000
|
system
|
page execute and read and write
|
||
|
8165000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page readonly
|
||
|
300000
|
unkown
|
page read and write
|
||
|
170000
|
stack
|
page read and write
|
||
|
3A50000
|
unkown
|
page readonly
|
||
|
10000
|
heap
|
page read and write
|
||
|
817000
|
heap
|
page read and write
|
||
|
13B000
|
stack
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
7FD5000
|
trusted library allocation
|
page read and write
|
||
|
89000
|
stack
|
page read and write
|
||
|
26B000
|
heap
|
page read and write
|
||
|
899F000
|
system
|
page read and write
|
||
|
1040000
|
direct allocation
|
page execute and read and write
|
||
|
3E82000
|
unkown
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
1D30000
|
unkown
|
page readonly
|
||
|
4F08000
|
heap
|
page read and write
|
||
|
1B83000
|
heap
|
page read and write
|
||
|
74DE000
|
unkown
|
page read and write
|
||
|
1D20000
|
unkown
|
page readonly
|
||
|
160000
|
trusted library allocation
|
page read and write
|
||
|
3970000
|
unkown
|
page readonly
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
22B4000
|
heap
|
page read and write
|
||
|
2607000
|
unkown
|
page read and write
|
||
|
7F63000
|
unkown
|
page read and write
|
||
|
8020000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
3BD0000
|
unkown
|
page read and write
|
||
|
7BD000
|
heap
|
page read and write
|
||
|
24E0000
|
unkown
|
page read and write
|
||
|
24B0000
|
heap
|
page execute and read and write
|
||
|
7B2F000
|
stack
|
page read and write
|
||
|
8AD000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page execute and read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
40F000
|
stack
|
page read and write
|
||
|
389F000
|
stack
|
page read and write
|
||
|
4610000
|
unkown
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
84B2000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
21E5000
|
unkown
|
page read and write
|
||
|
2BAF000
|
stack
|
page read and write
|
||
|
3B00000
|
unkown
|
page read and write
|
||
|
5E08000
|
stack
|
page read and write
|
||
|
3EBF000
|
stack
|
page read and write
|
||
|
464000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
9130000
|
heap
|
page read and write
|
||
|
8430000
|
heap
|
page read and write
|
||
|
3AD0000
|
unkown
|
page read and write
|
||
|
28E000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
64F0000
|
heap
|
page read and write
|
||
|
23D1000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
7A35000
|
heap
|
page read and write
|
||
|
41F000
|
remote allocation
|
page execute and read and write
|
||
|
803E000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3890000
|
unkown
|
page read and write
|
||
|
3C50000
|
unkown
|
page readonly
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2C7F000
|
unclassified section
|
page read and write
|
||
|
3E8000
|
stack
|
page read and write
|
||
|
2D95000
|
heap
|
page read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
62FF000
|
stack
|
page read and write
|
||
|
253F000
|
stack
|
page read and write
|
||
|
1CA000
|
heap
|
page read and write
|
||
|
8D0A000
|
system
|
page execute and read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
84B9000
|
heap
|
page read and write
|
||
|
28C000
|
stack
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
3B10000
|
unkown
|
page read and write
|
||
|
3C0000
|
heap
|
page read and write
|
||
|
3D00000
|
unkown
|
page readonly
|
||
|
294000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
6F0000
|
trusted library section
|
page read and write
|
||
|
47F9000
|
stack
|
page read and write
|
||
|
646000
|
heap
|
page read and write
|
||
|
207A000
|
heap
|
page read and write
|
||
|
18A000
|
stack
|
page read and write
|
||
|
226000
|
heap
|
page read and write
|
||
|
7060000
|
unkown
|
page read and write
|
||
|
E0000
|
unkown
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3AC0000
|
unkown
|
page read and write
|
||
|
2D70000
|
unkown
|
page read and write
|
||
|
1BE0000
|
unkown
|
page readonly
|
||
|
357D000
|
stack
|
page read and write
|
||
|
4170000
|
unkown
|
page read and write
|
||
|
2200000
|
heap
|
page read and write
|
||
|
7F63000
|
unkown
|
page read and write
|
||
|
3B92000
|
stack
|
page read and write
|
||
|
4F04000
|
heap
|
page read and write
|
||
|
150000
|
trusted library allocation
|
page read and write
|
||
|
31E000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
6699000
|
stack
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7C1E000
|
stack
|
page read and write
|
||
|
330000
|
heap
|
page read and write
|
||
|
3B97000
|
stack
|
page read and write
|
||
|
3BF0000
|
unkown
|
page read and write
|
||
|
61C0000
|
heap
|
page read and write
|
||
|
23E0000
|
unkown
|
page readonly
|
||
|
2380000
|
direct allocation
|
page execute and read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
3E90000
|
unkown
|
page read and write
|
||
|
4778000
|
unkown
|
page read and write
|
||
|
86BD000
|
stack
|
page read and write
|
||
|
17A000
|
trusted library allocation
|
page execute and read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
6A13000
|
heap
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
16D000
|
trusted library allocation
|
page execute and read and write
|
||
|
24A1000
|
unkown
|
page read and write
|
||
|
2BF4000
|
heap
|
page read and write
|
||
|
3C90000
|
unkown
|
page readonly
|
||
|
E0000
|
unkown
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
3E59000
|
unkown
|
page read and write
|
||
|
2280000
|
direct allocation
|
page execute and read and write
|
||
|
3E98000
|
unkown
|
page read and write
|
||
|
1BD000
|
heap
|
page read and write
|
||
|
4020000
|
unkown
|
page readonly
|
||
|
7FA0000
|
unkown
|
page read and write
|
||
|
2430000
|
unkown
|
page read and write
|
||
|
C92000
|
unkown
|
page execute read
|
||
|
3EDA000
|
unkown
|
page read and write
|
||
|
713000
|
heap
|
page read and write
|
||
|
6D89000
|
stack
|
page read and write
|
||
|
2CB0000
|
unkown
|
page readonly
|
||
|
4758000
|
unkown
|
page read and write
|
||
|
7A35000
|
heap
|
page read and write
|
||
|
33C000
|
unkown
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
8246000
|
unkown
|
page execute and read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
3B90000
|
stack
|
page read and write
|
||
|
4887000
|
heap
|
page read and write
|
||
|
1F90000
|
heap
|
page read and write
|
||
|
86C0000
|
heap
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
69BB000
|
stack
|
page read and write
|
||
|
8E4C000
|
unkown
|
page read and write
|
||
|
7B3000
|
heap
|
page read and write
|
||
|
6B90000
|
heap
|
page read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
61C0000
|
heap
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
676B000
|
stack
|
page read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
2384000
|
direct allocation
|
page execute and read and write
|
||
|
7EA0000
|
unkown
|
page read and write
|
||
|
3EF8000
|
unkown
|
page read and write
|
||
|
7A30000
|
heap
|
page read and write
|
||
|
170000
|
stack
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
4610000
|
unkown
|
page read and write
|
||
|
1B40000
|
unkown
|
page read and write
|
||
|
4849000
|
heap
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
2300000
|
heap
|
page read and write
|
||
|
2E0000
|
heap
|
page read and write
|
||
|
23C1000
|
unkown
|
page read and write
|
||
|
3A3E000
|
stack
|
page read and write
|
||
|
2040000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FA0000
|
unkown
|
page read and write
|
||
|
2510000
|
direct allocation
|
page execute and read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
4200000
|
unkown
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
657D000
|
stack
|
page read and write
|
||
|
1FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2770000
|
unclassified section
|
page execute and read and write
|
||
|
41B000
|
remote allocation
|
page execute and read and write
|
||
|
759000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
602E000
|
stack
|
page read and write
|
||
|
2380000
|
unkown
|
page read and write
|
||
|
20000
|
unkown
|
page readonly
|
||
|
88000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
7460000
|
unkown
|
page read and write
|
||
|
36DF000
|
heap
|
page read and write
|
||
|
4750000
|
unkown
|
page read and write
|
||
|
643E000
|
stack
|
page read and write
|
||
|
4758000
|
unkown
|
page read and write
|
||
|
719000
|
heap
|
page read and write
|
||
|
669B000
|
stack
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
754A000
|
unkown
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
624000
|
heap
|
page read and write
|
||
|
842E000
|
stack
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
2504000
|
direct allocation
|
page execute and read and write
|
||
|
6030000
|
heap
|
page read and write
|
||
|
1CD2000
|
unkown
|
page read and write
|
||
|
154000
|
trusted library allocation
|
page read and write
|
||
|
2570000
|
direct allocation
|
page execute and read and write
|
||
|
2CB0000
|
unkown
|
page readonly
|
||
|
1CFA000
|
unkown
|
page read and write
|
||
|
2710000
|
trusted library allocation
|
page read and write
|
||
|
3A4E000
|
stack
|
page read and write
|
||
|
7508000
|
unkown
|
page read and write
|
||
|
7524000
|
unkown
|
page read and write
|
||
|
26B000
|
heap
|
page read and write
|
||
|
49CD000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
472E000
|
stack
|
page read and write
|
||
|
33E000
|
stack
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
3BC0000
|
unkown
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
6B99000
|
heap
|
page read and write
|
||
|
7EF40000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C50000
|
unkown
|
page readonly
|
||
|
447000
|
heap
|
page read and write
|
||
|
472E000
|
stack
|
page read and write
|
||
|
489F000
|
stack
|
page read and write
|
||
|
187000
|
trusted library allocation
|
page execute and read and write
|
||
|
3630000
|
heap
|
page read and write
|
||
|
2304000
|
heap
|
page read and write
|
||
|
21F1000
|
heap
|
page read and write
|
||
|
298000
|
heap
|
page read and write
|
||
|
3F80000
|
unkown
|
page read and write
|
||
|
140000
|
trusted library allocation
|
page read and write
|
||
|
2AF1000
|
unkown
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
182000
|
trusted library allocation
|
page read and write
|
||
|
4020000
|
unkown
|
page readonly
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
298000
|
heap
|
page read and write
|
||
|
3AF0000
|
unkown
|
page read and write
|
||
|
3D17000
|
unkown
|
page read and write
|
||
|
8170000
|
unkown
|
page execute and read and write
|
||
|
2D99000
|
heap
|
page read and write
|
||
|
8165000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
207D000
|
heap
|
page read and write
|
||
|
2524000
|
trusted library allocation
|
page read and write
|
||
|
64F0000
|
heap
|
page read and write
|
||
|
2D70000
|
unkown
|
page read and write
|
||
|
21AE000
|
stack
|
page read and write
|
||
|
D40000
|
direct allocation
|
page execute and read and write
|
||
|
74F7000
|
unkown
|
page read and write
|
||
|
1B65000
|
heap
|
page read and write
|
||
|
3970000
|
unkown
|
page readonly
|
||
|
23D1000
|
unkown
|
page read and write
|
||
|
17C000
|
stack
|
page read and write
|
||
|
300000
|
unkown
|
page read and write
|
||
|
3DB1000
|
unkown
|
page read and write
|
||
|
3C60000
|
unkown
|
page readonly
|
||
|
FC1000
|
direct allocation
|
page execute and read and write
|
||
|
49CD000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
64D0000
|
heap
|
page read and write
|
||
|
2407000
|
unkown
|
page read and write
|
||
|
7524000
|
unkown
|
page read and write
|
||
|
3870000
|
unkown
|
page read and write
|
||
|
3B3D000
|
stack
|
page read and write
|
||
|
3AE000
|
stack
|
page read and write
|
||
|
2BF8000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2A5000
|
heap
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
4050000
|
unkown
|
page readonly
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
69BB000
|
stack
|
page read and write
|
||
|
7A53000
|
heap
|
page read and write
|
||
|
3E90000
|
unkown
|
page read and write
|
||
|
3890000
|
unkown
|
page read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
69F0000
|
heap
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
7A53000
|
heap
|
page read and write
|
||
|
7460000
|
unkown
|
page read and write
|
||
|
3DBF000
|
stack
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
28E000
|
heap
|
page read and write
|
||
|
74F7000
|
unkown
|
page read and write
|
||
|
179000
|
stack
|
page read and write
|
||
|
3C7F000
|
stack
|
page read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
260E000
|
unkown
|
page read and write
|
||
|
27F000
|
stack
|
page read and write
|
||
|
260A000
|
unkown
|
page read and write
|
||
|
3E59000
|
unkown
|
page read and write
|
||
|
2410000
|
direct allocation
|
page execute and read and write
|
||
|
854000
|
heap
|
page read and write
|
||
|
26E0000
|
unkown
|
page readonly
|
||
|
6F4000
|
heap
|
page read and write
|
||
|
6250000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2501000
|
direct allocation
|
page execute and read and write
|
||
|
36CF000
|
heap
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
6C90000
|
heap
|
page read and write
|
||
|
36E4000
|
heap
|
page read and write
|
||
|
3DB1000
|
unkown
|
page read and write
|
||
|
7A30000
|
heap
|
page read and write
|
||
|
3E82000
|
unkown
|
page read and write
|
||
|
3A60000
|
unkown
|
page readonly
|
||
|
1BD000
|
heap
|
page read and write
|
||
|
153000
|
trusted library allocation
|
page execute and read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
6C90000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
1DBF000
|
stack
|
page read and write
|
||
|
B8F000
|
stack
|
page read and write
|
||
|
3D00000
|
unkown
|
page readonly
|
||
|
382B000
|
stack
|
page read and write
|
||
|
8040000
|
unkown
|
page read and write
|
||
|
96C000
|
system
|
page execute and read and write
|
||
|
278F000
|
unclassified section
|
page read and write
|
||
|
2420000
|
unkown
|
page read and write
|
||
|
777000
|
heap
|
page read and write
|
||
|
220000
|
heap
|
page read and write
|
||
|
4010000
|
heap
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
3C70000
|
unkown
|
page readonly
|
||
|
2C90000
|
unkown
|
page readonly
|
||
|
55D000
|
heap
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
682F000
|
stack
|
page read and write
|
||
|
4160000
|
unkown
|
page read and write
|
||
|
3C00000
|
unkown
|
page read and write
|
||
|
3B00000
|
unkown
|
page read and write
|
||
|
4881000
|
heap
|
page read and write
|
||
|
4040000
|
unkown
|
page readonly
|
||
|
18B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A80000
|
unkown
|
page execute and read and write
|
||
|
3EF8000
|
unkown
|
page read and write
|
||
|
22AE000
|
stack
|
page read and write
|
||
|
510000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
7060000
|
unkown
|
page read and write
|
||
|
3D10000
|
unkown
|
page read and write
|
||
|
3ED8000
|
unkown
|
page read and write
|
||
|
2322000
|
heap
|
page read and write
|
||
|
1F1F000
|
stack
|
page read and write
|
||
|
489C000
|
heap
|
page read and write
|
||
|
E30000
|
direct allocation
|
page execute and read and write
|
||
|
7EE4000
|
unkown
|
page read and write
|
||
|
697000
|
heap
|
page read and write
|
||
|
669B000
|
stack
|
page read and write
|
||
|
1B30000
|
unkown
|
page readonly
|
||
|
8040000
|
unkown
|
page read and write
|
||
|
1B7000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
34F1000
|
trusted library allocation
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
36BD000
|
heap
|
page read and write
|
||
|
1DB0000
|
direct allocation
|
page read and write
|
||
|
6BB7000
|
heap
|
page read and write
|
||
|
3FC000
|
stack
|
page read and write
|
||
|
2E7000
|
heap
|
page read and write
|
||
|
404000
|
heap
|
page read and write
|
||
|
1D6000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
657D000
|
stack
|
page read and write
|
||
|
8CF5000
|
system
|
page execute and read and write
|
||
|
2420000
|
unkown
|
page read and write
|
||
|
23F0000
|
direct allocation
|
page execute and read and write
|
||
|
22BB000
|
heap
|
page read and write
|
||
|
177000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E9C000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2290000
|
direct allocation
|
page execute and read and write
|
||
|
6760000
|
stack
|
page read and write
|
||
|
713000
|
heap
|
page read and write
|
||
|
4750000
|
unkown
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
33C000
|
unkown
|
page read and write
|
||
|
2AD000
|
heap
|
page read and write
|
||
|
400000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3EDA000
|
unkown
|
page read and write
|
||
|
4E8E000
|
stack
|
page read and write
|
||
|
179000
|
stack
|
page read and write
|
||
|
226000
|
heap
|
page read and write
|
||
|
20F0000
|
heap
|
page read and write
|
||
|
24F0000
|
direct allocation
|
page execute and read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
3BC0000
|
unkown
|
page read and write
|
||
|
40DB000
|
stack
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
803E000
|
unkown
|
page read and write
|
||
|
5F20000
|
heap
|
page read and write
|
||
|
260A000
|
unkown
|
page read and write
|
||
|
790000
|
unclassified section
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3F90000
|
unkown
|
page read and write
|
||
|
290F000
|
stack
|
page read and write
|
||
|
21E5000
|
unkown
|
page read and write
|
||
|
1CFA000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2AF1000
|
unkown
|
page read and write
|
||
|
3C60000
|
unkown
|
page readonly
|
||
|
212E000
|
stack
|
page read and write
|
||
|
47C0000
|
heap
|
page read and write
|
||
|
4200000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2380000
|
unkown
|
page read and write
|
||
|
24E0000
|
unkown
|
page read and write
|
||
|
2430000
|
unkown
|
page read and write
|
||
|
4778000
|
unkown
|
page read and write
|
||
|
34F9000
|
trusted library allocation
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
7BF000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
3C90000
|
unkown
|
page readonly
|
||
|
246E000
|
stack
|
page read and write | page guard
|
||
|
2F4000
|
heap
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
233C000
|
stack
|
page read and write
|
||
|
1C4000
|
heap
|
page read and write
|
||
|
D32000
|
unkown
|
page readonly
|
||
|
3F70000
|
unkown
|
page read and write
|
||
|
36A0000
|
heap
|
page read and write
|
||
|
4040000
|
unkown
|
page readonly
|
||
|
486D000
|
heap
|
page read and write
|
||
|
1B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
23B1000
|
unkown
|
page read and write
|
||
|
26D2000
|
unkown
|
page read and write
|
||
|
740000
|
trusted library allocation
|
page execute and read and write
|
||
|
225E000
|
stack
|
page read and write
|
||
|
2F4000
|
heap
|
page read and write
|
||
|
3D38000
|
unkown
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
7FE3000
|
unkown
|
page read and write
|
||
|
47F8000
|
heap
|
page read and write
|
||
|
1BE0000
|
unkown
|
page readonly
|
||
|
440000
|
trusted library allocation
|
page read and write
|
||
|
2370000
|
direct allocation
|
page execute and read and write
|
||
|
3A50000
|
unkown
|
page readonly
|
||
|
2BA0000
|
unkown
|
page read and write
|
||
|
25E0000
|
unkown
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
1F5D000
|
stack
|
page read and write
|
||
|
5E0F000
|
stack
|
page read and write
|
||
|
48DA000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
470000
|
heap
|
page read and write
|
||
|
4050000
|
unkown
|
page readonly
|
||
|
25E0000
|
unkown
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
4170000
|
unkown
|
page read and write
|
||
|
15D000
|
trusted library allocation
|
page execute and read and write
|
||
|
683B000
|
stack
|
page read and write
|
||
|
36E000
|
stack
|
page read and write
|
||
|
4EFC000
|
stack
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
1FA0000
|
heap
|
page read and write
|
||
|
EB0000
|
direct allocation
|
page execute and read and write
|
||
|
38DF000
|
stack
|
page read and write
|
||
|
3A80000
|
unkown
|
page execute and read and write
|
||
|
422000
|
heap
|
page read and write
|
||
|
1D6000
|
heap
|
page read and write
|
||
|
5ED8000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
C92000
|
unkown
|
page execute read
|
||
|
6A13000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
1B60000
|
heap
|
page read and write
|
||
|
2177000
|
stack
|
page read and write
|
||
|
2CC0000
|
unkown
|
page readonly
|
||
|
2C0000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
2B2000
|
heap
|
page read and write
|
||
|
4D8C000
|
stack
|
page read and write
|
||
|
200000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
unkown
|
page readonly
|
||
|
2CF0000
|
heap
|
page read and write
|
||
|
3C80000
|
unkown
|
page read and write
|
||
|
69F4000
|
heap
|
page read and write
|
||
|
8F80000
|
heap
|
page read and write
|
||
|
1B40000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
5F20000
|
heap
|
page read and write
|
||
|
6B4000
|
heap
|
page read and write
|
||
|
27F000
|
stack
|
page read and write
|
||
|
70A000
|
heap
|
page read and write
|
||
|
243F000
|
stack
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
3870000
|
unkown
|
page read and write
|
||
|
2DB000
|
stack
|
page read and write
|
||
|
7FE3000
|
unkown
|
page read and write
|
||
|
3C70000
|
unkown
|
page readonly
|
||
|
3BF0000
|
unkown
|
page read and write
|
||
|
3B10000
|
unkown
|
page read and write
|
||
|
676B000
|
stack
|
page read and write
|
||
|
8C80000
|
system
|
page execute and read and write
|
||
|
3945000
|
stack
|
page read and write
|
||
|
FC7000
|
direct allocation
|
page execute and read and write
|
||
|
2A0F000
|
stack
|
page read and write
|
||
|
3F00000
|
unkown
|
page read and write
|
||
|
24A1000
|
unkown
|
page read and write
|
||
|
3B97000
|
stack
|
page read and write
|
||
|
83F000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
21F7000
|
heap
|
page read and write
|
||
|
3E98000
|
unkown
|
page read and write
|
||
|
2AC8000
|
stack
|
page read and write
|
||
|
1D10000
|
unkown
|
page readonly
|
||
|
E44000
|
direct allocation
|
page execute and read and write
|
||
|
6910000
|
heap
|
page read and write
|
||
|
2AE0000
|
unkown
|
page read and write
|
||
|
6D7000
|
heap
|
page read and write
|
||
|
FC4000
|
direct allocation
|
page execute and read and write
|
||
|
6760000
|
stack
|
page read and write
|
||
|
1C4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
249F000
|
stack
|
page read and write
|
||
|
1EC000
|
stack
|
page read and write
|
||
|
5FAE000
|
stack
|
page read and write
|
||
|
360C000
|
stack
|
page read and write
|
||
|
7EE4000
|
unkown
|
page read and write
|
||
|
2580000
|
direct allocation
|
page execute and read and write
|
||
|
23B1000
|
unkown
|
page read and write
|
||
|
2A40000
|
unkown
|
page readonly
|
||
|
580000
|
unkown
|
page readonly
|
||
|
8260000
|
trusted library section
|
page read and write
|
||
|
26D2000
|
unkown
|
page read and write
|
||
|
6030000
|
heap
|
page read and write
|
||
|
2387000
|
direct allocation
|
page execute and read and write
|
||
|
382B000
|
stack
|
page read and write
|
||
|
683B000
|
stack
|
page read and write
|
||
|
84AF000
|
system
|
page read and write
|
||
|
3E9C000
|
unkown
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
unkown
|
page readonly
|
||
|
62FE000
|
stack
|
page read and write | page guard
|
||
|
1B7000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
3C00000
|
unkown
|
page read and write
|
||
|
7478000
|
unkown
|
page read and write
|
||
|
27DC000
|
unclassified section
|
page execute and read and write
|
||
|
6F60000
|
heap
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
260E000
|
unkown
|
page read and write
|
||
|
39A0000
|
unkown
|
page execute read
|
||
|
3BD0000
|
unkown
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
2B0000
|
unkown
|
page read and write
|
||
|
E50000
|
direct allocation
|
page execute and read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
2BFB000
|
heap
|
page read and write
|
||
|
3D17000
|
unkown
|
page read and write
|
||
|
39A0000
|
unkown
|
page execute read
|
||
|
287B000
|
unkown
|
page read and write
|
||
|
1B83000
|
heap
|
page read and write
|
||
|
2A5000
|
heap
|
page read and write
|
||
|
170000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B30000
|
unkown
|
page readonly
|
||
|
4846000
|
heap
|
page read and write
|
||
|
900000
|
system
|
page execute and read and write
|
||
|
23E0000
|
unkown
|
page readonly
|
||
|
48D5000
|
heap
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
82B6000
|
system
|
page read and write
|
||
|
5EAE000
|
stack
|
page read and write
|
||
|
2400000
|
direct allocation
|
page execute and read and write
|
||
|
22B0000
|
heap
|
page read and write
|
||
|
E40000
|
direct allocation
|
page execute and read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
2AC8000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
3F00000
|
unkown
|
page read and write
|
||
|
2407000
|
unkown
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
2390000
|
direct allocation
|
page execute and read and write
|
||
|
1FE000
|
stack
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
3D7F000
|
stack
|
page read and write
|
||
|
1FA0000
|
direct allocation
|
page read and write
|
||
|
287B000
|
unkown
|
page read and write
|
||
|
D50000
|
direct allocation
|
page execute and read and write
|
||
|
19D000
|
trusted library allocation
|
page execute and read and write
|
||
|
41FC000
|
stack
|
page read and write
|
||
|
2968000
|
stack
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
2A40000
|
unkown
|
page readonly
|
||
|
7EA0000
|
unkown
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
234E000
|
unkown
|
page read and write
|
||
|
3BB0000
|
unkown
|
page read and write
|
||
|
560000
|
trusted library allocation
|
page read and write
|
||
|
719000
|
heap
|
page read and write
|
||
|
2596000
|
unclassified section
|
page read and write
|
||
|
4A6F000
|
stack
|
page read and write
|
||
|
7508000
|
unkown
|
page read and write
|
||
|
310000
|
heap
|
page read and write
|
||
|
1DBF000
|
stack
|
page read and write
|
||
|
708000
|
heap
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
7478000
|
unkown
|
page read and write
|
||
|
488D000
|
heap
|
page read and write
|
||
|
24F1000
|
trusted library allocation
|
page read and write
|
||
|
32D000
|
stack
|
page read and write
|
||
|
230000
|
trusted library allocation
|
page read and write
|
||
|
1B65000
|
heap
|
page read and write
|
||
|
1D30000
|
unkown
|
page readonly
|
||
|
2BD0000
|
unkown
|
page read and write
|
||
|
4856000
|
heap
|
page read and write
|
||
|
22B8000
|
heap
|
page read and write
|
||
|
6B90000
|
heap
|
page read and write
|
||
|
6B7E000
|
stack
|
page read and write
|
||
|
ACDF000
|
stack
|
page read and write
|
||
|
8020000
|
unkown
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
E47000
|
direct allocation
|
page execute and read and write
|
||
|
3AC0000
|
unkown
|
page read and write
|
||
|
3C6000
|
heap
|
page read and write
|
||
|
41FC000
|
stack
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
84B7000
|
heap
|
page read and write
|
||
|
64D0000
|
heap
|
page read and write
|
||
|
3B90000
|
stack
|
page read and write
|
||
|
8160000
|
heap
|
page read and write
|
||
|
2D95000
|
heap
|
page read and write
|
||
|
3B92000
|
stack
|
page read and write
|
||
|
3AF0000
|
unkown
|
page read and write
|
||
|
48DA000
|
heap
|
page read and write
|
||
|
50C000
|
stack
|
page read and write
|
||
|
39D000
|
stack
|
page read and write
|
||
|
3AA1000
|
unkown
|
page read and write
|
||
|
3660000
|
heap
|
page read and write
|
||
|
3D38000
|
unkown
|
page read and write
|
||
|
2607000
|
unkown
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
3AD0000
|
unkown
|
page read and write
|
||
|
86DD000
|
heap
|
page read and write
|
||
|
2507000
|
direct allocation
|
page execute and read and write
|
||
|
172000
|
trusted library allocation
|
page read and write
|
||
|
3F90000
|
unkown
|
page read and write
|
||
|
866000
|
unclassified section
|
page execute and read and write
|
||
|
705E000
|
stack
|
page read and write
|
||
|
714000
|
heap
|
page read and write
|
||
|
23C1000
|
unkown
|
page read and write
|
||
|
246F000
|
stack
|
page read and write
|
||
|
31E000
|
unkown
|
page read and write
|
||
|
4824000
|
heap
|
page read and write
|
||
|
30E000
|
stack
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
60CE000
|
stack
|
page read and write
|
||
|
2AE0000
|
unkown
|
page read and write
|
||
|
1CD2000
|
unkown
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
ED0000
|
direct allocation
|
page execute and read and write
|
||
|
714000
|
heap
|
page read and write
|
||
|
69F0000
|
heap
|
page read and write
|
||
|
2D99000
|
heap
|
page read and write
|
||
|
2B0000
|
unkown
|
page read and write
|
||
|
234E000
|
unkown
|
page read and write
|
||
|
2B00000
|
unkown
|
page readonly
|
||
|
3ED8000
|
unkown
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
1CA000
|
heap
|
page read and write
|
||
|
3A60000
|
unkown
|
page readonly
|
||
|
69F4000
|
heap
|
page read and write
|
||
|
2C90000
|
unkown
|
page readonly
|
||
|
3900000
|
heap
|
page read and write
|
||
|
3A4E000
|
stack
|
page read and write
|
||
|
74DE000
|
unkown
|
page read and write
|
||
|
252D000
|
trusted library allocation
|
page read and write
|
||
|
3AA1000
|
unkown
|
page read and write
|
||
|
226F000
|
stack
|
page read and write
|
||
|
7497000
|
unkown
|
page read and write
|
||
|
682F000
|
stack
|
page read and write
|
||
|
3BB0000
|
unkown
|
page read and write
|
||
|
580000
|
unkown
|
page readonly
|
||
|
6250000
|
heap
|
page read and write
|
||
|
3F80000
|
unkown
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
3D10000
|
unkown
|
page read and write
|
||
|
CC000
|
stack
|
page read and write
|
||
|
1D20000
|
unkown
|
page readonly
|
||
|
3C80000
|
unkown
|
page read and write
|
||
|
1F0000
|
trusted library allocation
|
page read and write
|
||
|
2968000
|
stack
|
page read and write
|
||
|
1D10000
|
unkown
|
page readonly
|
||
|
6699000
|
stack
|
page read and write
|
||
|
18C000
|
stack
|
page read and write
|
||
|
720000
|
unkown
|
page readonly
|
||
|
3F70000
|
unkown
|
page read and write
|
||
|
4160000
|
unkown
|
page read and write
|
||
|
C90000
|
unkown
|
page readonly
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
7497000
|
unkown
|
page read and write
|
There are 727 hidden memdumps, click here to show them.