Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
yRqHWQ91dT.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\audiodent.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Config.Msi\530d7b.rbs
|
data
|
modified
|
 |
|
|
C:\Users\user\AppData\Local\Temp\CssValidatorInstallerTemp\CssValidator.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page:
1252, Revision Number: {2E68BFCA-136D-489B-99E7-02370AE416AC}, Number of Words: 10, Subject: CSS Validator, Author: Hemoco
bvba, Name of Creating Application: Advanced Installer 18.7 build 0a7fdead, Template: ;1033, Title: Installation Database,
Keywords: Installer, MSI, Database, Number of Pages: 200
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\LICENSE.electron.txt
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\License.txt
|
ASCII text, with very long lines, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\ReadMe.txt
|
ISO-8859 text, with CRLF, CR line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\SQLitePCLRaw.batteries_v2.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\SQLitePCLRaw.core.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\SQLitePCLRaw.provider.dynamic_cdecl.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\SQLitePCLRaw.provider.e_sqlcipher.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\Typography.GlyphLayout.dll
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\assets\goal_achieved.png
|
PNG image data, 889 x 886, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\assets\goal_progress.png
|
PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\libEGL.dll
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\qclp2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\zmq
|
PDF document, version 1.5
|
dropped
|
|
|
|
C:\Windows\Installer\530d79.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page:
1252, Revision Number: {2E68BFCA-136D-489B-99E7-02370AE416AC}, Number of Words: 10, Subject: CSS Validator, Author: Hemoco
bvba, Name of Creating Application: Advanced Installer 18.7 build 0a7fdead, Template: ;1033, Title: Installation Database,
Keywords: Installer, MSI, Database, Number of Pages: 200
|
dropped
|
|
|
|
C:\Windows\Installer\530d7c.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page:
1252, Revision Number: {2E68BFCA-136D-489B-99E7-02370AE416AC}, Number of Words: 10, Subject: CSS Validator, Author: Hemoco
bvba, Name of Creating Application: Advanced Installer 18.7 build 0a7fdead, Template: ;1033, Title: Installation Database,
Keywords: Installer, MSI, Database, Number of Pages: 200
|
dropped
|
|
|
|
C:\Windows\Installer\MSI14BC.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI17DA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSI1C62.tmp
|
data
|
dropped
|
|
|
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
dropped
|
|
There are 13 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\yRqHWQ91dT.exe
|
'C:\Users\user\Desktop\yRqHWQ91dT.exe'
|
|
|
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\audiodent.exe
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\audiodent.exe
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
msiexec /i 'C:\Users\user\AppData\Local\Temp\CssValidatorInstallerTemp\CssValidator.msi' /qn /norestart
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 7A8FDEF089EF820D04B2E0639E42DA17
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://bitbucket.org/Coin3D/
|
unknown
|
|
|
|
https://get.updates.avast.cn/I
|
unknown
|
|
|
|
https://huyasos.in/sreamble/1Cy_2BOoNkPfZNI/cBFrvY8_2BuNL_2FRI/EvMKECOy8/d_2Bs3isSO64yzYzMTFW/VpmMJy
|
unknown
|
|
|
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
|
|
|
http://apache.org/xml/UnknownNSUCS4UCS-4UCS_4UTF-32ISO-10646-UCS-4UCS-4
|
unknown
|
|
|
|
https://bitbucket.org/Coin3D/error
|
unknown
|
|
|
|
https://www.thawte.com/cps0/
|
unknown
|
|
|
|
http://www.grsoftware.net/downloads/grbackpro/grbakpro.pdf
|
unknown
|
|
|
|
https://www.thawte.com/repository0W
|
unknown
|
|
|
|
https://github.com/ericsink/SQLitePCL.rawX
|
unknown
|
|
|
|
http://apache.org/xml/messages/XML4CErrors#FIXEDEBCDIC-CP-USIBM037IBM1047IBM-1047IBM1140IBM01140CCSI
|
unknown
|
|
|
|
https://www.advancedinstaller.com
|
unknown
|
|
|
|
https://www.grsoftware.net
|
unknown
|
|
|
|
https://huyasos.in/
|
unknown
|
|
|
|
https://github.com/ericsink/SQLitePCL.raw
|
unknown
|
|
|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
|
|
|
https://github.com/ericsink/SQLitePCL.rawF
|
unknown
|
|
|
|
http://www.grsoftware.net/home/buynow.html
|
unknown
|
|
|
|
https://huyasos.in/sreamble/1Cy_2BOoNkPfZNI/cBFrvY8_2BuNL_2FRI/EvMKECOy8/d_2Bs3isSO
|
unknown
|
|
|
|
https://get.updates.avast.cn/
|
unknown
|
|
|
|
https://get.updates.avast.cn/sreamble/L9cG8Vo2GQztGm0qovd/ps29AL3_2BtYxlbeUwyhe0/qJy1kBhZdmLJX/23gke
|
unknown
|
|
|
|
http://apache.org/xml/messages/XMLValidityWINDOWS-1252XERCES-XMLCHhttp://apache.org/xml/messages/XML
|
unknown
|
|
|
|
https://groups.google.com/forum/#
|
unknown
|
|
|
|
http://www.mega-nerd.com/libsndfile/
|
unknown
|
|
There are 14 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
huyasos.in
|
185.98.87.196
|
|
|
|
get.updates.avast.cn
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.98.87.196
|
huyasos.in
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\530d7b.rbs
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\530d7b.rbsLow
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\C7DFECAB2422ADB488AC72E80ABFCA17
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\E6354F1EA2D744F418EE27B7F501E508
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\BB0AE4385308BCA4396671C42C54FFCA
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\3C26504FFC5E57941B82C04BD3EB1047
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\B76E123CD530DD944B5DB425587D9BD7
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\B27F58F74A3E48846A2D0F7586D17C01
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\295DB275EB32912478A4F9C34CBAF9CE
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\FD4CEEBC27EF23A4BA9B36A2E54024CD
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\1AB8B54F26EF31A4CB33814B7F83CAF4
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\5004894AC3C54B8419A6E0CC09824DCD
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\47E7577538A53DE4580D220EE640EF3A
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\8EDD99B2A95C2724A805E468BF6C7FAA
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Hemoco bvba\
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Hemoco bvba\CSS Validator\assets\
|
|
|
|
HKEY_CURRENT_USER\Software\Hemoco bvba\CSS Validator
|
Version
|
|
|
|
HKEY_CURRENT_USER\Software\Hemoco bvba\CSS Validator
|
Path
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
LocalPackage
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
AuthorizedCDFPrefix
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Comments
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Contact
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
DisplayVersion
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
HelpLink
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
HelpTelephone
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
InstallDate
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
InstallLocation
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
InstallSource
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
ModifyPath
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Publisher
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Readme
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Size
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
EstimatedSize
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
UninstallString
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
URLInfoAbout
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
URLUpdateInfo
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
VersionMajor
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
VersionMinor
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
WindowsInstaller
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Version
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
Language
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
AuthorizedCDFPrefix
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Comments
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Contact
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
DisplayVersion
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
HelpLink
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
HelpTelephone
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
InstallDate
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
InstallLocation
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
InstallSource
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
ModifyPath
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Publisher
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Readme
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Size
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
EstimatedSize
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
UninstallString
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
URLInfoAbout
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
URLUpdateInfo
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
VersionMajor
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
VersionMinor
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
WindowsInstaller
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Version
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
Language
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F80B55E655A7ADE4DB57AC1FAA7AFA78
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\InstallProperties
|
DisplayName
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C4E8105-89CF-42DC-B547-B756AB6C9EC5}
|
DisplayName
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\5018E4C8FC98CD245B747B65BAC6E95C
|
MainFeature
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\Features
|
MainFeature
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\5018E4C8FC98CD245B747B65BAC6E95C\Patches
|
AllPatches
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
ProductName
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
PackageCode
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
Language
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
Version
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
Assignment
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
AdvertiseFlags
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
InstanceType
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
AuthorizedLUAApp
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
DeploymentFlags
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\F80B55E655A7ADE4DB57AC1FAA7AFA78
|
5018E4C8FC98CD245B747B65BAC6E95C
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C\SourceList
|
PackageName
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C\SourceList\Net
|
1
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C\SourceList\Media
|
DiskPrompt
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C\SourceList\Media
|
1
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C
|
Clients
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5018E4C8FC98CD245B747B65BAC6E95C\SourceList
|
LastUsedSource
|
|
|
|
HKEY_CURRENT_USER\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\DirectInput\VID_0E0F&PID_0003\Calibration\0
|
GUID
|
|
There are 81 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
83B9000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
8A28000
|
heap private
|
page read and write
|
|
|
|
51A7BFE000
|
stack
|
page read and write
|
|
|
|
23858467000
|
unkown
|
page read and write
|
|
|
|
13E9000
|
unkown image
|
page readonly
|
|
|
|
7DF545960000
|
unkown image
|
page readonly
|
|
|
|
7DF53E5E2000
|
unkown image
|
page readonly
|
|
|
|
387AF7B000
|
stack
|
page read and write
|
|
|
|
7DF5222F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4AA7000
|
unkown image
|
page readonly
|
|
|
|
148DA5C0000
|
unkown
|
page read and write
|
|
|
|
7F700000
|
unkown image
|
page readonly
|
|
|
|
259E024B000
|
unkown
|
page read and write
|
|
|
|
1BBA2813000
|
unkown
|
page read and write
|
|
|
|
1B7AF8FC000
|
unkown
|
page read and write
|
|
|
|
12DB000
|
unkown image
|
page write copy
|
|
|
|
7FF5CEFBC000
|
unkown image
|
page readonly
|
|
|
|
1B7B0118000
|
unkown
|
page read and write
|
|
|
|
7F6F0000
|
unkown image
|
page readonly
|
|
|
|
7FF596B76000
|
unkown image
|
page readonly
|
|
|
|
438000
|
unkown image
|
page readonly
|
|
|
|
7FF54FC39000
|
unkown image
|
page readonly
|
|
|
|
7DF569200000
|
unkown image
|
page readonly
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
7FF54F58B000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4836000
|
unkown image
|
page readonly
|
|
|
|
E0CE8FE000
|
stack
|
page read and write
|
|
|
|
148DA580000
|
unkown image
|
page readonly
|
|
|
|
5300000
|
unkown image
|
page readonly
|
|
|
|
7FF596B94000
|
unkown image
|
page readonly
|
|
|
|
1998000
|
unkown
|
page read and write
|
|
|
|
1B7B5120000
|
unkown
|
page read and write
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE8E000
|
unkown image
|
page readonly
|
|
|
|
7FCE000
|
stack
|
page read and write
|
|
|
|
7DF545952000
|
unkown image
|
page readonly
|
|
|
|
7FF5CF06F000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEB79000
|
unkown image
|
page readonly
|
|
|
|
A664BFB000
|
stack
|
page read and write
|
|
|
|
1BBA2859000
|
unkown
|
page read and write
|
|
|
|
177F000
|
unkown
|
page read and write
|
|
|
|
7FF5538DB000
|
unkown image
|
page readonly
|
|
|
|
22122EE7000
|
unkown
|
page read and write
|
|
|
|
7BDC000
|
unkown
|
page read and write
|
|
|
|
7F71000
|
unkown image
|
page execute read
|
|
|
|
1EBCB62A000
|
unkown
|
page read and write
|
|
|
|
7FF5535A6000
|
unkown image
|
page readonly
|
|
|
|
7FF590458000
|
unkown image
|
page readonly
|
|
|
|
1BBA2790000
|
unkown image
|
page readonly
|
|
|
|
7C02000
|
unkown
|
page read and write
|
|
|
|
2385846D000
|
unkown
|
page read and write
|
|
|
|
19E2000
|
unkown
|
page read and write
|
|
|
|
7FF596AA7000
|
unkown image
|
page readonly
|
|
|
|
7FF55383A000
|
unkown image
|
page readonly
|
|
|
|
1B7B50B0000
|
unkown
|
page read and write
|
|
|
|
3636000
|
heap private
|
page read and write
|
|
|
|
7FF52FF78000
|
unkown image
|
page readonly
|
|
|
|
23858413000
|
unkown
|
page read and write
|
|
|
|
259E0A02000
|
unkown
|
page read and write
|
|
|
|
3F8D000
|
stack
|
page read and write
|
|
|
|
1B7B0113000
|
unkown
|
page read and write
|
|
|
|
7FF5CEBFF000
|
unkown image
|
page readonly
|
|
|
|
A6647DB000
|
unkown
|
page read and write
|
|
|
|
7FF553833000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9CB000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEE73000
|
unkown image
|
page readonly
|
|
|
|
7FF50C7A3000
|
unkown image
|
page readonly
|
|
|
|
7FF596B15000
|
unkown image
|
page readonly
|
|
|
|
7FF5538BB000
|
unkown image
|
page readonly
|
|
|
|
7DF463660000
|
unkown image
|
page readonly
|
|
|
|
7DF5222D0000
|
unkown image
|
page readonly
|
|
|
|
2385846B000
|
unkown
|
page read and write
|
|
|
|
7DF5E49A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5AC4B2000
|
unkown image
|
page readonly
|
|
|
|
7DF5222F0000
|
unkown image
|
page readonly
|
|
|
|
7FF596228000
|
unkown image
|
page readonly
|
|
|
|
7FF50C7AE000
|
unkown image
|
page readonly
|
|
|
|
1EBCB3C0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CF09B000
|
unkown image
|
page readonly
|
|
|
|
19A5000
|
unkown
|
page read and write
|
|
|
|
7FF5CF068000
|
unkown image
|
page readonly
|
|
|
|
28808610000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4BE7000
|
unkown image
|
page readonly
|
|
|
|
1402000
|
unkown image
|
page readonly
|
|
|
|
51A787B000
|
stack
|
page read and write
|
|
|
|
22122C60000
|
unkown image
|
page readonly
|
|
|
|
7F7F000
|
unkown image
|
page readonly
|
|
|
|
1BBA287B000
|
unkown
|
page read and write
|
|
|
|
1EBCB680000
|
unkown
|
page read and write
|
|
|
|
7FF52FE4E000
|
unkown image
|
page readonly
|
|
|
|
7FF590662000
|
unkown image
|
page readonly
|
|
|
|
1B7AF902000
|
unkown
|
page read and write
|
|
|
|
7FF5CEF24000
|
unkown image
|
page readonly
|
|
|
|
8E0000
|
unkown image
|
page readonly
|
|
|
|
7FF53002B000
|
unkown image
|
page readonly
|
|
|
|
7FF54FC3D000
|
unkown image
|
page readonly
|
|
|
|
23858270000
|
heap private
|
page read and write
|
|
|
|
7FF54F9A6000
|
unkown image
|
page readonly
|
|
|
|
148D9DD0000
|
heap private
|
page read and write
|
|
|
|
1EBCB613000
|
unkown
|
page read and write
|
|
|
|
387AD7B000
|
stack
|
page read and write
|
|
|
|
7FF553085000
|
unkown image
|
page readonly
|
|
|
|
981000
|
unkown image
|
page execute and write copy
|
|
|
|
7DF5691F2000
|
unkown image
|
page readonly
|
|
|
|
1BBA2900000
|
unkown
|
page read and write
|
|
|
|
7DF5AC4A2000
|
unkown image
|
page readonly
|
|
|
|
1292000
|
unkown image
|
page write copy
|
|
|
|
7DF5BA622000
|
unkown image
|
page readonly
|
|
|
|
1991000
|
unkown
|
page read and write
|
|
|
|
7DF5E49A2000
|
unkown image
|
page readonly
|
|
|
|
199A000
|
unkown
|
page read and write
|
|
|
|
1404000
|
unkown image
|
page readonly
|
|
|
|
7DF545970000
|
unkown image
|
page readonly
|
|
|
|
148D9DE0000
|
unkown image
|
page readonly
|
|
|
|
22122F02000
|
unkown
|
page read and write
|
|
|
|
1B7B0002000
|
unkown
|
page read and write
|
|
|
|
2139A9D0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FD4D000
|
unkown image
|
page readonly
|
|
|
|
7DF4AA370000
|
unkown image
|
page readonly
|
|
|
|
408000
|
unkown image
|
page readonly
|
|
|
|
E0CEB7B000
|
stack
|
page read and write
|
|
|
|
12C3000
|
unkown image
|
page write copy
|
|
|
|
1BBA27A0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FDCD000
|
unkown image
|
page readonly
|
|
|
|
627000
|
unkown
|
page read and write
|
|
|
|
7E0F000
|
stack
|
page read and write
|
|
|
|
1EBCB655000
|
unkown
|
page read and write
|
|
|
|
1B7B0760000
|
unkown image
|
page read and write
|
|
|
|
6BE587C000
|
stack
|
page read and write
|
|
|
|
672F0FE000
|
stack
|
page read and write
|
|
|
|
1B7B4F40000
|
unkown
|
page read and write
|
|
|
|
627000
|
unkown
|
page read and write
|
|
|
|
7FF5538B6000
|
unkown image
|
page readonly
|
|
|
|
1EBCB410000
|
heap default
|
page read and write
|
|
|
|
7FF5538CD000
|
unkown image
|
page readonly
|
|
|
|
22122E43000
|
unkown
|
page read and write
|
|
|
|
980000
|
unkown image
|
page readonly
|
|
|
|
7DF5A6070000
|
unkown image
|
page readonly
|
|
|
|
7BD4000
|
unkown
|
page read and write
|
|
|
|
7FF58FF1D000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
19A0000
|
heap default
|
page read and write
|
|
|
|
1302000
|
unkown image
|
page read and write
|
|
|
|
1B7B0720000
|
unkown image
|
page readonly
|
|
|
|
7FF596B80000
|
unkown image
|
page readonly
|
|
|
|
7FF590698000
|
unkown image
|
page readonly
|
|
|
|
7FF52FB38000
|
unkown image
|
page readonly
|
|
|
|
2810000
|
unkown
|
page read and write
|
|
|
|
7FF53001F000
|
unkown image
|
page readonly
|
|
|
|
1EBCB800000
|
unkown image
|
page readonly
|
|
|
|
1B7AF720000
|
heap private
|
page read and write
|
|
|
|
7FF5968AD000
|
unkown image
|
page readonly
|
|
|
|
2139AB02000
|
unkown
|
page read and write
|
|
|
|
19B1000
|
unkown
|
page read and write
|
|
|
|
22122C50000
|
heap private
|
page read and write
|
|
|
|
7FF50C835000
|
unkown image
|
page readonly
|
|
|
|
3AEC000
|
unkown
|
page read and write
|
|
|
|
1BBA2760000
|
heap private
|
page read and write
|
|
|
|
7FF590446000
|
unkown image
|
page readonly
|
|
|
|
23858477000
|
unkown
|
page read and write
|
|
|
|
7FF5535E8000
|
unkown image
|
page readonly
|
|
|
|
7FF596AF3000
|
unkown image
|
page readonly
|
|
|
|
7FF5538EF000
|
unkown image
|
page readonly
|
|
|
|
2EEE000
|
stack
|
page read and write
|
|
|
|
7FF54FA1A000
|
unkown image
|
page readonly
|
|
|
|
733E000
|
stack
|
page read and write
|
|
|
|
7DF5691E2000
|
unkown image
|
page readonly
|
|
|
|
7FF50C854000
|
unkown image
|
page readonly
|
|
|
|
23858459000
|
unkown
|
page read and write
|
|
|
|
1976000
|
heap default
|
page read and write
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
8040000
|
heap private
|
page read and write
|
|
|
|
23858280000
|
unkown image
|
page readonly
|
|
|
|
7FF54FB2A000
|
unkown image
|
page readonly
|
|
|
|
7FF54FBA7000
|
unkown image
|
page readonly
|
|
|
|
1B7AFCD0000
|
unkown image
|
page readonly
|
|
|
|
198E000
|
unkown
|
page read and write
|
|
|
|
7FF553855000
|
unkown image
|
page readonly
|
|
|
|
6BE4FEC000
|
unkown
|
page read and write
|
|
|
|
7FF59066C000
|
unkown image
|
page readonly
|
|
|
|
7FF52FF57000
|
unkown image
|
page readonly
|
|
|
|
21B0000
|
unkown
|
page read and write
|
|
|
|
7FF54FA14000
|
unkown image
|
page readonly
|
|
|
|
1BBA27D0000
|
unkown image
|
page readonly
|
|
|
|
7FF52FF95000
|
unkown image
|
page readonly
|
|
|
|
148D9E10000
|
unkown image
|
page readonly
|
|
|
|
7DF5BA640000
|
unkown image
|
page readonly
|
|
|
|
1B7AF750000
|
unkown image
|
page readonly
|
|
|
|
196B000
|
unkown
|
page read and write
|
|
|
|
7FF5906AD000
|
unkown image
|
page readonly
|
|
|
|
1290000
|
unkown image
|
page read and write
|
|
|
|
A05258E000
|
stack
|
page read and write
|
|
|
|
23858440000
|
unkown
|
page read and write
|
|
|
|
7FF596AB8000
|
unkown image
|
page readonly
|
|
|
|
854F000
|
stack
|
page read and write
|
|
|
|
1B7AF780000
|
heap default
|
page read and write
|
|
|
|
7F70000
|
unkown image
|
page read and write
|
|
|
|
1B7B50F0000
|
unkown
|
page read and write
|
|
|
|
7DF4201A0000
|
unkown image
|
page readonly
|
|
|
|
259E0213000
|
unkown
|
page read and write
|
|
|
|
2139A9F0000
|
heap default
|
page read and write
|
|
|
|
1B7B0750000
|
unkown image
|
page readonly
|
|
|
|
7FF54FD50000
|
unkown image
|
page readonly
|
|
|
|
7FF596ABC000
|
unkown image
|
page readonly
|
|
|
|
7FF59075D000
|
unkown image
|
page readonly
|
|
|
|
19E7000
|
unkown
|
page read and write
|
|
|
|
7FF5537FD000
|
unkown image
|
page readonly
|
|
|
|
7FF5CF0AF000
|
unkown image
|
page readonly
|
|
|
|
2385845C000
|
unkown
|
page read and write
|
|
|
|
7DF5BA632000
|
unkown image
|
page readonly
|
|
|
|
40A000
|
unkown image
|
page read and write
|
|
|
|
2139AA82000
|
unkown
|
page read and write
|
|
|
|
7FF54FE6B000
|
unkown image
|
page readonly
|
|
|
|
7FF54FD60000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C27000
|
unkown image
|
page readonly
|
|
|
|
7FF54FDEA000
|
unkown image
|
page readonly
|
|
|
|
7FF59077F000
|
unkown image
|
page readonly
|
|
|
|
7FF596B9B000
|
unkown image
|
page readonly
|
|
|
|
6BE53FB000
|
stack
|
page read and write
|
|
|
|
7DF4670B0000
|
unkown image
|
page readonly
|
|
|
|
7FF59074E000
|
unkown image
|
page readonly
|
|
|
|
1B7B4E50000
|
unkown
|
page read and write
|
|
|
|
15D0000
|
heap default
|
page read and write
|
|
|
|
1B7AF913000
|
unkown
|
page read and write
|
|
|
|
7FF54F9D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5537B0000
|
unkown image
|
page readonly
|
|
|
|
28808D90000
|
unkown
|
page read and write
|
|
|
|
16BC7F000
|
stack
|
page read and write
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
6BE52FE000
|
stack
|
page read and write
|
|
|
|
672F07E000
|
stack
|
page read and write
|
|
|
|
7BD0000
|
unkown
|
page read and write
|
|
|
|
7340000
|
unkown image
|
page write copy
|
|
|
|
2385845A000
|
unkown
|
page read and write
|
|
|
|
274F000
|
stack
|
page read and write
|
|
|
|
7FF54FB8C000
|
unkown image
|
page readonly
|
|
|
|
19DA000
|
unkown
|
page read and write
|
|
|
|
1B7AF875000
|
unkown
|
page read and write
|
|
|
|
238582B0000
|
unkown image
|
page readonly
|
|
|
|
7FF52FFAA000
|
unkown image
|
page readonly
|
|
|
|
28808630000
|
heap default
|
page read and write
|
|
|
|
1B7AFFB1000
|
unkown
|
page read and write
|
|
|
|
1B7B5020000
|
unkown
|
page read and write
|
|
|
|
7DF5A6082000
|
unkown image
|
page readonly
|
|
|
|
7FF5CF076000
|
unkown image
|
page readonly
|
|
|
|
6BE54FB000
|
stack
|
page read and write
|
|
|
|
259E0308000
|
unkown
|
page read and write
|
|
|
|
7FF5A4A7D000
|
unkown image
|
page readonly
|
|
|
|
7FF52FED4000
|
unkown image
|
page readonly
|
|
|
|
7DF565790000
|
unkown image
|
page readonly
|
|
|
|
1B7B4CE0000
|
unkown
|
page read and write
|
|
|
|
7FF5A4C95000
|
unkown image
|
page readonly
|
|
|
|
E0CEDFF000
|
stack
|
page read and write
|
|
|
|
7FF54FD97000
|
unkown image
|
page readonly
|
|
|
|
7DF545960000
|
unkown image
|
page readonly
|
|
|
|
1EBCB64F000
|
unkown
|
page read and write
|
|
|
|
6ED17000
|
unkown image
|
page read and write
|
|
|
|
7DF53E5F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4CF6000
|
unkown image
|
page readonly
|
|
|
|
7FF5A49BA000
|
unkown image
|
page readonly
|
|
|
|
7DF5691F0000
|
unkown image
|
page readonly
|
|
|
|
1B7B0102000
|
unkown
|
page read and write
|
|
|
|
2139AA13000
|
unkown
|
page read and write
|
|
|
|
7FF50C998000
|
unkown image
|
page readonly
|
|
|
|
1217000
|
unkown image
|
page readonly
|
|
|
|
1B7B4EE4000
|
unkown
|
page read and write
|
|
|
|
7FF5CF0AF000
|
unkown image
|
page readonly
|
|
|
|
627000
|
unkown
|
page read and write
|
|
|
|
22122CB0000
|
heap default
|
page read and write
|
|
|
|
1B7B5024000
|
unkown
|
page read and write
|
|
|
|
148DA000000
|
unkown
|
page read and write
|
|
|
|
7D0E000
|
stack
|
page read and write
|
|
|
|
7FF54FD8C000
|
unkown image
|
page readonly
|
|
|
|
7FF553598000
|
unkown image
|
page readonly
|
|
|
|
23858980000
|
unkown image
|
page readonly
|
|
|
|
A5891FF000
|
stack
|
page read and write
|
|
|
|
1B7B4EFF000
|
unkown
|
page read and write
|
|
|
|
1977000
|
unkown
|
page read and write
|
|
|
|
3CDE000
|
stack
|
page read and write
|
|
|
|
7DF53E5D0000
|
unkown image
|
page readonly
|
|
|
|
672F47E000
|
stack
|
page read and write
|
|
|
|
7FF52FF67000
|
unkown image
|
page readonly
|
|
|
|
19DC000
|
unkown
|
page read and write
|
|
|
|
910000
|
unkown
|
page read and write
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
1EBCB600000
|
unkown
|
page read and write
|
|
|
|
1EBCB5E0000
|
unkown
|
page read and write
|
|
|
|
8A2B000
|
heap private
|
page read and write
|
|
|
|
14B0000
|
unkown image
|
page readonly
|
|
|
|
7FF52FF53000
|
unkown image
|
page readonly
|
|
|
|
7F710000
|
unkown image
|
page readonly
|
|
|
|
1B7B0710000
|
unkown image
|
page readonly
|
|
|
|
51A757C000
|
stack
|
page read and write
|
|
|
|
7FF5CF0AB000
|
unkown image
|
page readonly
|
|
|
|
7FF528CDB000
|
unkown image
|
page readonly
|
|
|
|
7FF54FB91000
|
unkown image
|
page readonly
|
|
|
|
7FF5CF080000
|
unkown image
|
page readonly
|
|
|
|
259E04D0000
|
unkown image
|
page readonly
|
|
|
|
7FF52882F000
|
unkown image
|
page readonly
|
|
|
|
7DF5222E2000
|
unkown image
|
page readonly
|
|
|
|
19A0000
|
unkown
|
page read and write
|
|
|
|
7FF5CF07B000
|
unkown image
|
page readonly
|
|
|
|
408000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4D2F000
|
unkown image
|
page readonly
|
|
|
|
7FF596AE9000
|
unkown image
|
page readonly
|
|
|
|
7FF528C2A000
|
unkown image
|
page readonly
|
|
|
|
148DA5C0000
|
unkown
|
page read and write
|
|
|
|
1BBA3002000
|
unkown
|
page read and write
|
|
|
|
7FF528CDF000
|
unkown image
|
page readonly
|
|
|
|
7FF5537F7000
|
unkown image
|
page readonly
|
|
|
|
1B7B5140000
|
unkown
|
page read and write
|
|
|
|
7FF54FC34000
|
unkown image
|
page readonly
|
|
|
|
1BBA2828000
|
unkown
|
page read and write
|
|
|
|
148D9E00000
|
unkown image
|
page readonly
|
|
|
|
199B000
|
unkown
|
page read and write
|
|
|
|
1B7AF89D000
|
unkown
|
page read and write
|
|
|
|
7FF5538AF000
|
unkown image
|
page readonly
|
|
|
|
7FF59694D000
|
unkown image
|
page readonly
|
|
|
|
19F1000
|
heap default
|
page read and write
|
|
|
|
7FF54FC58000
|
unkown image
|
page readonly
|
|
|
|
1B7B4F02000
|
unkown
|
page read and write
|
|
|
|
794F000
|
stack
|
page read and write
|
|
|
|
7FF54FD82000
|
unkown image
|
page readonly
|
|
|
|
2880885F000
|
unkown
|
page read and write
|
|
|
|
7FF528C15000
|
unkown image
|
page readonly
|
|
|
|
7FF596AE5000
|
unkown image
|
page readonly
|
|
|
|
22123713000
|
unkown
|
page read and write
|
|
|
|
7F6F2000
|
unkown image
|
page readonly
|
|
|
|
672EDEB000
|
unkown
|
page read and write
|
|
|
|
7FF59058D000
|
unkown image
|
page readonly
|
|
|
|
259E027B000
|
unkown
|
page read and write
|
|
|
|
19AF000
|
unkown
|
page read and write
|
|
|
|
1B7B5000000
|
unkown
|
page read and write
|
|
|
|
7FF50C9C4000
|
unkown image
|
page readonly
|
|
|
|
199E000
|
unkown
|
page read and write
|
|
|
|
7DF5E49A0000
|
unkown image
|
page readonly
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
6ED1C000
|
unkown image
|
page read and write
|
|
|
|
1B7AF7C0000
|
unkown image
|
page read and write
|
|
|
|
7FF596BAD000
|
unkown image
|
page readonly
|
|
|
|
1B7B4E04000
|
unkown
|
page read and write
|
|
|
|
1B7B0740000
|
unkown image
|
page readonly
|
|
|
|
7FF50C99F000
|
unkown image
|
page readonly
|
|
|
|
196E000
|
heap default
|
page read and write
|
|
|
|
23858461000
|
unkown
|
page read and write
|
|
|
|
30000
|
unkown image
|
page read and write
|
|
|
|
1B7AF87A000
|
unkown
|
page read and write
|
|
|
|
288085E0000
|
unkown image
|
page readonly
|
|
|
|
119B000
|
unkown image
|
page readonly
|
|
|
|
7DF5BA640000
|
unkown image
|
page readonly
|
|
|
|
7DF5AC4B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5AC4B2000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE8B000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEFB7000
|
unkown image
|
page readonly
|
|
|
|
A6650FD000
|
stack
|
page read and write
|
|
|
|
6BE577F000
|
stack
|
page read and write
|
|
|
|
23858280000
|
unkown image
|
page readonly
|
|
|
|
1048000
|
unkown image
|
page readonly
|
|
|
|
7FF52FB29000
|
unkown image
|
page readonly
|
|
|
|
986000
|
unkown image
|
page execute and read and write
|
|
|
|
22123460000
|
unkown image
|
page write copy
|
|
|
|
1B7AF730000
|
unkown image
|
page readonly
|
|
|
|
1BBA2879000
|
unkown
|
page read and write
|
|
|
|
28808600000
|
unkown image
|
page readonly
|
|
|
|
148D9F10000
|
unkown image
|
page readonly
|
|
|
|
18EA000
|
unkown
|
page read and write
|
|
|
|
7FF5CEB88000
|
unkown image
|
page readonly
|
|
|
|
7FF596BAB000
|
unkown image
|
page readonly
|
|
|
|
1B7B4EB2000
|
unkown
|
page read and write
|
|
|
|
22123390000
|
unkown image
|
page readonly
|
|
|
|
12F0000
|
unkown image
|
page write copy
|
|
|
|
7F702000
|
unkown image
|
page readonly
|
|
|
|
1B7B0000000
|
unkown
|
page read and write
|
|
|
|
22122F13000
|
unkown
|
page read and write
|
|
|
|
7FF5A4C73000
|
unkown image
|
page readonly
|
|
|
|
22122E87000
|
unkown
|
page read and write
|
|
|
|
A664FFF000
|
stack
|
page read and write
|
|
|
|
7FF528C19000
|
unkown image
|
page readonly
|
|
|
|
7DF53E5D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CF015000
|
unkown image
|
page readonly
|
|
|
|
1B7AFE50000
|
unkown image
|
page readonly
|
|
|
|
259E06D0000
|
unkown image
|
page readonly
|
|
|
|
118B000
|
unkown image
|
page readonly
|
|
|
|
259E023C000
|
unkown
|
page read and write
|
|
|
|
259E01B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5906C3000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9CE000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C65000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE9D000
|
unkown image
|
page readonly
|
|
|
|
28808C00000
|
unkown image
|
page readonly
|
|
|
|
2304000
|
heap private
|
page read and write
|
|
|
|
7FF50C4B8000
|
unkown image
|
page readonly
|
|
|
|
12ED000
|
unkown image
|
page write copy
|
|
|
|
1EBCB66C000
|
unkown
|
page read and write
|
|
|
|
7FF5A4AFE000
|
unkown image
|
page readonly
|
|
|
|
980000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C5D000
|
unkown image
|
page readonly
|
|
|
|
6ED0D000
|
unkown image
|
page write copy
|
|
|
|
7DF000
|
stack
|
page read and write
|
|
|
|
7FF50C8E7000
|
unkown image
|
page readonly
|
|
|
|
7DF5BA630000
|
unkown image
|
page readonly
|
|
|
|
7FF54FA2F000
|
unkown image
|
page readonly
|
|
|
|
1A0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E49B0000
|
unkown image
|
page readonly
|
|
|
|
238582A0000
|
unkown image
|
page readonly
|
|
|
|
326000
|
unkown
|
page read and write
|
|
|
|
1BBA2841000
|
unkown
|
page read and write
|
|
|
|
1B7AF829000
|
unkown
|
page read and write
|
|
|
|
148DA029000
|
unkown
|
page read and write
|
|
|
|
1BBA2802000
|
unkown
|
page read and write
|
|
|
|
16BD7D000
|
stack
|
page read and write
|
|
|
|
7FF59074B000
|
unkown image
|
page readonly
|
|
|
|
259E0287000
|
unkown
|
page read and write
|
|
|
|
5D0000
|
unkown
|
page read and write
|
|
|
|
1215000
|
unkown image
|
page readonly
|
|
|
|
1B7AFFD0000
|
unkown
|
page read and write
|
|
|
|
148DA602000
|
unkown
|
page read and write
|
|
|
|
28808867000
|
unkown
|
page read and write
|
|
|
|
7FF52FE23000
|
unkown image
|
page readonly
|
|
|
|
2139B060000
|
unkown image
|
page readonly
|
|
|
|
3E3D000
|
stack
|
page read and write
|
|
|
|
7FF59076B000
|
unkown image
|
page readonly
|
|
|
|
6E940000
|
unkown image
|
page readonly
|
|
|
|
28808829000
|
unkown
|
page read and write
|
|
|
|
7F5B000
|
stack
|
page read and write
|
|
|
|
1B7B4DE0000
|
unkown
|
page read and write
|
|
|
|
2139AA2A000
|
unkown
|
page read and write
|
|
|
|
42C000
|
unkown image
|
page read and write
|
|
|
|
140C000
|
unkown image
|
page readonly
|
|
|
|
7FF50C8D3000
|
unkown image
|
page readonly
|
|
|
|
177B000
|
unkown
|
page read and write
|
|
|
|
7FF528CA6000
|
unkown image
|
page readonly
|
|
|
|
40000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEB73000
|
unkown image
|
page readonly
|
|
|
|
7DF565792000
|
unkown image
|
page readonly
|
|
|
|
1984000
|
heap default
|
page read and write
|
|
|
|
1570000
|
unkown
|
page read and write
|
|
|
|
51A7B7F000
|
stack
|
page read and write
|
|
|
|
672F57F000
|
stack
|
page read and write
|
|
|
|
A052A7B000
|
stack
|
page read and write
|
|
|
|
A588EFD000
|
stack
|
page read and write
|
|
|
|
1B7B5140000
|
unkown
|
page read and write
|
|
|
|
22122E00000
|
unkown
|
page read and write
|
|
|
|
1957000
|
heap default
|
page read and write
|
|
|
|
7DF5691E2000
|
unkown image
|
page readonly
|
|
|
|
7FF528CAB000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4BE0000
|
unkown image
|
page readonly
|
|
|
|
6ED02000
|
unkown image
|
page write copy
|
|
|
|
7FF5CED63000
|
unkown image
|
page readonly
|
|
|
|
7FF50C038000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4BCD000
|
unkown image
|
page readonly
|
|
|
|
7FFB0000
|
unkown image
|
page readonly
|
|
|
|
7DF545950000
|
unkown image
|
page readonly
|
|
|
|
22122C80000
|
unkown image
|
page readonly
|
|
|
|
1095000
|
unkown image
|
page readonly
|
|
|
|
6BE527E000
|
stack
|
page read and write
|
|
|
|
1B7B4E62000
|
unkown
|
page read and write
|
|
|
|
7F7D000
|
unkown image
|
page read and write
|
|
|
|
23858600000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
1B7B5010000
|
unkown
|
page read and write
|
|
|
|
7FF50C7F3000
|
unkown image
|
page readonly
|
|
|
|
1EBCBB80000
|
unkown image
|
page readonly
|
|
|
|
13E7000
|
unkown image
|
page read and write
|
|
|
|
A6652FF000
|
stack
|
page read and write
|
|
|
|
1EBCB3C0000
|
unkown image
|
page readonly
|
|
|
|
7FF596AC8000
|
unkown image
|
page readonly
|
|
|
|
7FF50C7CE000
|
unkown image
|
page readonly
|
|
|
|
7FF54FCD7000
|
unkown image
|
page readonly
|
|
|
|
7FF54F663000
|
unkown image
|
page readonly
|
|
|
|
1EBCB3B0000
|
heap private
|
page read and write
|
|
|
|
1590000
|
stack
|
page read and write
|
|
|
|
199A000
|
unkown
|
page read and write
|
|
|
|
7DF545962000
|
unkown image
|
page readonly
|
|
|
|
1B7B0840000
|
unkown
|
page read and write
|
|
|
|
22122C60000
|
unkown image
|
page readonly
|
|
|
|
7FF5538ED000
|
unkown image
|
page readonly
|
|
|
|
13F5000
|
unkown image
|
page readonly
|
|
|
|
7FF54F660000
|
unkown image
|
page readonly
|
|
|
|
A5890FC000
|
stack
|
page read and write
|
|
|
|
1955000
|
heap default
|
page read and write
|
|
|
|
51A747A000
|
stack
|
page read and write
|
|
|
|
23858464000
|
unkown
|
page read and write
|
|
|
|
1217000
|
unkown image
|
page readonly
|
|
|
|
74D0000
|
unkown
|
page read and write
|
|
|
|
22122ECC000
|
unkown
|
page read and write
|
|
|
|
7DF53E5E0000
|
unkown image
|
page readonly
|
|
|
|
51A6F4B000
|
unkown
|
page read and write
|
|
|
|
627000
|
unkown
|
page read and write
|
|
|
|
2385845F000
|
unkown
|
page read and write
|
|
|
|
1B7B4F30000
|
unkown
|
page read and write
|
|
|
|
1B7B4EFB000
|
unkown
|
page read and write
|
|
|
|
73CD000
|
stack
|
page read and write
|
|
|
|
1B7AFFE0000
|
unkown
|
page read and write
|
|
|
|
7DF53E5F0000
|
unkown image
|
page readonly
|
|
|
|
7FFC0000
|
unkown image
|
page readonly
|
|
|
|
7FF528993000
|
unkown image
|
page readonly
|
|
|
|
7F6F2000
|
unkown image
|
page readonly
|
|
|
|
61E000
|
unkown
|
page read and write
|
|
|
|
7F710000
|
unkown image
|
page readonly
|
|
|
|
2385847A000
|
unkown
|
page read and write
|
|
|
|
7FF590673000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9DB000
|
unkown image
|
page readonly
|
|
|
|
1998000
|
unkown
|
page read and write
|
|
|
|
7FF52FEB5000
|
unkown image
|
page readonly
|
|
|
|
1B7AF800000
|
unkown
|
page read and write
|
|
|
|
7FF553829000
|
unkown image
|
page readonly
|
|
|
|
7DF5222D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEFA3000
|
unkown image
|
page readonly
|
|
|
|
B80000
|
unkown image
|
page readonly
|
|
|
|
2385844E000
|
unkown
|
page read and write
|
|
|
|
7FF5A4C37000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE5F000
|
unkown image
|
page readonly
|
|
|
|
7BEB000
|
unkown
|
page read and write
|
|
|
|
7FF50C8F8000
|
unkown image
|
page readonly
|
|
|
|
12ED000
|
unkown image
|
page write copy
|
|
|
|
7FF50C923000
|
unkown image
|
page readonly
|
|
|
|
28808813000
|
unkown
|
page read and write
|
|
|
|
4B0000
|
heap default
|
page read and write
|
|
|
|
7FF54FB83000
|
unkown image
|
page readonly
|
|
|
|
784E000
|
stack
|
page read and write
|
|
|
|
1B7B5010000
|
unkown
|
page read and write
|
|
|
|
7DF5AC4A2000
|
unkown image
|
page readonly
|
|
|
|
1EBCB63C000
|
unkown
|
page read and write
|
|
|
|
A588AFF000
|
stack
|
page read and write
|
|
|
|
3630000
|
heap private
|
page read and write
|
|
|
|
259E01E0000
|
heap default
|
page read and write
|
|
|
|
1404000
|
unkown image
|
page readonly
|
|
|
|
7FF530044000
|
unkown image
|
page readonly
|
|
|
|
7FF59051D000
|
unkown image
|
page readonly
|
|
|
|
28808800000
|
unkown
|
page read and write
|
|
|
|
19DF000
|
unkown
|
page read and write
|
|
|
|
259E0270000
|
unkown
|
page read and write
|
|
|
|
7DF5AC4C0000
|
unkown image
|
page readonly
|
|
|
|
2139AB08000
|
unkown
|
page read and write
|
|
|
|
23858479000
|
unkown
|
page read and write
|
|
|
|
1B7B4DE8000
|
unkown
|
page read and write
|
|
|
|
96E000
|
stack
|
page read and write
|
|
|
|
1B7AF790000
|
unkown image
|
page readonly
|
|
|
|
1B7AF813000
|
unkown
|
page read and write
|
|
|
|
7FF54FDB8000
|
unkown image
|
page readonly
|
|
|
|
7FF54FB9D000
|
unkown image
|
page readonly
|
|
|
|
22DF000
|
stack
|
page read and write
|
|
|
|
7FF5902DA000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4861000
|
unkown image
|
page readonly
|
|
|
|
1B7B4E01000
|
unkown
|
page read and write
|
|
|
|
7DF5691E0000
|
unkown image
|
page readonly
|
|
|
|
5224000
|
heap private
|
page read and write
|
|
|
|
7FF54F51E000
|
unkown image
|
page readonly
|
|
|
|
614000
|
unkown
|
page read and write
|
|
|
|
1BBA285E000
|
unkown
|
page read and write
|
|
|
|
259E0313000
|
unkown
|
page read and write
|
|
|
|
23858432000
|
unkown
|
page read and write
|
|
|
|
7FF5A4C1C000
|
unkown image
|
page readonly
|
|
|
|
1B7B0730000
|
unkown image
|
page readonly
|
|
|
|
1BBA2882000
|
unkown
|
page read and write
|
|
|
|
259E0940000
|
unkown
|
page read and write
|
|
|
|
7FF5CEFE9000
|
unkown image
|
page readonly
|
|
|
|
7FF596A84000
|
unkown image
|
page readonly
|
|
|
|
7FF53003D000
|
unkown image
|
page readonly
|
|
|
|
7FF53004E000
|
unkown image
|
page readonly
|
|
|
|
7FF52F6B8000
|
unkown image
|
page readonly
|
|
|
|
22122C90000
|
unkown image
|
page readonly
|
|
|
|
7FF596B68000
|
unkown image
|
page readonly
|
|
|
|
7FFB2000
|
unkown image
|
page readonly
|
|
|
|
2139A9A0000
|
unkown image
|
page readonly
|
|
|
|
1B7AF710000
|
unkown image
|
page read and write
|
|
|
|
387AA7C000
|
unkown
|
page read and write
|
|
|
|
3F3A000
|
stack
|
page read and write
|
|
|
|
7FF5905F4000
|
unkown image
|
page readonly
|
|
|
|
23858429000
|
unkown
|
page read and write
|
|
|
|
7FF59068C000
|
unkown image
|
page readonly
|
|
|
|
12EB000
|
unkown image
|
page write copy
|
|
|
|
1046000
|
unkown image
|
page execute and read and write
|
|
|
|
1BBA2750000
|
unkown image
|
page read and write
|
|
|
|
148DA800000
|
unkown
|
page read and write
|
|
|
|
19A5000
|
unkown
|
page read and write
|
|
|
|
107F000
|
unkown image
|
page readonly
|
|
|
|
1048000
|
unkown image
|
page readonly
|
|
|
|
980000
|
unkown image
|
page readonly
|
|
|
|
19BC000
|
unkown
|
page read and write
|
|
|
|
1EBCB3E0000
|
unkown image
|
page readonly
|
|
|
|
2139AB00000
|
unkown
|
page read and write
|
|
|
|
7FF55368D000
|
unkown image
|
page readonly
|
|
|
|
7DF5A6090000
|
unkown image
|
page readonly
|
|
|
|
7FFD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5537C0000
|
unkown image
|
page readonly
|
|
|
|
2139B150000
|
unkown
|
page read and write
|
|
|
|
363E000
|
heap private
|
page read and write
|
|
|
|
1B7B5110000
|
unkown
|
page read and write
|
|
|
|
5200000
|
unkown image
|
page readonly
|
|
|
|
7FF528CC4000
|
unkown image
|
page readonly
|
|
|
|
1900000
|
heap default
|
page read and write
|
|
|
|
148D9DE0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FDAC000
|
unkown image
|
page readonly
|
|
|
|
7FF52FDFD000
|
unkown image
|
page readonly
|
|
|
|
7DF5AC4C0000
|
unkown image
|
page readonly
|
|
|
|
41D000
|
unkown image
|
page read and write
|
|
|
|
1EBCB702000
|
unkown
|
page read and write
|
|
|
|
22122DB0000
|
unkown
|
page read and write
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
7DF5691F0000
|
unkown image
|
page readonly
|
|
|
|
1997000
|
heap default
|
page read and write
|
|
|
|
148DA200000
|
unkown image
|
page readonly
|
|
|
|
19B4000
|
heap default
|
page read and write
|
|
|
|
7FF530018000
|
unkown image
|
page readonly
|
|
|
|
7FF5902E3000
|
unkown image
|
page readonly
|
|
|
|
23858445000
|
unkown
|
page read and write
|
|
|
|
2DED000
|
stack
|
page read and write
|
|
|
|
2139AA3C000
|
unkown
|
page read and write
|
|
|
|
7DF53E5D2000
|
unkown image
|
page readonly
|
|
|
|
A588D7E000
|
stack
|
page read and write
|
|
|
|
2385846A000
|
unkown
|
page read and write
|
|
|
|
7FF5537E7000
|
unkown image
|
page readonly
|
|
|
|
7FF528C0D000
|
unkown image
|
page readonly
|
|
|
|
7FF54F58D000
|
unkown image
|
page readonly
|
|
|
|
A58850B000
|
unkown
|
page read and write
|
|
|
|
7FF52FFC5000
|
unkown image
|
page readonly
|
|
|
|
7E5C000
|
stack
|
page read and write
|
|
|
|
7FF596B8D000
|
unkown image
|
page readonly
|
|
|
|
21D0000
|
unkown image
|
page readonly
|
|
|
|
7DF4A3F40000
|
unkown image
|
page readonly
|
|
|
|
1BBA27F0000
|
unkown
|
page read and write
|
|
|
|
7FF52FEAF000
|
unkown image
|
page readonly
|
|
|
|
7DF545950000
|
unkown image
|
page readonly
|
|
|
|
51A7377000
|
stack
|
page read and write
|
|
|
|
2139AA4E000
|
unkown
|
page read and write
|
|
|
|
6E940000
|
unkown image
|
page readonly
|
|
|
|
1B7AF870000
|
unkown
|
page read and write
|
|
|
|
238583B0000
|
unkown image
|
page readonly
|
|
|
|
8438000
|
heap private
|
page read and write
|
|
|
|
2750000
|
unkown image
|
page readonly
|
|
|
|
148DA400000
|
unkown image
|
page readonly
|
|
|
|
7FF5906CA000
|
unkown image
|
page readonly
|
|
|
|
A052D7F000
|
stack
|
page read and write
|
|
|
|
7FF5CEFFA000
|
unkown image
|
page readonly
|
|
|
|
2139A9C0000
|
unkown image
|
page readonly
|
|
|
|
1590000
|
stack
|
page read and write
|
|
|
|
12DB000
|
unkown image
|
page write copy
|
|
|
|
7FF59076E000
|
unkown image
|
page readonly
|
|
|
|
1B7B0700000
|
unkown image
|
page readonly
|
|
|
|
148D9F20000
|
unkown image
|
page readonly
|
|
|
|
610000
|
unkown
|
page read and write
|
|
|
|
7DF5E49B2000
|
unkown image
|
page readonly
|
|
|
|
23858800000
|
unkown image
|
page readonly
|
|
|
|
6BE5677000
|
stack
|
page read and write
|
|
|
|
1BBA2770000
|
unkown image
|
page readonly
|
|
|
|
107F000
|
unkown image
|
page readonly
|
|
|
|
7DF5222D0000
|
unkown image
|
page readonly
|
|
|
|
1B7B4EDF000
|
unkown
|
page read and write
|
|
|
|
7FF59077B000
|
unkown image
|
page readonly
|
|
|
|
19A2000
|
unkown
|
page read and write
|
|
|
|
108A000
|
unkown image
|
page readonly
|
|
|
|
7DF5AC4A0000
|
unkown image
|
page readonly
|
|
|
|
1B7B4DE0000
|
unkown
|
page read and write
|
|
|
|
A052C7E000
|
stack
|
page read and write
|
|
|
|
1B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4CFE000
|
unkown image
|
page readonly
|
|
|
|
7C13000
|
unkown
|
page read and write
|
|
|
|
7FF596976000
|
unkown image
|
page readonly
|
|
|
|
7FF596B9E000
|
unkown image
|
page readonly
|
|
|
|
1984000
|
unkown
|
page read and write
|
|
|
|
624000
|
unkown
|
page read and write
|
|
|
|
51A797E000
|
stack
|
page read and write
|
|
|
|
259E0850000
|
unkown image
|
page readonly
|
|
|
|
1EBCBC02000
|
unkown
|
page read and write
|
|
|
|
23858474000
|
unkown
|
page read and write
|
|
|
|
199A000
|
unkown
|
page read and write
|
|
|
|
1B7AF877000
|
unkown
|
page read and write
|
|
|
|
2880885C000
|
unkown
|
page read and write
|
|
|
|
A588C7C000
|
stack
|
page read and write
|
|
|
|
1B7B0100000
|
unkown
|
page read and write
|
|
|
|
7DF53E5D2000
|
unkown image
|
page readonly
|
|
|
|
7FF54FA43000
|
unkown image
|
page readonly
|
|
|
|
7F700000
|
unkown image
|
page readonly
|
|
|
|
7DF565790000
|
unkown image
|
page readonly
|
|
|
|
1EBCB602000
|
unkown
|
page read and write
|
|
|
|
3A90000
|
unkown
|
page read and write
|
|
|
|
7FF5A4D1E000
|
unkown image
|
page readonly
|
|
|
|
7FF52FFA3000
|
unkown image
|
page readonly
|
|
|
|
7FF54FDA7000
|
unkown image
|
page readonly
|
|
|
|
1B7AF88B000
|
unkown
|
page read and write
|
|
|
|
7FF5A49E9000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9DF000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEE9E000
|
unkown image
|
page readonly
|
|
|
|
7FF59696C000
|
unkown image
|
page readonly
|
|
|
|
259E0180000
|
heap private
|
page read and write
|
|
|
|
1BBA2770000
|
unkown image
|
page readonly
|
|
|
|
51A777B000
|
stack
|
page read and write
|
|
|
|
7BDF000
|
unkown
|
page read and write
|
|
|
|
12DD000
|
unkown image
|
page write copy
|
|
|
|
625000
|
unkown
|
page read and write
|
|
|
|
387AE7E000
|
stack
|
page read and write
|
|
|
|
7FF5906B9000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C3C000
|
unkown image
|
page readonly
|
|
|
|
7FF528C45000
|
unkown image
|
page readonly
|
|
|
|
E0CE97D000
|
stack
|
page read and write
|
|
|
|
7FF5A4D14000
|
unkown image
|
page readonly
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
629000
|
unkown
|
page read and write
|
|
|
|
1994000
|
unkown
|
page read and write
|
|
|
|
6ED0B000
|
unkown image
|
page write copy
|
|
|
|
1B7AFFD3000
|
unkown
|
page read and write
|
|
|
|
7DF5A6090000
|
unkown image
|
page readonly
|
|
|
|
7FF53005B000
|
unkown image
|
page readonly
|
|
|
|
19AB000
|
unkown
|
page read and write
|
|
|
|
15C0000
|
unkown image
|
page readonly
|
|
|
|
28808720000
|
unkown image
|
page readonly
|
|
|
|
3AA0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FC6C000
|
unkown image
|
page readonly
|
|
|
|
7FF596B6F000
|
unkown image
|
page readonly
|
|
|
|
2D30000
|
unkown
|
page read and write
|
|
|
|
7FF552FA7000
|
unkown image
|
page readonly
|
|
|
|
22122E13000
|
unkown
|
page read and write
|
|
|
|
7FF54FE05000
|
unkown image
|
page readonly
|
|
|
|
1B7AF760000
|
unkown image
|
page readonly
|
|
|
|
7FF596AA3000
|
unkown image
|
page readonly
|
|
|
|
7A8F000
|
stack
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
1590000
|
stack
|
page read and write
|
|
|
|
7F7C000
|
unkown image
|
page readonly
|
|
|
|
1995000
|
unkown
|
page read and write
|
|
|
|
19F4000
|
unkown
|
page read and write
|
|
|
|
7FF58FFC4000
|
unkown image
|
page readonly
|
|
|
|
7DF5657B0000
|
unkown image
|
page readonly
|
|
|
|
1EBCB708000
|
unkown
|
page read and write
|
|
|
|
770E000
|
stack
|
page read and write
|
|
|
|
22122D90000
|
unkown image
|
page readonly
|
|
|
|
1B7B4E43000
|
unkown
|
page read and write
|
|
|
|
7FF596869000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEFE5000
|
unkown image
|
page readonly
|
|
|
|
7DF5222E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEFDD000
|
unkown image
|
page readonly
|
|
|
|
190A000
|
heap default
|
page read and write
|
|
|
|
1B7AF7B0000
|
unkown
|
page read and write
|
|
|
|
69B0000
|
unkown
|
page read and write
|
|
|
|
19B7000
|
heap default
|
page read and write
|
|
|
|
1B7B4E16000
|
unkown
|
page read and write
|
|
|
|
7FF54FD70000
|
unkown image
|
page readonly
|
|
|
|
614000
|
unkown
|
page read and write
|
|
|
|
108A000
|
unkown image
|
page readonly
|
|
|
|
7FF54FB8A000
|
unkown image
|
page readonly
|
|
|
|
259E0229000
|
unkown
|
page read and write
|
|
|
|
7DF5657A0000
|
unkown image
|
page readonly
|
|
|
|
A6654FF000
|
stack
|
page read and write
|
|
|
|
7FF596AFA000
|
unkown image
|
page readonly
|
|
|
|
7FF54FD78000
|
unkown image
|
page readonly
|
|
|
|
7FF54FB93000
|
unkown image
|
page readonly
|
|
|
|
7FF596B7B000
|
unkown image
|
page readonly
|
|
|
|
2139B202000
|
unkown
|
page read and write
|
|
|
|
7FF528CCB000
|
unkown image
|
page readonly
|
|
|
|
7FF54FD14000
|
unkown image
|
page readonly
|
|
|
|
1B7AF859000
|
unkown
|
page read and write
|
|
|
|
7FF528CCE000
|
unkown image
|
page readonly
|
|
|
|
51A767F000
|
stack
|
page read and write
|
|
|
|
288085E0000
|
unkown image
|
page readonly
|
|
|
|
1B7B4F06000
|
unkown
|
page read and write
|
|
|
|
14B0000
|
unkown image
|
page readonly
|
|
|
|
438000
|
unkown image
|
page readonly
|
|
|
|
3DF0000
|
unkown
|
page read and write
|
|
|
|
6ED08000
|
unkown image
|
page write copy
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
21E0000
|
unkown image
|
page readonly
|
|
|
|
7DF5657A2000
|
unkown image
|
page readonly
|
|
|
|
1095000
|
unkown image
|
page readonly
|
|
|
|
4B5000
|
heap default
|
page read and write
|
|
|
|
7FF5A4D2F000
|
unkown image
|
page readonly
|
|
|
|
1B7B4DEE000
|
unkown
|
page read and write
|
|
|
|
6A40000
|
unkown
|
page read and write
|
|
|
|
1E50000
|
unkown image
|
page readonly
|
|
|
|
19A1000
|
unkown
|
page read and write
|
|
|
|
198E000
|
unkown
|
page read and write
|
|
|
|
7FF5906E5000
|
unkown image
|
page readonly
|
|
|
|
7DF5BA622000
|
unkown image
|
page readonly
|
|
|
|
7FF590746000
|
unkown image
|
page readonly
|
|
|
|
7FF50C945000
|
unkown image
|
page readonly
|
|
|
|
7FF528BD7000
|
unkown image
|
page readonly
|
|
|
|
7FF50C919000
|
unkown image
|
page readonly
|
|
|
|
7FF52FE73000
|
unkown image
|
page readonly
|
|
|
|
22E0000
|
unkown image
|
page readonly
|
|
|
|
1B7B4EF5000
|
unkown
|
page read and write
|
|
|
|
16BAFE000
|
stack
|
page read and write
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
7FF50C4A9000
|
unkown image
|
page readonly
|
|
|
|
7FF54F528000
|
unkown image
|
page readonly
|
|
|
|
981000
|
unkown image
|
page execute and read and write
|
|
|
|
1949000
|
heap default
|
page read and write
|
|
|
|
7FF5A4D0D000
|
unkown image
|
page readonly
|
|
|
|
259E0302000
|
unkown
|
page read and write
|
|
|
|
7FF54FB59000
|
unkown image
|
page readonly
|
|
|
|
19AF000
|
heap default
|
page read and write
|
|
|
|
23858260000
|
unkown image
|
page read and write
|
|
|
|
7FF54FCEF000
|
unkown image
|
page readonly
|
|
|
|
7FF59697F000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9AB000
|
unkown image
|
page readonly
|
|
|
|
19E7000
|
heap default
|
page read and write
|
|
|
|
3DDF000
|
stack
|
page read and write
|
|
|
|
7FF54FD57000
|
unkown image
|
page readonly
|
|
|
|
23858468000
|
unkown
|
page read and write
|
|
|
|
1B7B0015000
|
unkown
|
page read and write
|
|
|
|
7DF5A6080000
|
unkown image
|
page readonly
|
|
|
|
19E2000
|
unkown
|
page read and write
|
|
|
|
2385843D000
|
unkown
|
page read and write
|
|
|
|
1BBA2E50000
|
unkown image
|
page readonly
|
|
|
|
1B7B4CD0000
|
unkown
|
page read and write
|
|
|
|
148D9DC0000
|
unkown image
|
page read and write
|
|
|
|
1BBA2913000
|
unkown
|
page read and write
|
|
|
|
7F6F0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FDD9000
|
unkown image
|
page readonly
|
|
|
|
7FF530030000
|
unkown image
|
page readonly
|
|
|
|
7DF5691E0000
|
unkown image
|
page readonly
|
|
|
|
7DF5A6070000
|
unkown image
|
page readonly
|
|
|
|
7DF5A6072000
|
unkown image
|
page readonly
|
|
|
|
6ED04000
|
unkown image
|
page read and write
|
|
|
|
7FF590675000
|
unkown image
|
page readonly
|
|
|
|
150B000
|
unkown
|
page read and write
|
|
|
|
7F5F0000
|
unkown image
|
page readonly
|
|
|
|
1EBCB3A0000
|
unkown image
|
page read and write
|
|
|
|
362D000
|
stack
|
page read and write
|
|
|
|
23858475000
|
unkown
|
page read and write
|
|
|
|
1EBCB4F0000
|
unkown image
|
page readonly
|
|
|
|
23858458000
|
unkown
|
page read and write
|
|
|
|
780F000
|
stack
|
page read and write
|
|
|
|
12C3000
|
unkown image
|
page write copy
|
|
|
|
21D0000
|
heap private
|
page read and write
|
|
|
|
1B7B4EF7000
|
unkown
|
page read and write
|
|
|
|
19EF000
|
heap default
|
page read and write
|
|
|
|
199F000
|
unkown
|
page read and write
|
|
|
|
1EBCB700000
|
unkown
|
page read and write
|
|
|
|
2300000
|
heap private
|
page read and write
|
|
|
|
8DF000
|
stack
|
page read and write
|
|
|
|
435000
|
unkown image
|
page read and write
|
|
|
|
7FF5283AD000
|
unkown image
|
page readonly
|
|
|
|
23858442000
|
unkown
|
page read and write
|
|
|
|
7FF59073F000
|
unkown image
|
page readonly
|
|
|
|
23858484000
|
unkown
|
page read and write
|
|
|
|
7DF4E2870000
|
unkown image
|
page readonly
|
|
|
|
1EBCB3F0000
|
unkown image
|
page readonly
|
|
|
|
7FF50C8D7000
|
unkown image
|
page readonly
|
|
|
|
259E0190000
|
unkown image
|
page readonly
|
|
|
|
7DF5657A0000
|
unkown image
|
page readonly
|
|
|
|
7FF52FF99000
|
unkown image
|
page readonly
|
|
|
|
7FF59077D000
|
unkown image
|
page readonly
|
|
|
|
75D0000
|
unkown
|
page read and write
|
|
|
|
7FF5283AF000
|
unkown image
|
page readonly
|
|
|
|
22122EBB000
|
unkown
|
page read and write
|
|
|
|
2139AA70000
|
unkown
|
page read and write
|
|
|
|
7FF596BAF000
|
unkown image
|
page readonly
|
|
|
|
5FD000
|
unkown
|
page read and write
|
|
|
|
1292000
|
unkown image
|
page write copy
|
|
|
|
E0CEBFE000
|
stack
|
page read and write
|
|
|
|
1B7B4E00000
|
unkown
|
page read and write
|
|
|
|
7DF545952000
|
unkown image
|
page readonly
|
|
|
|
4AE000
|
stack
|
page read and write
|
|
|
|
98F000
|
unkown image
|
page execute and write copy
|
|
|
|
614000
|
unkown
|
page read and write
|
|
|
|
61E000
|
unkown
|
page read and write
|
|
|
|
1290000
|
unkown image
|
page write copy
|
|
|
|
12CD000
|
unkown image
|
page read and write
|
|
|
|
7FF54F635000
|
unkown image
|
page readonly
|
|
|
|
12FE000
|
unkown image
|
page read and write
|
|
|
|
8630000
|
heap private
|
page read and write
|
|
|
|
16B87B000
|
unkown
|
page read and write
|
|
|
|
7DF443820000
|
unkown image
|
page readonly
|
|
|
|
7FF54FDE3000
|
unkown image
|
page readonly
|
|
|
|
238582D0000
|
heap default
|
page read and write
|
|
|
|
1B7B4EF9000
|
unkown
|
page read and write
|
|
|
|
2139A9A0000
|
unkown image
|
page readonly
|
|
|
|
16BFFD000
|
stack
|
page read and write
|
|
|
|
7FF54FB5F000
|
unkown image
|
page readonly
|
|
|
|
19D9000
|
unkown
|
page read and write
|
|
|
|
7FF50C82F000
|
unkown image
|
page readonly
|
|
|
|
672F27E000
|
stack
|
page read and write
|
|
|
|
7FF528C98000
|
unkown image
|
page readonly
|
|
|
|
7FF530026000
|
unkown image
|
page readonly
|
|
|
|
140C000
|
unkown image
|
page readonly
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
7FF5538C0000
|
unkown image
|
page readonly
|
|
|
|
1B7AF8AE000
|
unkown
|
page read and write
|
|
|
|
7DF5BA630000
|
unkown image
|
page readonly
|
|
|
|
23858502000
|
unkown
|
page read and write
|
|
|
|
23858465000
|
unkown
|
page read and write
|
|
|
|
1EBCB713000
|
unkown
|
page read and write
|
|
|
|
148D9E30000
|
heap default
|
page read and write
|
|
|
|
51A7DFA000
|
stack
|
page read and write
|
|
|
|
1091000
|
unkown image
|
page readonly
|
|
|
|
672F37E000
|
stack
|
page read and write
|
|
|
|
12EB000
|
unkown image
|
page write copy
|
|
|
|
1BBA2800000
|
unkown
|
page read and write
|
|
|
|
7FF528A7D000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE58000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE9F000
|
unkown image
|
page readonly
|
|
|
|
16BDFE000
|
stack
|
page read and write
|
|
|
|
7FF55381D000
|
unkown image
|
page readonly
|
|
|
|
7FF5906B5000
|
unkown image
|
page readonly
|
|
|
|
2139ACD0000
|
unkown image
|
page readonly
|
|
|
|
23858441000
|
unkown
|
page read and write
|
|
|
|
28808D80000
|
unkown image
|
page readonly
|
|
|
|
148DA05C000
|
unkown
|
page read and write
|
|
|
|
2385847E000
|
unkown
|
page read and write
|
|
|
|
7FF53005F000
|
unkown image
|
page readonly
|
|
|
|
7FF50C8EC000
|
unkown image
|
page readonly
|
|
|
|
259E01F0000
|
unkown image
|
page readonly
|
|
|
|
19A000
|
unkown
|
page read and write
|
|
|
|
259E024D000
|
unkown
|
page read and write
|
|
|
|
1B7B5100000
|
unkown
|
page read and write
|
|
|
|
6EC22000
|
unkown image
|
page readonly
|
|
|
|
199D000
|
unkown
|
page read and write
|
|
|
|
7FF5A4CE8000
|
unkown image
|
page readonly
|
|
|
|
23858462000
|
unkown
|
page read and write
|
|
|
|
7FF54FA27000
|
unkown image
|
page readonly
|
|
|
|
1B7AF842000
|
unkown
|
page read and write
|
|
|
|
51A7AFF000
|
stack
|
page read and write
|
|
|
|
1BBA2AD0000
|
unkown image
|
page readonly
|
|
|
|
980000
|
unkown image
|
page readonly
|
|
|
|
22123602000
|
unkown
|
page read and write
|
|
|
|
2D20000
|
unkown
|
page read and write
|
|
|
|
7FF5538DE000
|
unkown image
|
page readonly
|
|
|
|
A6653FF000
|
stack
|
page read and write
|
|
|
|
1520000
|
unkown image
|
page readonly
|
|
|
|
1B7AF88D000
|
unkown
|
page read and write
|
|
|
|
2880886C000
|
unkown
|
page read and write
|
|
|
|
A6651FE000
|
stack
|
page read and write
|
|
|
|
E0CECF7000
|
stack
|
page read and write
|
|
|
|
7FF5538D4000
|
unkown image
|
page readonly
|
|
|
|
7FF5284EF000
|
unkown image
|
page readonly
|
|
|
|
7FEB0000
|
unkown image
|
page readonly
|
|
|
|
1B7B0C60000
|
unkown
|
page read and write
|
|
|
|
7FF596A2E000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4A46000
|
unkown image
|
page readonly
|
|
|
|
12EE000
|
unkown image
|
page read and write
|
|
|
|
7FF54FE6E000
|
unkown image
|
page readonly
|
|
|
|
148DA03D000
|
unkown
|
page read and write
|
|
|
|
28808913000
|
unkown
|
page read and write
|
|
|
|
22123000000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEE4D000
|
unkown image
|
page readonly
|
|
|
|
259E0300000
|
unkown
|
page read and write
|
|
|
|
7FF528BEC000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9BD000
|
unkown image
|
page readonly
|
|
|
|
7DF5E49A2000
|
unkown image
|
page readonly
|
|
|
|
7DF5E49B2000
|
unkown image
|
page readonly
|
|
|
|
99000
|
unkown
|
page read and write
|
|
|
|
28808855000
|
unkown
|
page read and write
|
|
|
|
7FF528BF8000
|
unkown image
|
page readonly
|
|
|
|
199A000
|
unkown
|
page read and write
|
|
|
|
A05250C000
|
unkown
|
page read and write
|
|
|
|
7DF5BA620000
|
unkown image
|
page readonly
|
|
|
|
7FF590738000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9DF000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C69000
|
unkown image
|
page readonly
|
|
|
|
216E000
|
stack
|
page read and write
|
|
|
|
7DF545962000
|
unkown image
|
page readonly
|
|
|
|
28808877000
|
unkown
|
page read and write
|
|
|
|
7FF59022F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4D1B000
|
unkown image
|
page readonly
|
|
|
|
22122E29000
|
unkown
|
page read and write
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
7FF5CF094000
|
unkown image
|
page readonly
|
|
|
|
7FF54FD93000
|
unkown image
|
page readonly
|
|
|
|
199B000
|
unkown
|
page read and write
|
|
|
|
148DA590000
|
unkown
|
page read and write
|
|
|
|
7FF5CEFF3000
|
unkown image
|
page readonly
|
|
|
|
7DF5657A2000
|
unkown image
|
page readonly
|
|
|
|
7FF5538A8000
|
unkown image
|
page readonly
|
|
|
|
7FF528CDF000
|
unkown image
|
page readonly
|
|
|
|
D00000
|
unkown image
|
page readonly
|
|
|
|
148DA013000
|
unkown
|
page read and write
|
|
|
|
1B7B0118000
|
unkown
|
page read and write
|
|
|
|
1B7B4EAE000
|
unkown
|
page read and write
|
|
|
|
7FF590764000
|
unkown image
|
page readonly
|
|
|
|
7DF5E49B0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C7A000
|
unkown image
|
page readonly
|
|
|
|
7FF52F72B000
|
unkown image
|
page readonly
|
|
|
|
7FF50C9A6000
|
unkown image
|
page readonly
|
|
|
|
7FF52FE2E000
|
unkown image
|
page readonly
|
|
|
|
259E01C0000
|
unkown image
|
page readonly
|
|
|
|
22122E70000
|
unkown
|
page read and write
|
|
|
|
1091000
|
unkown image
|
page readonly
|
|
|
|
51A7FFE000
|
stack
|
page read and write
|
|
|
|
7FF54F94F000
|
unkown image
|
page readonly
|
|
|
|
7FF54FBF0000
|
unkown image
|
page readonly
|
|
|
|
1BBA2E60000
|
unkown image
|
page readonly
|
|
|
|
11AD000
|
unkown image
|
page readonly
|
|
|
|
1B7AFAD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4BDD000
|
unkown image
|
page readonly
|
|
|
|
22123380000
|
unkown image
|
page readonly
|
|
|
|
7F702000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEFC8000
|
unkown image
|
page readonly
|
|
|
|
1B7B4F04000
|
unkown
|
page read and write
|
|
|
|
1B7B5140000
|
unkown
|
page read and write
|
|
|
|
7FF5A4D2D000
|
unkown image
|
page readonly
|
|
|
|
7FF52FB23000
|
unkown image
|
page readonly
|
|
|
|
15D5000
|
heap default
|
page read and write
|
|
|
|
7DF4B84F0000
|
unkown image
|
page readonly
|
|
|
|
7FF50C90D000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4CFB000
|
unkown image
|
page readonly
|
|
|
|
7DF5222E0000
|
unkown image
|
page readonly
|
|
|
|
23858444000
|
unkown
|
page read and write
|
|
|
|
7DF53E5E0000
|
unkown image
|
page readonly
|
|
|
|
7DF5E49C0000
|
unkown image
|
page readonly
|
|
|
|
288085D0000
|
heap private
|
page read and write
|
|
|
|
13F5000
|
unkown image
|
page readonly
|
|
|
|
40A000
|
unkown image
|
page write copy
|
|
|
|
2139AA51000
|
unkown
|
page read and write
|
|
|
|
6BE557E000
|
stack
|
page read and write
|
|
|
|
7FF54FDD5000
|
unkown image
|
page readonly
|
|
|
|
6ED0A000
|
unkown image
|
page read and write
|
|
|
|
259E024F000
|
unkown
|
page read and write
|
|
|
|
1B7AFE60000
|
unkown image
|
page readonly
|
|
|
|
23858431000
|
unkown
|
page read and write
|
|
|
|
2139AA4B000
|
unkown
|
page read and write
|
|
|
|
7DF5A6072000
|
unkown image
|
page readonly
|
|
|
|
7FF596A9C000
|
unkown image
|
page readonly
|
|
|
|
1402000
|
unkown image
|
page readonly
|
|
|
|
28808E02000
|
unkown
|
page read and write
|
|
|
|
7FF53004B000
|
unkown image
|
page readonly
|
|
|
|
7DF5AC4B0000
|
unkown image
|
page readonly
|
|
|
|
2139AA00000
|
unkown
|
page read and write
|
|
|
|
1970000
|
unkown
|
page read and write
|
|
|
|
19DC000
|
unkown
|
page read and write
|
|
|
|
19E7000
|
unkown
|
page read and write
|
|
|
|
7DF5A6082000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE9B000
|
unkown image
|
page readonly
|
|
|
|
148DA5C0000
|
unkown
|
page read and write
|
|
|
|
191B000
|
heap default
|
page read and write
|
|
|
|
1EBCB68B000
|
unkown
|
page read and write
|
|
|
|
2139AA55000
|
unkown
|
page read and write
|
|
|
|
7FF5A4CEF000
|
unkown image
|
page readonly
|
|
|
|
11AD000
|
unkown image
|
page readonly
|
|
|
|
1215000
|
unkown image
|
page readonly
|
|
|
|
7DF53E5E2000
|
unkown image
|
page readonly
|
|
|
|
7FFC2000
|
unkown image
|
page readonly
|
|
|
|
5220000
|
heap private
|
page read and write
|
|
|
|
148DA102000
|
unkown
|
page read and write
|
|
|
|
610000
|
unkown
|
page read and write
|
|
|
|
3A7C000
|
stack
|
page read and write
|
|
|
|
7FF50C693000
|
unkown image
|
page readonly
|
|
|
|
A58897B000
|
stack
|
page read and write
|
|
|
|
984000
|
unkown image
|
page execute and read and write
|
|
|
|
1B7B4E31000
|
unkown
|
page read and write
|
|
|
|
5CE000
|
stack
|
page read and write
|
|
|
|
2139AA52000
|
unkown
|
page read and write
|
|
|
|
6ED21000
|
unkown image
|
page readonly
|
|
|
|
798E000
|
stack
|
page read and write
|
|
|
|
7FF50C4A3000
|
unkown image
|
page readonly
|
|
|
|
60D000
|
unkown
|
page read and write
|
|
|
|
23858400000
|
unkown
|
page read and write
|
|
|
|
7FF528C23000
|
unkown image
|
page readonly
|
|
|
|
259E0190000
|
unkown image
|
page readonly
|
|
|
|
2050000
|
unkown image
|
page readonly
|
|
|
|
7FF590654000
|
unkown image
|
page readonly
|
|
|
|
7FF5905A2000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7FF528C9F000
|
unkown image
|
page readonly
|
|
|
|
7DF5A6080000
|
unkown image
|
page readonly
|
|
|
|
16C07E000
|
stack
|
page read and write
|
|
|
|
7FF54F630000
|
unkown image
|
page readonly
|
|
|
|
1367000
|
unkown image
|
page read and write
|
|
|
|
28808A00000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE84000
|
unkown image
|
page readonly
|
|
|
|
5E8000
|
heap default
|
page read and write
|
|
|
|
7FF50C92A000
|
unkown image
|
page readonly
|
|
|
|
A6655FF000
|
stack
|
page read and write
|
|
|
|
23858457000
|
unkown
|
page read and write
|
|
|
|
238583D0000
|
unkown
|
page read and write
|
|
|
|
1510000
|
unkown image
|
page readonly
|
|
|
|
7DF5222E2000
|
unkown image
|
page readonly
|
|
|
|
A588DFB000
|
stack
|
page read and write
|
|
|
|
7FF50C9B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5BA632000
|
unkown image
|
page readonly
|
|
|
|
16BB7E000
|
stack
|
page read and write
|
|
|
|
1969000
|
unkown
|
page read and write
|
|
|
|
118B000
|
unkown image
|
page readonly
|
|
|
|
7FF59683A000
|
unkown image
|
page readonly
|
|
|
|
1B7AF730000
|
unkown image
|
page readonly
|
|
|
|
6E941000
|
unkown image
|
page execute read
|
|
|
|
7E10000
|
unkown image
|
page readonly
|
|
|
|
7FF596A92000
|
unkown image
|
page readonly
|
|
|
|
970000
|
heap private
|
page read and write
|
|
|
|
7DF5AC4A0000
|
unkown image
|
page readonly
|
|
|
|
A664EFE000
|
stack
|
page read and write
|
|
|
|
7FF5CEFA7000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEEFF000
|
unkown image
|
page readonly
|
|
|
|
2139AB13000
|
unkown
|
page read and write
|
|
|
|
23858460000
|
unkown
|
page read and write
|
|
|
|
148DA002000
|
unkown
|
page read and write
|
|
|
|
2139AEE0000
|
unkown image
|
page readonly
|
|
|
|
74CA000
|
stack
|
page read and write
|
|
|
|
119B000
|
unkown image
|
page readonly
|
|
|
|
32A000
|
unkown
|
page read and write
|
|
|
|
7F60000
|
unkown
|
page read and write
|
|
|
|
51A78FF000
|
stack
|
page read and write
|
|
|
|
22122ECA000
|
unkown
|
page read and write
|
|
|
|
7FF590687000
|
unkown image
|
page readonly
|
|
|
|
7FF50C52F000
|
unkown image
|
page readonly
|
|
|
|
197A000
|
unkown
|
page read and write
|
|
|
|
61E000
|
unkown
|
page read and write
|
|
|
|
7FF59077F000
|
unkown image
|
page readonly
|
|
|
|
3AB0000
|
unkown
|
page read and write
|
|
|
|
1BBA27C0000
|
heap default
|
page read and write
|
|
|
|
2880885C000
|
unkown
|
page read and write
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
A664CFF000
|
stack
|
page read and write
|
|
|
|
7FF54FA20000
|
unkown image
|
page readonly
|
|
|
|
1EBCBA00000
|
unkown image
|
page readonly
|
|
|
|
2385847B000
|
unkown
|
page read and write
|
|
|
|
7FF5CEF05000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEE7E000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE9F000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4C12000
|
unkown image
|
page readonly
|
|
|
|
23858449000
|
unkown
|
page read and write
|
|
|
|
1B7B4CC0000
|
unkown
|
page read and write
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
1B7B4E23000
|
unkown
|
page read and write
|
|
|
|
259E0200000
|
unkown
|
page read and write
|
|
|
|
51A7CFD000
|
stack
|
page read and write
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
1B7B0159000
|
unkown
|
page read and write
|
|
|
|
7FF52FF8D000
|
unkown image
|
page readonly
|
|
|
|
51A79FE000
|
stack
|
page read and write
|
|
|
|
7FF5CF09E000
|
unkown image
|
page readonly
|
|
|
|
1B7AFFF0000
|
unkown
|
page read and write
|
|
|
|
7DF565792000
|
unkown image
|
page readonly
|
|
|
|
E0CEEFF000
|
stack
|
page read and write
|
|
|
|
5E0000
|
heap default
|
page read and write
|
|
|
|
28808710000
|
unkown image
|
page readonly
|
|
|
|
A588BFF000
|
stack
|
page read and write
|
|
|
|
23858446000
|
unkown
|
page read and write
|
|
|
|
387B07F000
|
stack
|
page read and write
|
|
|
|
7FF54FD74000
|
unkown image
|
page readonly
|
|
|
|
52F0000
|
unkown
|
page read and write
|
|
|
|
7FF5CF08D000
|
unkown image
|
page readonly
|
|
|
|
7FF5538EF000
|
unkown image
|
page readonly
|
|
|
|
7DF5222D2000
|
unkown image
|
page readonly
|
|
|
|
7FF590677000
|
unkown image
|
page readonly
|
|
|
|
2139AA8F000
|
unkown
|
page read and write
|
|
|
|
259E0252000
|
unkown
|
page read and write
|
|
|
|
7FF5905FE000
|
unkown image
|
page readonly
|
|
|
|
1BBA2902000
|
unkown
|
page read and write
|
|
|
|
7DF5E49C0000
|
unkown image
|
page readonly
|
|
|
|
1981000
|
heap default
|
page read and write
|
|
|
|
7FF50C915000
|
unkown image
|
page readonly
|
|
|
|
5230000
|
unkown image
|
page readonly
|
|
|
|
7FF596ADD000
|
unkown image
|
page readonly
|
|
|
|
19A5000
|
unkown
|
page read and write
|
|
|
|
7FF5902DE000
|
unkown image
|
page readonly
|
|
|
|
2139AED0000
|
unkown image
|
page readonly
|
|
|
|
28808802000
|
unkown
|
page read and write
|
|
|
|
2139A980000
|
unkown image
|
page read and write
|
|
|
|
259E0170000
|
unkown image
|
page read and write
|
|
|
|
A052B77000
|
stack
|
page read and write
|
|
|
|
12DD000
|
unkown image
|
page write copy
|
|
|
|
2385843A000
|
unkown
|
page read and write
|
|
|
|
7FF528CB0000
|
unkown image
|
page readonly
|
|
|
|
7FF596942000
|
unkown image
|
page readonly
|
|
|
|
A664DFC000
|
stack
|
page read and write
|
|
|
|
22122EE1000
|
unkown
|
page read and write
|
|
|
|
7FF590512000
|
unkown image
|
page readonly
|
|
|
|
7DF5BA620000
|
unkown image
|
page readonly
|
|
|
|
6ED0C000
|
unkown image
|
page read and write
|
|
|
|
7FF553825000
|
unkown image
|
page readonly
|
|
|
|
1B7B0159000
|
unkown
|
page read and write
|
|
|
|
7FF54FA0B000
|
unkown image
|
page readonly
|
|
|
|
7FF5CEEC3000
|
unkown image
|
page readonly
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
A05287E000
|
stack
|
page read and write
|
|
|
|
7FF52FF6C000
|
unkown image
|
page readonly
|
|
|
|
22122C40000
|
unkown image
|
page read and write
|
|
|
|
3639000
|
heap private
|
page read and write
|
|
|
|
14A0000
|
unkown image
|
page read and write
|
|
|
|
7FF5537D3000
|
unkown image
|
page readonly
|
|
|
|
22123200000
|
unkown image
|
page readonly
|
|
|
|
7E20000
|
stack
|
page read and write
|
|
|
|
23858463000
|
unkown
|
page read and write
|
|
|
|
18F9000
|
unkown
|
page read and write
|
|
|
|
13E9000
|
unkown image
|
page readonly
|
|
|
|
1B7AF891000
|
unkown
|
page read and write
|
|
|
|
7FF52FD13000
|
unkown image
|
page readonly
|
|
|
|
1B7B4EFD000
|
unkown
|
page read and write
|
|
|
|
A588FFF000
|
stack
|
page read and write
|
|
|
|
7FF50C77D000
|
unkown image
|
page readonly
|
|
|
|
7DF5691F2000
|
unkown image
|
page readonly
|
|
|
|
19DF000
|
unkown
|
page read and write
|
|
|
|
7FF54FC53000
|
unkown image
|
page readonly
|
|
|
|
E0CE87B000
|
unkown
|
page read and write
|
|
|
|
2139A990000
|
heap private
|
page read and write
|
|
|
|
1B7B4E87000
|
unkown
|
page read and write
|
|
|
|
23858437000
|
unkown
|
page read and write
|
|
|
|
7FF54FBC3000
|
unkown image
|
page readonly
|
|
|
|
7FF5A4574000
|
unkown image
|
page readonly
|
|
|
|
16BEFD000
|
stack
|
page read and write
|
|
|
|
22123700000
|
unkown
|
page read and write
|
|
|
|
7DF5657B0000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE66000
|
unkown image
|
page readonly
|
|
|
|
28808841000
|
unkown
|
page read and write
|
|
|
|
600000
|
heap default
|
page read and write
|
|
|
|
288085C0000
|
unkown image
|
page read and write
|
|
|
|
69C0000
|
unkown
|
page read and write
|
|
|
|
19E2000
|
heap default
|
page read and write
|
|
|
|
7FF590596000
|
unkown image
|
page readonly
|
|
|
|
7DF545970000
|
unkown image
|
page readonly
|
|
|
|
7FF53005F000
|
unkown image
|
page readonly
|
|
|
|
7FF596BAF000
|
unkown image
|
page readonly
|
|
|
|
7FF54FBC1000
|
unkown image
|
page readonly
|
|
|
|
19A5000
|
unkown
|
page read and write
|
|
|
|
23858C02000
|
unkown
|
page read and write
|
|
|
|
976000
|
heap private
|
page read and write
|
|
|
|
7DF43C4A0000
|
unkown image
|
page readonly
|
|
|
|
1BBA2CD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5968B7000
|
unkown image
|
page readonly
|
|
|
|
28808902000
|
unkown
|
page read and write
|
|
|
|
7DF569200000
|
unkown image
|
page readonly
|
|
|
|
7FF54FE7D000
|
unkown image
|
page readonly
|
|
|
|
19F7000
|
heap default
|
page read and write
|
|
There are 1213 hidden memdumps, click here to show them.