Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
NebulardGame (1).exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
|
Certificate, Version=3
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\D3DSCache\12484ff77995dddb\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\D3DSCache\12484ff77995dddb\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\D3DSCache\12484ff77995dddb\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
|
Matlab v4 mat-file (little endian) (, numeric, rows 0, columns 16, imaginary
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\LICENSE.electron.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\LICENSES.chromium.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\chrome_100_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\chrome_200_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\d3dcompiler_47.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\ffmpeg.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\icudtl.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\libEGL.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\libGLESv2.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\locales\af.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\locales\am.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\locales\ar.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\locales\bg.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\snapshot_blob.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\v8_context_snapshot.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\vk_swiftshader.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\vk_swiftshader_icd.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Programs\Nebulard\vulkan-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\88bf0dad-eaee-439a-92dd-46be6ea64fae.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 227691
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\d7997969-7b63-4c16-8a08-c4833b17c879.tmp.ico
|
MS Windows icon resource - 8 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\LICENSE.electron.txt
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\LICENSES.chromium.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\Nebulard.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\chrome_100_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\chrome_200_percent.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\d3dcompiler_47.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\ffmpeg.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\icudtl.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\libEGL.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\libGLESv2.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\af.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\am.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ar.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\bg.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\bn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ca.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\cs.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\da.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\de.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\el.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\en-GB.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\en-US.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\es-419.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\es.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\et.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\fa.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\fi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\fil.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\fr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\gu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\he.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\hi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\hr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\hu.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\id.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\it.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ja.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\kn.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ko.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\lt.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\lv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ml.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\mr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ms.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\nb.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\nl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\pl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\pt-BR.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\pt-PT.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ro.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ru.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\sk.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\sl.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\sr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\sv.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\sw.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ta.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\te.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\th.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\tr.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\uk.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\ur.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\vi.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\zh-CN.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\locales\zh-TW.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\resources.pak
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\resources\app.asar
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\resources\elevate.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\snapshot_blob.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\v8_context_snapshot.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\vk_swiftshader.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\vk_swiftshader_icd.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\7z-out\vulkan-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\SpiderBanner.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\StdUtils.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\app-64.7z
|
7-zip archive data, version 0.4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\installerHeaderico.ico
|
MS Windows icon resource - 8 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\nsExec.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsiF1F9.tmp\nsis7z.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.acl
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.dic
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Spelling\en-GB\default.exc
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\812dde98-0ae3-4b0b-8219-751d9b2bbcf2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\99f31474-dcee-44da-bb43-b02cb973041f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Cache\Cache_Data\data_1
|
dBase III DBT, next free block index 3238316739, block length 1024
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Cache\Cache_Data\f_000001
|
Web Open Font Format (Version 2), TrueType, length 37828, version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Code Cache\wasm\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\GPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Network\28e91880-3a02-4c80-88ee-eb6b6ee06329.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3039004, file counter 3, database pages 5, cookie 0x3, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Network\Network Persistent State~RF60b10d.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Network\a968dd1c-a500-48f3-b400-15bb59689691.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Nebulard\Preferences (copy)
|
JSON data
|
dropped
|
There are 136 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\NebulardGame (1).exe
|
"C:\Users\user\Desktop\NebulardGame (1).exe"
|
 |
|
|
C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe
|
"C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe"
|
|
|
|
C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe
|
"C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\Nebulard"
--gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA=
--mojo-platform-channel-handle=1556 --field-trial-handle=1768,i,7681473182926348413,12939458288127095386,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
|
|
|
|
C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe
|
"C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\Nebulard" --mojo-platform-channel-handle=1932
--field-trial-handle=1768,i,7681473182926348413,12939458288127095386,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:8
|
|
|
|
C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe
|
"C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\Nebulard"
--app-path="C:\Users\user\AppData\Local\Programs\Nebulard\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process
--lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --time-ticks-at-unix-epoch=-1732378958099987
--launch-time-ticks=6262912249 --mojo-platform-channel-handle=2072 --field-trial-handle=1768,i,7681473182926348413,12939458288127095386,131072
--disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
|
|
|
|
C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe
|
"C:\Users\user\AppData\Local\Programs\Nebulard\Nebulard.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140
--gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\Nebulard"
--gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA=
--mojo-platform-channel-handle=3464 --field-trial-handle=1768,i,7681473182926348413,12939458288127095386,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Nebulard.exe" | %SYSTEMROOT%\System32\find.exe "Nebulard.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\tasklist.exe
|
tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq Nebulard.exe"
|
||
|
C:\Windows\SysWOW64\find.exe
|
C:\Windows\System32\find.exe "Nebulard.exe"
|
||
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /d /s /c "chcp"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\chcp.com
|
chcp
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://mx.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://uk.search.yahoo.com/favicon.icohttps://uk.search.yahoo.com/search
|
unknown
|
||
|
https://fr.search.yahoo.com/favicon.ico
|
unknown
|
||
|
https://support.google.com/chrome/answer/6098869
|
unknown
|
||
|
https://search.seznam.sk/favicon.ico
|
unknown
|
||
|
https://hk.search.yahoo.com/search
|
unknown
|
||
|
https://yastatic.net/lego/_/rBTjd6UOPk5913OSn5ZQVYMTQWQ.ico
|
unknown
|
||
|
http://i.wp.pl/a/i/stg/500/favicon.icohttp://szukaj.wp.pl/szukaj.html?q=
|
unknown
|
||
|
https://suggestplugin.gmx.co.uk/s?q=
|
unknown
|
||
|
https://ca.search.yahoo.com/favicon.ico
|
unknown
|
||
|
https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
|
unknown
|
||
|
http://www.search.delta-search.com/?q=
|
unknown
|
||
|
http://www.walla.co.il/favicon.icohttp://search.walla.co.il/?q=
|
unknown
|
||
|
https://www.givero.com/suggest?q=
|
unknown
|
||
|
https://semver.org/
|
unknown
|
||
|
http://www.neti.ee/favicon.icohttp://www.neti.ee/cgi-bin/otsing?query=
|
unknown
|
||
|
https://yandex.com.tr/gorsel/search?rpt=imageviewhttps://www.yandex.com.tr/chrome/newtab
|
unknown
|
||
|
https://chromium.googlesource.com/chromium/src/
|
unknown
|
||
|
https://www.so.com/favicon.ico
|
unknown
|
||
|
https://dk.search.yahoo.com/favicon.icohttps://dk.search.yahoo.com/search
|
unknown
|
||
|
https://at.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://www.search.delta-search.com/home?q=
|
unknown
|
||
|
https://malaysia.search.yahoo.com/search
|
unknown
|
||
|
http://static.mediacentrum.sk/katalog/atlas.sk/images/favicon.icohttps://hladaj.atlas.sk/fulltext/?p
|
unknown
|
||
|
http://www.conduit.com/favicon.ico
|
unknown
|
||
|
https://vn.search.yahoo.com/search
|
unknown
|
||
|
https://github.com/tensorflow/models
|
unknown
|
||
|
https://github.com/KhronosGroup/SPIRV-Headers.git
|
unknown
|
||
|
https://www.ask.com/web?q=
|
unknown
|
||
|
https://ph.search.yahoo.com/search
|
unknown
|
||
|
http://www.nongnu.org/freebangfont/downloads.html#mukti
|
unknown
|
||
|
http://www.conduit.com/favicon.icohttp://www.conduit.com/search?q=
|
unknown
|
||
|
https://yastatic.net/lego/_/pDu9OWAQKB0s2J9IojKpiS_Eho.ico
|
unknown
|
||
|
https://tw.search.yahoo.com/favicon.icohttps://tw.search.yahoo.com/search
|
unknown
|
||
|
https://github.com/tensorflow/tflite-support
|
unknown
|
||
|
http://www1.delta-search.com/?q=
|
unknown
|
||
|
https://sqlite.org/
|
unknown
|
||
|
http://www.delfi.lt/paieska/?q=
|
unknown
|
||
|
https://www.delfi.lt/favicon.icohttps://www.delfi.lt/paieska/?q=
|
unknown
|
||
|
https://wiki.debian.org/XDGBaseDirectorySpecification#state
|
unknown
|
||
|
http://www.ecma-international.org/ecma-262/5.1/#sec-8.6)
|
unknown
|
||
|
http://search.imesh.net/music?hl=
|
unknown
|
||
|
https://qc.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://sug.so.360.cn/suggest?encodein=
|
unknown
|
||
|
https://cl.search.yahoo.com/favicon.ico
|
unknown
|
||
|
https://yandex.kz/images/search/?rpt=imageview
|
unknown
|
||
|
https://github.com/libuv/libuv/pull/1088
|
unknown
|
||
|
https://coccoc.com/search#query=
|
unknown
|
||
|
https://www.yandex.by/chrome/newtab
|
unknown
|
||
|
https://ph.search.yahoo.com/favicon.ico
|
unknown
|
||
|
http://www.walla.co.il/favicon.ico
|
unknown
|
||
|
https://go.mail.ru/chrome/newtab/
|
unknown
|
||
|
https://id.search.yahoo.com/search
|
unknown
|
||
|
https://uk.search.yahoo.com/search
|
unknown
|
||
|
http://www.neti.ee/cgi-bin/otsing?query=
|
unknown
|
||
|
https://gitlab.freedesktop.org/xdg/xdgmime
|
unknown
|
||
|
https://petalsearch.com/search?query=
|
unknown
|
||
|
http://ok.hu/gfx/favicon.icohttp://ok.hu/katalogus?q=
|
unknown
|
||
|
http://nodejs.org)
|
unknown
|
||
|
https://qc.search.yahoo.com/favicon.icohttps://qc.search.yahoo.com/search
|
unknown
|
||
|
https://ph.search.yahoo.com/favicon.icohttps://ph.search.yahoo.com/search
|
unknown
|
||
|
https://oceanhero.today/web?q=
|
unknown
|
||
|
https://caolan.github.io/async/
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.ico
|
unknown
|
||
|
https://github.com/wasdk/wasmparser
|
unknown
|
||
|
https://github.com/caolan/async.git
|
unknown
|
||
|
http://ecma-international.org/ecma-262/7.0/#sec-tolength).
|
unknown
|
||
|
http://search.conduit.com/Results.aspx?q=
|
unknown
|
||
|
http://imgs.sapo.pt/images/sapo.icohttp://pesquisa.sapo.pt/?q=
|
unknown
|
||
|
https://nl.search.yahoo.com/search
|
unknown
|
||
|
https://github.com/nodejs/node/issues/8987
|
unknown
|
||
|
https://in.search.yahoo.com/favicon.icohttps://in.search.yahoo.com/search
|
unknown
|
||
|
https://search.goo.ne.jp/cdn/common/img/favicon.ico
|
unknown
|
||
|
https://dejavu-fonts.github.io/Download.html
|
unknown
|
||
|
http://ak.apnstatic.com/media/images/favicon_search-results.icohttp://dts.search-results.com/sr?lng=
|
unknown
|
||
|
https://www.sogou.com/images/logo/old/favicon.ico
|
unknown
|
||
|
https://pagure.io/lohit
|
unknown
|
||
|
https://in.search.yahoo.com/search
|
unknown
|
||
|
http://search.imesh.net/favicon.ico
|
unknown
|
||
|
https://pe.search.yahoo.com/favicon.icohttps://pe.search.yahoo.com/search
|
unknown
|
||
|
http://arianna.libero.it/search/abin/integrata.cgi?query=
|
unknown
|
||
|
https://m.so.com/s?ie=
|
unknown
|
||
|
http://imgs.sapo.pt/images/sapo.ico
|
unknown
|
||
|
https://search.privacywall.org/suggest.php?q=
|
unknown
|
||
|
https://de.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://github.com/web-animations/web-animations-js
|
unknown
|
||
|
https://ar.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://labs.creativecommons.org/licenses/zero-waive/1.0/us/legalcode>
|
unknown
|
||
|
https://www.yandex.ua/chrome/newtab
|
unknown
|
||
|
https://id.search.yahoo.com/favicon.ico
|
unknown
|
||
|
https://search.daum.net/search?w=tot&DA=JU5&q=
|
unknown
|
||
|
https://search.naver.com/search.naver?ie=
|
unknown
|
||
|
https://search.daum.net/favicon.icohttps://search.daum.net/search?w=tot&DA=JU5&q=
|
unknown
|
||
|
http://nigma.ru/themes/nigma/img/favicon.icohttp://nigma.ru/?s=
|
unknown
|
||
|
https://sindresorhus.com
|
unknown
|
||
|
http://buscador.terra.es/Default.aspx?source=Search&ca=s&query=
|
unknown
|
||
|
https://search.yahoo.co.jp/search
|
unknown
|
||
|
https://au.search.yahoo.com/favicon.ico
|
unknown
|
||
|
http://www.yhs.delta-search.com/?q=
|
unknown
|
||
|
https://search.yahoo.com?fr=crmas_sfp
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
|
a.nel.cloudflare.com
|
35.190.80.1
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
x1.i.lencr.org
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
35.190.80.1
|
a.nel.cloudflare.com
|
United States
|
||
|
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\9564a7c5-e811-5054-8531-3e0680b94024
|
InstallLocation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\9564a7c5-e811-5054-8531-3e0680b94024
|
KeepShortcuts
|
||
|
HKEY_CURRENT_USER\SOFTWARE\9564a7c5-e811-5054-8531-3e0680b94024
|
ShortcutName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
DisplayName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
UninstallString
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
QuietUninstallString
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
DisplayVersion
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
DisplayIcon
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
Publisher
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
NoModify
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
NoRepair
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\9564a7c5-e811-5054-8531-3e0680b94024
|
EstimatedSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{33154C99-BF49-443D-A73C-303A23ABBE97} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{5985FC23-2588-4D9A-B38B-7E7AFFAB3155} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
|
Unpacker
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
|
LastUpdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
|
AutoIt3Script
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
|
WMP11.AssocFile.AVI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
|
CABFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
|
CSSfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
|
Excel.CSV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
|
ddsfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
|
dllfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
|
Word.Document.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
|
Word.DocumentMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
|
Word.Document.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
|
Word.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
|
Word.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
|
Word.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
|
emffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
|
exefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
|
WMP11.AssocFile.FLAC
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
|
fonfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
|
giffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
|
icofile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
|
inffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
|
inifile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
|
pjpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
|
lnkfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
|
WMP11.AssocFile.m3u
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
|
WMP11.AssocFile.M4A
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
|
WMP11.AssocFile.MK3D
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
|
WMP11.AssocFile.MKA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
|
WMP11.AssocFile.MKV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
|
WMP11.AssocFile.MOV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
|
Outlook.File.msg.15
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
|
ocxfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
|
PowerPoint.OpenDocumentPresentation.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
|
Excel.OpenDocumentSpreadsheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
|
Word.OpenDocumentText.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
|
otffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
|
pngfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
|
PowerPoint.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
|
PowerPoint.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
|
PowerPoint.Template.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
|
PowerPoint.Addin.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
|
PowerPoint.SlideShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
|
PowerPoint.SlideShow.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
|
PowerPoint.Show.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
|
PowerPoint.ShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
|
PowerPoint.Show.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
|
Microsoft.PowerShellScript.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
|
Microsoft.PowerShellXMLData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
|
Microsoft.PowerShellData.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
|
Microsoft.PowerShellModule.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
|
Microsoft.PowerShellSessionConfiguration.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
|
rlefile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
|
Word.RTF.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
|
SHCmdFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
|
SearchFolder
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
|
shtmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
|
PowerPoint.SlideMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
|
PowerPoint.Slide.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
|
sysfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
|
ttcfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
|
ttffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
|
txtfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
|
bootstrap.vsto.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
|
WMP11.AssocFile.WAV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
|
WMP11.AssocFile.WAX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
|
WMP11.AssocFile.WMA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
|
wmffile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
|
WMP11.AssocFile.WMV
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
|
WMP11.AssocFile.WPL
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
|
WMP11.AssocFile.WVX
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
|
Excel.AddInMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
|
Excel.Sheet.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
|
Excel.SheetBinaryMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
|
Excel.SheetMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
|
Excel.Sheet.12
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
|
Excel.Template.8
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
|
Excel.TemplateMacroEnabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
|
Excel.Template
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
|
xmlfile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
|
xslfile
|
There are 173 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7950000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED279000
|
unkown
|
page readonly
|
||
|
11C7000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A64000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
B629000
|
stack
|
page read and write
|
||
|
FFC0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78A121000
|
unkown
|
page execute read
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
432F000
|
stack
|
page read and write
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
7FF78F898000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF787920000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
FF00000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
5231000
|
heap
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED20D000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
7FF5ED886000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B728000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ECED2000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78F83A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
31B7000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
2515000
|
heap
|
page read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
24A0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F392000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
FEC0000
|
unkown
|
page read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
7FF78F3A2000
|
unkown
|
page readonly
|
||
|
7FF5ED882000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF788321000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
B7F000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8D90000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
503B000
|
heap
|
page read and write
|
||
|
FF08000
|
unkown
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
4FF000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
11C1000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2E90000
|
direct allocation
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
318D000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF789721000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B170000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78A121000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
FF20000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF787921000
|
unkown
|
page execute read
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3055000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9139000
|
stack
|
page read and write
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
5A9000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9ED000
|
heap
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2E15000
|
heap
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
A4E000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78E3B9000
|
unkown
|
page execute read
|
||
|
7FF78AB21000
|
unkown
|
page execute read
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
143B000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5140000
|
direct allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED1B9000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78F389000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
FFCA000
|
heap
|
page read and write
|
||
|
7FF78AB21000
|
unkown
|
page execute read
|
||
|
9921000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
2F50000
|
trusted library allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F83A000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F84A000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
31B5000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5268000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2F10000
|
direct allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
11B0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
273F000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
818D000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3204000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF787921000
|
unkown
|
page execute read
|
||
|
11CC000
|
unkown
|
page read and write
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5557000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2B90000
|
trusted library allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FF06000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C7B000
|
heap
|
page read and write
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED6B8000
|
unkown
|
page readonly
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9F26000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F84A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
796000
|
heap
|
page read and write
|
||
|
5910000
|
direct allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
41E000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9070000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31F6000
|
heap
|
page read and write
|
||
|
59F000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DE1000
|
heap
|
page read and write
|
||
|
4CF0000
|
direct allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
CB7F000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
469000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78D9B9000
|
unkown
|
page execute read
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78B1B9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2B90000
|
direct allocation
|
page read and write
|
||
|
2B2E000
|
unkown
|
page read and write
|
||
|
7FF78E3B9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3319000
|
stack
|
page read and write
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
31B6000
|
heap
|
page read and write
|
||
|
A29000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
3197000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
345D000
|
stack
|
page read and write
|
||
|
A23000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A3C000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
31FD000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78D9B9000
|
unkown
|
page execute read
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
3197000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
522D000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
318D000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78F389000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2E14000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78CFB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
457000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31A7000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8FB9000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2B8E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF788D21000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
4F4F000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2E7C000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
7FF789721000
|
unkown
|
page execute read
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
5780000
|
direct allocation
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F389000
|
unkown
|
page readonly
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
379E000
|
unkown
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
AB51000
|
unkown
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
BA4E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3659000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED28E000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F392000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
9D63000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4E3C000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4F8E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED644000
|
unkown
|
page readonly
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4FF0000
|
heap
|
page read and write
|
||
|
33C3000
|
unkown
|
page read and write
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FFC2000
|
heap
|
page read and write
|
||
|
2DF2000
|
heap
|
page read and write
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C8C000
|
heap
|
page read and write
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
241C000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3178000
|
heap
|
page read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
7FF788321000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
7FF5ED1CF000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
2DA8000
|
heap
|
page read and write
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
4E31000
|
heap
|
page read and write
|
||
|
1371000
|
unkown
|
page read and write
|
||
|
412000
|
unkown
|
page read and write
|
||
|
5234000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
5F3000
|
unkown
|
page readonly
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
795000
|
heap
|
page read and write
|
||
|
7FF78C5B9000
|
unkown
|
page execute read
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
5377000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
923E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78F898000
|
unkown
|
page readonly
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FAD2000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
2F4F000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
4EF0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
3010000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
52F4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FF0C000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
5233000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7978000
|
unkown
|
page read and write
|
||
|
4C70000
|
direct allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9FD000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7E10000
|
unkown
|
page read and write
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8F30000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C5B000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
5E4000
|
unkown
|
page readonly
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4ECF000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
52A5000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AF09000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
FADB000
|
unkown
|
page read and write
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FA53000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
EE10000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
7FF788321000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2E14000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4FB000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
308A000
|
stack
|
page read and write
|
||
|
C5A3000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FA14000
|
unkown
|
page read and write
|
||
|
4330000
|
trusted library allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78AB21000
|
unkown
|
page execute read
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
31FB000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF788321000
|
unkown
|
page execute read
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED1D6000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
CAF2000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3748000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9E1000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
FAE9000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED210000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
A63000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78BBB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
7FF78C5B9000
|
unkown
|
page execute read
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
8107000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78C5B9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5802000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
295F000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
26AD000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
A33000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4F0E000
|
stack
|
page read and write
|
||
|
7953000
|
unkown
|
page read and write
|
||
|
7FF78B1B9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
31FF000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
5FB000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F392000
|
unkown
|
page readonly
|
||
|
CA16000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
4FCF000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7695000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3209000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
2C65000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
318D000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2B90000
|
direct allocation
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A53000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A11000
|
heap
|
page read and write
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
5FB000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2518000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
523E000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
FA9B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
31A9000
|
heap
|
page read and write
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
3191000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
523D000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED530000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A46000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2E3C000
|
stack
|
page read and write
|
||
|
AB64000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
30EF000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
523F000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3738000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
988000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4E3000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
A21000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
34E9000
|
stack
|
page read and write
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF787920000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DDB000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C75000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8860000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78B1B9000
|
unkown
|
page execute read
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B7AE000
|
stack
|
page read and write
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
59F000
|
unkown
|
page readonly
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
943B000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
45D000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
CB42000
|
unkown
|
page read and write
|
||
|
9DD000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2A89000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2E4F000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DDB000
|
heap
|
page read and write
|
||
|
2DDC000
|
heap
|
page read and write
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
CAF4000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78EDB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
26FE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3153000
|
unkown
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
523E000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3197000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF787921000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
7FF788D21000
|
unkown
|
page execute read
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
883E000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31F7000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED1CB000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF788D21000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A1A000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
2EB0000
|
heap
|
page read and write
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
2DD4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
FA96000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
24EE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
5235000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
CB97000
|
unkown
|
page read and write
|
||
|
9CC000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78F898000
|
unkown
|
page readonly
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
7FF78D9B9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C0C000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1350000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
CAEE000
|
unkown
|
page read and write
|
||
|
1340000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
4D30000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
CB4E000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A18000
|
heap
|
page read and write
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
40E000
|
unkown
|
page read and write
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
11D1000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
523D000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4D38000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78BBB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
91B9000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2510000
|
heap
|
page read and write
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
448000
|
unkown
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4EB1000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED68B000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5A9000
|
unkown
|
page readonly
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
36D5000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F3A2000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF787920000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF789721000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2454000
|
heap
|
page read and write
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
11E0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
33B9000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78CFB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A64000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
300F000
|
stack
|
page read and write
|
||
|
7FF787921000
|
unkown
|
page execute read
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A2E000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED674000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78A121000
|
unkown
|
page execute read
|
||
|
A0B000
|
heap
|
page read and write
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31F6000
|
heap
|
page read and write
|
||
|
CAF9000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A14000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F84A000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
27F0000
|
heap
|
page read and write
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
795000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31FE000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
FEFD000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
26BF000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
9FB000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
8D6E000
|
stack
|
page read and write
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2C78000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A1E000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
514F000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
31FE000
|
heap
|
page read and write
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3050000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
31F6000
|
heap
|
page read and write
|
||
|
33C0000
|
unkown
|
page read and write
|
||
|
A38000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DD9000
|
heap
|
page read and write
|
||
|
9E4000
|
heap
|
page read and write
|
||
|
896B000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5F3000
|
unkown
|
page readonly
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
7FF78CFB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
5236000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78E3B9000
|
unkown
|
page execute read
|
||
|
93BE000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AB06000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
AB67000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78EDB9000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
31FC000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
30A0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
90C000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF788D21000
|
unkown
|
page execute read
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
FEF1000
|
unkown
|
page read and write
|
||
|
7FF789721000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
FB14000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
319B000
|
heap
|
page read and write
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
512F000
|
stack
|
page read and write
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2C91000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
4FF1000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF78EDB9000
|
unkown
|
page execute read
|
||
|
313E000
|
stack
|
page read and write
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
1CD000
|
stack
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
2DD2000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
318F000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
319C000
|
heap
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
CB37000
|
unkown
|
page read and write
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
9D4000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A5C000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
18A0000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
2DE6000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F83A000
|
unkown
|
page readonly
|
||
|
5E4000
|
unkown
|
page readonly
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78BBB9000
|
unkown
|
page execute read
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
2C91000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF787920000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
796000
|
heap
|
page read and write
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF78F3A2000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
503C000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
794000
|
heap
|
page read and write
|
||
|
4EB1000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
794000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
||
|
796000
|
heap
|
page read and write
|
There are 3221 hidden memdumps, click here to show them.