IOC Report
RE_iRecord_Installer.msi

loading gif

Files

File Path
Type
Category
Malicious
RE_iRecord_Installer.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: iRecord, Author: CSC, Keywords: Installer, Comments: Published by CSC. Email csc-help@cscglobal.com for Questions., Template: Intel;1033, Revision Number: {152FDDD3-47D2-4FCB-98AD-A21852A58929}, Create Time/Date: Wed Mar 23 20:26:58 2022, Last Saved Time/Date: Wed Mar 23 20:26:58 2022, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 2
initial sample
C:\Config.Msi\3e4f5b.rbs
data
modified
C:\Users\user\AppData\Local\Programs\CSC\iRecord\BarcodeLib.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\ClearScript.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.barcode.1d.reader.64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.barcode.1d.reader.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.filters.64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.filters.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.image.gdimgplug.64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.image.gdimgplug.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.jbig2.encoder.64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\GdPicture.NET.12.jbig2.encoder.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Hexasoft.Zxcvbn.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Hexasoft.Zxcvbn.pdb
MSVC program database ver 7.00, 512*59 bytes
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\JavaScriptEngineSwitcher.Core.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\JavaScriptEngineSwitcher.V8.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Microsoft.ReportViewer.Common.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Microsoft.ReportViewer.DataVisualization.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Microsoft.ReportViewer.ProcessingObjectModel.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Microsoft.ReportViewer.WebForms.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Microsoft.ReportViewer.WebForms.xml
XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Microsoft.ReportViewer.WinForms.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\ScintillaNET FindReplaceDialog.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\ScintillaNET.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\ScintillaNET.xml
XML 1.0 document, UTF-8 Unicode text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Signature.XmlSerializers.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Signature.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\System.Net.Http.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\System.Windows.Controls.DataVisualization.Toolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\System.Windows.Controls.DataVisualization.Toolkit.xml
XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\System.Windows.Controls.Input.Toolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\System.Windows.Controls.Layout.Toolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\WPFToolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.AvalonDock.Themes.Aero.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.AvalonDock.Themes.Expression.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.AvalonDock.Themes.Expression.pdb
MSVC program database ver 7.00, 512*63 bytes
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.AvalonDock.Themes.Metro.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.AvalonDock.Themes.VS2010.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.AvalonDock.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.DataGrid.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\Xceed.Wpf.Toolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord.Common.XmlSerializers.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord.Common.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord.Core.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecordBO.XmlSerializers.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecordBO.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord_WPF.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord_WPF.exe.config
XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord_WPF.exe.manifest
XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, LF line terminators
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\jint.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Programs\CSC\iRecord\zxcvbn.net.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\MSI4103.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Roaming\Microsoft\Installer\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}\iRecord.ico
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CSC\CSC iRecord.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Wed Mar 23 22:26:54 2022, mtime=Sat May 28 02:19:37 2022, atime=Wed Mar 23 22:26:54 2022, length=7406080, window=hide
dropped
C:\Users\user\Desktop\CSC iRecord.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Archive, ctime=Wed Mar 23 22:26:54 2022, mtime=Sat May 28 02:19:37 2022, atime=Wed Mar 23 22:26:54 2022, length=7406080, window=hide
dropped
C:\Windows\Installer\3e4f5a.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: iRecord, Author: CSC, Keywords: Installer, Comments: Published by CSC. Email csc-help@cscglobal.com for Questions., Template: Intel;1033, Revision Number: {152FDDD3-47D2-4FCB-98AD-A21852A58929}, Create Time/Date: Wed Mar 23 20:26:58 2022, Last Saved Time/Date: Wed Mar 23 20:26:58 2022, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 2
dropped
C:\Windows\Installer\3e4f5c.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: iRecord, Author: CSC, Keywords: Installer, Comments: Published by CSC. Email csc-help@cscglobal.com for Questions., Template: Intel;1033, Revision Number: {152FDDD3-47D2-4FCB-98AD-A21852A58929}, Create Time/Date: Wed Mar 23 20:26:58 2022, Last Saved Time/Date: Wed Mar 23 20:26:58 2022, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 2
dropped
C:\Windows\Installer\MSI698A.tmp
data
dropped
C:\Windows\Installer\SourceHash{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\inprogressinstallinfo.ipi
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
dropped
C:\Windows\Temp\~DF170E0BA94479F3D4.TMP
data
dropped
C:\Windows\Temp\~DF2B6CA314E64CFCAF.TMP
data
dropped
C:\Windows\Temp\~DF3D0A1F559312791D.TMP
data
dropped
C:\Windows\Temp\~DF45EDC06B6870A1DF.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF4EEB3C2A0EFB1260.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF6A82DB31D22522C0.TMP
data
dropped
C:\Windows\Temp\~DF9C089A12CD524806.TMP
data
dropped
C:\Windows\Temp\~DFA264E91955F0F9BB.TMP
data
dropped
C:\Windows\Temp\~DFBB1896EEEADE2A86.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DFCC7FD97F2AC2B8FF.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DFCF776D88B734425A.TMP
data
dropped
C:\Windows\Temp\~DFFD954F6991C0C478.TMP
Composite Document File V2 Document, Cannot read section info
dropped
There are 64 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\RE_iRecord_Installer.msi"
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 5E1FB7355188E254823CE3315A71CFED C
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord_WPF.exe
C:\Users\user\AppData\Local\Programs\CSC\iRecord\iRecord_WPF.exe

URLs

Name
IP
Malicious
http://irecord.ingeo.com/SendOnboardingEmailT
unknown
http://www.ingeo.com/AvailableCommandsT
unknown
https://irecord.ingeo.com/irecord_service/SignatureService/SignatureService.svc
unknown
http://irecord.ingeo.com/LoginT
unknown
http://icongal.com/
unknown
http://www.gemedicalsystems.com/it_solutions/rad_pacs/
unknown
http://irecord.ingeo.com/Y
unknown
http://tempuri.org/IConfigurationWebService/GetConnectorTransactionXmlByCountyGuidAndErIDT
unknown
https://ocp.cscglobal.com/cdn/gateway/csc/csc-white-logo.png
unknown
http://tempuri.org/IConfigurationWebService/GetDemoXmlResponse
unknown
https://www.ic-secure.com/ROD_WebServices/ROD.WebService.SynchData/Service.asmx
unknown
https://irecord-uat.erecording.com/irecord_service/DataService/iRecordDataService.asmx
unknown
https://irecord-dev.erecording.com/irecord_service/DataService/iRecordDataService.asmx
unknown
http://10.98.134.15/isubmitservice/isubmit.asmx
unknown
http://irecord.ingeo.com/SendForgotPasswordEmailT
unknown
https://irecordbeta.ingeo.com/irecord_service/DataService/iRecordDataService.asmx
unknown
http://schemas.datacontract.org/2004/07/iRecord.Common.DTOsI
unknown
http://www.ingeo.com/TU
unknown
http://irecord.ingeo.com/Q
unknown
http://irecord.ingeo.com/SendEmailT
unknown
http://irecord.ingeo.com/T
unknown
http://tempuri.org/IConfigurationWebService/IsValidFileTypeT
unknown
https://ocp.cscglobal.com/cdn/gateway/csc/logo-csc-ingeo.png
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://www.gemedicalsystems.com/it_solutions/orthoview/2.1
unknown
http://schemas.xceed.com/wpf/xaml/datagrid
unknown
http://irecord.ingeo.com/ValidateSessionGuidT
unknown
https://ocp.cscglobal.com/cdn/gateway/csc/favicon.ico
unknown
https://irecord.ingeo.com/irecord_service/iSubmitService/iSubmit.asmx
unknown
http://tempuri.org/IConfigurationWebService/MigrateOrganizationConfigurationsT
unknown
http://irecord.ingeo.com/SendTrusteeServicesNotificationEmailT
unknown
http://tempuri.org/IConfigurationWebService/IsValidFileTypeResponse
unknown
https://irecord.ingeo.com/irecord_service/ConfigurationService/ConfigurationWebService.svc
unknown
http://tempuri.org/IConfigurationWebService/MigrateOrganizationConfigurationsResponse
unknown
https://irecord.ingeo.com/landing/assets/downloads
unknown
https://irecord.ingeo.com/irecord_service/isubmitservice/isubmit.asmx
unknown
https://ocp.cscglobal.com/
unknown
https://apps.erecording.com/Portal
unknown
https://irecord.ingeo.com/irecord_service/DataService/iRecordDataService.asmx
unknown
https://ocp.cscglobal.com/cdn/gateway/csc/ere-solutions-375.png
unknown
http://tempuri.org/IConfigurationWebService/InsertOrUpdateDemoXmlT
unknown
https://irecordbeta.ingeo.com/irecord_service/SignatureService/SignatureService.svc
unknown
http://172.17.3.125/DocConverter/DocConverter.svc
unknown
https://ocp.cscglobal.com/cdn/gateway/csc/csc-logo-erecording.pngXUa
unknown
https://www.ic-secure.com/ROD_WebServices/ROD.WebService.SynchData/Service.asmx/
unknown
https://ocp.cscglobal.com/cdn/gateway/csc/csc-logo-erecording.png
205.234.175.175
http://irecord.ingeo.com/GetUserFromSessionT
unknown
http://schemas.xceed.com/wpf/xaml/avalondock
unknown
https://www.ic-secure.com/ROD_WebServices/ROD.WebService.ProcessInstrument/Service.asmx
unknown
http://irecord.ingeo.com/DeleteSessionT
unknown
http://foo/usercontrols/usercontrol_password.xaml
unknown
http://irecord.ingeo.com/LoginWithDuoT
unknown
https://irecord-uat.erecording.com/irecord_service/ConfigurationService/ConfigurationWebService.svc
unknown
http://irecord.ingeo.com/IsUserUniqueT
unknown
http://defaultcontainer/iRecord_WPF;component/usercontrols/usercontrol_password.xaml
unknown
http://www.ingeo.com/CommandT
unknown
http://irecord.ingeo.com/UpdatePasswordT
unknown
http://www.ingeo.com/T
unknown
http://tempuri.org/IConfigurationWebService/GetNextTransactionIDT
unknown
http://tempuri.org/IConfigurationWebService/GetNextePrepareIDResponse#
unknown
http://schemas.xceed.com/wpf/xaml/toolkit
unknown
http://tempuri.org/IConfigurationWebService/GetNextTransactionIDResponse
unknown
http://www.ingeo.com/2001/v2/documents
unknown
http://foo/bar/usercontrols/usercontrol_password.baml
unknown
http://tempuri.org/IConfigurationWebService/GetDemoXmlT
unknown
https://irecordbeta.ingeo.com/irecord_service/ConfigurationService/ConfigurationWebService.svc
unknown
http://tempuri.org/IConfigurationWebService/CopyOrganizationConfigurationsEnvToEnvResponse
unknown
http://www.ingeo.com/#
unknown
http://irecord.ingeo.com/GetLatestVersionT
unknown
http://tempuri.org/IConfigurationWebService/GetNextePrepareIDResponse
unknown
http://www.countyaccess.com/ROD_WebServices/ROD.WebService.SynchData/Service.asmx
unknown
http://www.w3.o
unknown
http://www.fonts.com
unknown
http://www.ingeo.com/)
unknown
http://tempuri.org/IConfigurationWebService/GetNextePrepareIDT
unknown
https://www.ic-secure.com/ROD_WebServices/ROD.WebService.ProcessInstrument/Service.asmxT
unknown
http://tempuri.org/IConfigurationWebService/CopyOrganizationConfigurationsEnvToEnvT
unknown
http://irecord.ingeo.com/UnimpersonateUserT
unknown
http://schemas.datacontract.org/2004/07/iRecord_Server
unknown
https://irecord-dev.erecording.com/irecord_service/SignatureService/SignatureService.svc
unknown
http://www.ingeo.com/Command
unknown
https://irecord.ingeo.com/irecord_service/isubmitservice/isubmit.asmxYE-a
unknown
http://irecord.ingeo.com/ValidateResetGuidT
unknown
http://irecord.ingeo.com/PushStatusT
unknown
http://www.ingeo.com/SendEmail
unknown
https://irecord-uat.erecording.com/irecord_service/SignatureService/SignatureService.svc
unknown
http://irecord.ingeo.com/-
unknown
https://irecord-dev.erecording.com/irecord_service/ConfigurationService/ConfigurationWebService.svc
unknown
http://tempuri.org/IConfigurationWebService/InsertOrUpdateDemoXmlResponse
unknown
http://irecord.ingeo.com/SendEmailAboutUpdatedEmailT
unknown
http://schemas.datacontract.org/2004/07/iRecord.Common.DTOs
unknown
http://www.ingeo.com/c
unknown
http://www.gemedicalsystems.com/it_solutions/bamwallthickness/1.0
unknown
http://irecord.ingeo.com/UpdateAttachmentImagesT
unknown
http://schemas.datacontract.org/2004/07/iRecord_Server.ConfigurationServicec
unknown
http://www.countyaccess.com/ROD_WebServices/ROD.WebService.ProcessInstrument/Service.asmx
unknown
https://apps.erecording.com/Portal#Reports/Main.xaml
unknown
http://www.ingeo.com/AvailableCommands
unknown
http://irecord.ingeo.com/ImpersonateUserT
unknown
http://tempuri.org/IConfigurationWebService/GetConnectorTransactionXmlByCountyGuidAndErIDResponse
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
vip1.g5.cachefly.net
205.234.175.175
ocp.cscglobal.com
unknown

IPs

IP
Domain
Country
Malicious
205.234.175.175
vip1.g5.cachefly.net
United States

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
Sequence
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Config.Msi\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\3e4f5b.rbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\3e4f5b.rbsLow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\E74A29E5236627D568B288319BD7889D
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\ED2A1D39A2F247F51934343AE8812560
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\031797E62F95A36458EF9017719DA102
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\0928325693466E3489F1DD4CDCE2DF17
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC289F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC288F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC287F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC286F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC285F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC284F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC283F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC282F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\883C15C2D8C651149AEC327E18FC281F
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\9CE6BBBB77FEF6F4E8A7A317CFEB00BE
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\C283E4C74C28B8B45955C27F01843522
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\87E54A536A614F3489925A3BF7E68A20
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\CC8545F0A170DEE468C8601766752999
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\EDED1AC1736A0C942B11FFD098C49ED2
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\21C4AC5838357F546A9EBEC0CCB80D05
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\E42838FCFA695E147804A5CC5FE1769C
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\C637B370AB1EE9E49B3E4DDEF6E64538
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\FF1A0405DA0C4A34B99338BC4EEE163E
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\409434E3E52B7624AB4DF1A614C93728
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\BE0F8E0231E6D664BA7E91326FEE7CB9
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\5A4FD2CBE1C67754EB350AC79C0AB290
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DA6894705C6ED6E4D952492B235EACDF
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\0463F7A53B2CC0B4289CE66361C75CD5
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\F62CCE1F3259B154C9242B9436E57E20
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\3E1178436BB0FCD4C8C8718F923B73BB
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\A454BAB3A66390249B3452ED9F785374
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DFD8F9268184D51408E8B4DCB94E5256
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\50C04A8E8519EB34683F5943C7FD9A42
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\103469D7387DC924AB72997BFCA58876
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DD44EC9D0EF402C4F90E4074CB8BD0D7
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\B024E012F879A9847913EB9730B42785
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\AFC8C1450F3B0E042B0CA168570BA569
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\F0E3CE782F17B624FA32BD7E7603F4A5
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\E9BE9D65D725E494DA0F34F787215837
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DD93A0F9771D57B4CB7AE17194644E19
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\A6AA55CF44CCD61478C7A23E07C2AB1A
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\472E056C5F920BE48B78D97B806A41DF
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\69891C601D923F542841B726ECDC07F0
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\92356F2DFA566F24581F93AB24E12426
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\2F1B81C9BEB09C049924ED58C0D41167
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\87C91FA6750F41E4A95851E4B0FE4F25
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\6450E2E080553A242A0566D71D285878
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\60FC61D924107414B92E38E4084BAB30
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\ACFAC218F102B5E469AEBE53FC6CDE48
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\A32E0E05B02EE204A8C7364460050963
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\7CCF32FC4855EF84DB00698CFBDDC538
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\5E00B82A18D588E4BAA6063823DA6E74
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\494D3ED0842AB8F41B7F6542E8BCBB06
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Users\user\AppData\Local\Programs\CSC\iRecord\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Users\user\AppData\Local\Programs\CSC\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Users\user\AppData\Roaming\Microsoft\Installer\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Users\user\AppData\Roaming\Microsoft\Installer\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CSC\
HKEY_CURRENT_USER\Software\CSC\iRecord
installed
HKEY_CURRENT_USER\Software\CSC\iRecord
StartMenuInstalled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
LocalPackage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Size
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5BE159C08FF85024AA49D448CB6ED983
FD0B00DFA5F1D9C49B54571364B80511
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\InstallProperties
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD00B0DF-1F5A-4C9D-B945-7531468B5011}
DisplayName
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\FD0B00DFA5F1D9C49B54571364B80511
ProductFeature
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\Features
ProductFeature
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FD0B00DFA5F1D9C49B54571364B80511\Patches
AllPatches
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
ProductName
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
PackageCode
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
Language
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
Version
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
Assignment
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
AdvertiseFlags
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
ProductIcon
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
InstanceType
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
AuthorizedLUAApp
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
DeploymentFlags
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\5BE159C08FF85024AA49D448CB6ED983
FD0B00DFA5F1D9C49B54571364B80511
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511\SourceList
PackageName
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511\SourceList\Net
1
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511\SourceList\Media
1
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511
Clients
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FD0B00DFA5F1D9C49B54571364B80511\SourceList
LastUsedSource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\iRecord_WPF_RASMANCS
FileDirectory
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\system32\dnsapi.dll,-103
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
There are 142 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
99D0000
trusted library allocation
page read and write
7A92000
trusted library allocation
page read and write
5B3F000
stack
page read and write
81639AE000
stack
page read and write
20D920B1000
heap
page read and write
CBCA000
trusted library allocation
page read and write
7930000
remote allocation
page read and write
7AD2000
trusted library allocation
page read and write
1F8D0190000
trusted library allocation
page read and write
9B00000
trusted library allocation
page read and write
20D92970000
heap
page read and write
1554000
trusted library allocation
page read and write
C959000
trusted library allocation
page read and write
3D141FE000
stack
page read and write
5FA5000
trusted library allocation
page read and write
262ADFF3000
trusted library allocation
page read and write
7AD6000
trusted library allocation
page read and write
3D13D7B000
stack
page read and write
69EC000
trusted library allocation
page read and write
1D4FDE70000
heap
page read and write
1F8D0313000
heap
page read and write
20D92961000
heap
page read and write
CA50000
trusted library allocation
page read and write
20D92056000
heap
page read and write
262B303D000
heap
page read and write
16D6000
heap
page read and write
7FD63000
trusted library allocation
page execute read
5E6C000
stack
page read and write
7B07000
trusted library allocation
page read and write
D8B2000
trusted library allocation
page read and write
23425E2E000
heap
page read and write
1417000
heap
page read and write
14C0000
trusted library allocation
page read and write
CAB5000
trusted library allocation
page read and write
5920000
heap
page execute and read and write
262AE8F0000
trusted library section
page readonly
D0E5000
trusted library allocation
page read and write
7A41000
trusted library allocation
page read and write
D0FD000
trusted library allocation
page read and write
1F8D0254000
heap
page read and write
5FAE000
trusted library allocation
page read and write
5FB3000
trusted library allocation
page read and write
D7A2000
trusted library allocation
page read and write
20D92986000
heap
page read and write
CE96000
trusted library allocation
page read and write
E7F2DFF000
stack
page read and write
CA83000
trusted library allocation
page read and write
5FBF000
trusted library allocation
page read and write
20D9297E000
heap
page read and write
7FD6E000
trusted library allocation
page readonly
7ACC000
trusted library allocation
page read and write
1D4FE602000
trusted library allocation
page read and write
A360000
trusted library allocation
page read and write
5FFB000
trusted library allocation
page read and write
7FD51000
trusted library allocation
page execute read
A370000
trusted library allocation
page read and write
DB0000
unkown
page readonly
CA61000
trusted library allocation
page read and write
CA2C000
trusted library allocation
page read and write
19911200000
heap
page read and write
761E000
stack
page read and write
CA2A000
trusted library allocation
page read and write
1C4A3770000
heap
page read and write
5C7E000
stack
page read and write
69E7000
trusted library allocation
page read and write
262B2E44000
trusted library allocation
page read and write
CB8C000
trusted library allocation
page read and write
A3B0000
trusted library allocation
page read and write
20D92999000
heap
page read and write
8EF000
unkown
page readonly
1549000
trusted library allocation
page read and write
6A33000
trusted library allocation
page read and write
7C0E000
stack
page read and write
7FD60000
trusted library allocation
page readonly
CA2C000
trusted library allocation
page read and write
1589000
trusted library allocation
page read and write
CA86000
trusted library allocation
page read and write
1A2F2930000
heap
page read and write
D950000
trusted library allocation
page read and write
CCD0000
trusted library allocation
page read and write
262AE159000
heap
page read and write
5FB6000
trusted library allocation
page read and write
13F0000
trusted library allocation
page read and write
CEB3000
trusted library allocation
page read and write
262AE102000
heap
page read and write
C9E4000
trusted library allocation
page read and write
D94E000
trusted library allocation
page read and write
20D92E02000
heap
page read and write
7A4B000
trusted library allocation
page read and write
20E3AD81000
heap
page read and write
20D9296E000
heap
page read and write
CC2000
unkown
page readonly
20D92961000
heap
page read and write
1C4A3850000
heap
page read and write
1A2F2A02000
heap
page read and write
32ADFFE000
stack
page read and write
7FD73000
trusted library allocation
page readonly
C9F4000
trusted library allocation
page read and write
3D13AFE000
stack
page read and write
B510879000
stack
page read and write
20D92E02000
heap
page read and write
51C8000
trusted library allocation
page read and write
1EF7BA48000
heap
page read and write
5FB3000
trusted library allocation
page read and write
1593000
trusted library allocation
page read and write
C4BF47C000
stack
page read and write
CA6F000
trusted library allocation
page read and write
D79A000
trusted library allocation
page read and write
E003E7E000
stack
page read and write
19911302000
heap
page read and write
1991127F000
heap
page read and write
7B0F000
trusted library allocation
page read and write
CD7F000
trusted library allocation
page read and write
6A91000
trusted library allocation
page read and write
CADE000
trusted library allocation
page read and write
CEA6000
trusted library allocation
page read and write
20E3AD87000
heap
page read and write
810000
unkown
page readonly
D0F0000
trusted library allocation
page read and write
262AD856000
heap
page read and write
1751000
trusted library allocation
page read and write
C933000
trusted library allocation
page read and write
20D929A5000
heap
page read and write
798A000
trusted library allocation
page read and write
CB94000
trusted library allocation
page read and write
6A38000
trusted library allocation
page read and write
32AE1FF000
stack
page read and write
7A88000
trusted library allocation
page read and write
9AFA000
trusted library allocation
page read and write
243B8A13000
heap
page read and write
CEA0000
trusted library allocation
page read and write
1C4A384C000
heap
page read and write
5FC6000
trusted library allocation
page read and write
7ADE000
trusted library allocation
page read and write
CAE3000
trusted library allocation
page read and write
5DBF000
stack
page read and write
C981000
trusted library allocation
page read and write
CAC6000
trusted library allocation
page read and write
5FBA000
trusted library allocation
page read and write
262AD82A000
heap
page read and write
1EF7BB02000
heap
page read and write
5FB9000
trusted library allocation
page read and write
1794000
trusted library allocation
page read and write
20D929BA000
heap
page read and write
CDF6000
trusted library allocation
page read and write
D7D3000
trusted library allocation
page read and write
CCF4000
trusted library allocation
page read and write
1C4A3852000
heap
page read and write
9E5877F000
stack
page read and write
262AE100000
heap
page read and write
D155000
trusted library allocation
page read and write
5DC6000
trusted library allocation
page read and write
D17C000
trusted library allocation
page read and write
C90A000
trusted library allocation
page read and write
20D92961000
heap
page read and write
19911300000
heap
page read and write
199117A0000
trusted library allocation
page read and write
CADA000
trusted library allocation
page read and write
1D4FDD50000
heap
page read and write
7FD61000
trusted library allocation
page execute read
1D4FDE7A000
heap
page read and write
CB9B000
trusted library allocation
page read and write
1D4FDF00000
heap
page read and write
1800000
trusted library allocation
page read and write
1797000
trusted library allocation
page read and write
1EF7BA5E000
heap
page read and write
1D4FDDF0000
trusted library allocation
page read and write
CA83000
trusted library allocation
page read and write
20D920A7000
heap
page read and write
20D92E02000
heap
page read and write
5F9E000
trusted library allocation
page read and write
20D9291F000
heap
page read and write
CAB6000
trusted library allocation
page read and write
7A07000
trusted library allocation
page read and write
CA78000
trusted library allocation
page read and write
20D920E7000
heap
page read and write
20D9297B000
heap
page read and write
CD70000
trusted library allocation
page read and write
20E3AD81000
heap
page read and write
CAB6000
trusted library allocation
page read and write
23425E2F000
heap
page read and write
7D0E000
stack
page read and write
19911202000
heap
page read and write
5FCA000
trusted library allocation
page read and write
5FBB000
trusted library allocation
page read and write
262B2E64000
trusted library allocation
page read and write
CA3A000
trusted library allocation
page read and write
1686000
heap
page read and write
D0AA000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
1D4FDE4B000
heap
page read and write
20D92999000
heap
page read and write
7B0F000
trusted library allocation
page read and write
7FD76000
trusted library allocation
page execute read
CD98000
trusted library allocation
page read and write
A3C0000
trusted library allocation
page read and write
1D4FDE13000
heap
page read and write
CA9E000
trusted library allocation
page read and write
1F8D0308000
heap
page read and write
23425E3E000
heap
page read and write
D85A000
trusted library allocation
page read and write
178D000
trusted library allocation
page read and write
262B2EF0000
trusted library allocation
page read and write
1A2F2A6B000
heap
page read and write
20D92916000
heap
page read and write
CAAD000
trusted library allocation
page read and write
262AE000000
heap
page read and write
CA43000
trusted library allocation
page read and write
20D929B7000
heap
page read and write
262AD86F000
heap
page read and write
5FAA000
trusted library allocation
page read and write
20D92981000
heap
page read and write
D690000
trusted library allocation
page read and write
CA6F000
trusted library allocation
page read and write
7930000
remote allocation
page read and write
1C4A3900000
heap
page read and write
13F63100000
heap
page read and write
D0F0000
trusted library allocation
page read and write
CAC8000
trusted library allocation
page read and write
20D9299B000
heap
page read and write
782E000
trusted library allocation
page read and write
5F70000
trusted library allocation
page read and write
CA6C000
trusted library allocation
page read and write
9AF2000
trusted library allocation
page read and write
23425E78000
heap
page read and write
1704000
trusted library allocation
page read and write
262B2E41000
trusted library allocation
page read and write
9A30000
trusted library allocation
page read and write
1A2F2A2A000
heap
page read and write
170A000
trusted library allocation
page read and write
262AEC80000
trusted library allocation
page read and write
20D92986000
heap
page read and write
23425E29000
heap
page read and write
CCEC000
trusted library allocation
page read and write
1C4A3902000
heap
page read and write
20D9299B000
heap
page read and write
D94C000
trusted library allocation
page read and write
20D9297B000
heap
page read and write
7FD7C000
trusted library allocation
page execute read
D170000
trusted library allocation
page read and write
5FBD000
trusted library allocation
page read and write
CA83000
trusted library allocation
page read and write
7ACA000
trusted library allocation
page read and write
1A2F2A5C000
heap
page read and write
A340000
trusted library allocation
page read and write
6AD3000
trusted library allocation
page read and write
A390000
trusted library allocation
page read and write
23425E7F000
heap
page read and write
7FD7E000
trusted library allocation
page execute read
23425BA0000
heap
page read and write
749E000
stack
page read and write
6E5C000
stack
page read and write
20D929D6000
heap
page read and write
CDA0000
trusted library allocation
page read and write
D6C9000
trusted library allocation
page read and write
6A36000
trusted library allocation
page read and write
CAE7000
trusted library allocation
page read and write
CCE9000
trusted library allocation
page read and write
1C4A3710000
heap
page read and write
CADC000
trusted library allocation
page read and write
A300000
trusted library allocation
page read and write
D70F000
trusted library allocation
page read and write
A360000
trusted library allocation
page read and write
D605000
trusted library allocation
page read and write
D90A000
trusted library allocation
page read and write
1F8D023C000
heap
page read and write
3450000
trusted library allocation
page read and write
77E7000
trusted library allocation
page read and write
9B50000
trusted library allocation
page read and write
6ACD000
trusted library allocation
page read and write
FB9000
stack
page read and write
150A000
trusted library allocation
page read and write
1C4A3800000
heap
page read and write
7A96000
trusted library allocation
page read and write
CA78000
trusted library allocation
page read and write
C4BF5FE000
stack
page read and write
20D9298D000
heap
page read and write
5F9A000
trusted library allocation
page read and write
CB9A000
trusted library allocation
page read and write
CAC6000
trusted library allocation
page read and write
19911313000
heap
page read and write
9E5857B000
stack
page read and write
810000
unkown
page readonly
20E3AD56000
heap
page read and write
32AE5FF000
stack
page read and write
23425E55000
heap
page read and write
CCDF000
trusted library allocation
page read and write
1F8D025E000
heap
page read and write
D0B4000
trusted library allocation
page read and write
786F000
trusted library allocation
page read and write
20D9297E000
heap
page read and write
7FD69000
trusted library allocation
page execute read
6A91000
trusted library allocation
page read and write
243B8950000
heap
page read and write
CE16000
trusted library allocation
page read and write
CA6C000
trusted library allocation
page read and write
CAE3000
trusted library allocation
page read and write
9B60000
trusted library allocation
page read and write
A350000
trusted library allocation
page read and write
C9A0000
trusted library allocation
page read and write
786D000
trusted library allocation
page read and write
CB08000
trusted library allocation
page read and write
7AD6000
trusted library allocation
page read and write
410AA7C000
stack
page read and write
5FB6000
trusted library allocation
page read and write
725F000
stack
page read and write
7ACC000
trusted library allocation
page read and write
D185000
trusted library allocation
page read and write
E7F31FF000
stack
page read and write
CEB3000
trusted library allocation
page read and write
D110000
trusted library allocation
page read and write
20D92961000
heap
page read and write
CCEA000
trusted library allocation
page read and write
3D13B7E000
stack
page read and write
D6FE000
stack
page read and write
CAC1000
trusted library allocation
page read and write
1750000
trusted library allocation
page read and write
23425E67000
heap
page read and write
58B0000
trusted library allocation
page read and write
262B2F40000
trusted library allocation
page read and write
14E3000
trusted library allocation
page read and write
D864000
trusted library allocation
page read and write
DA82000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
CAC1000
trusted library allocation
page read and write
262B3000000
heap
page read and write
1F8D0200000
heap
page read and write
77E6000
trusted library allocation
page read and write
D0AE000
stack
page read and write
20D92E02000
heap
page read and write
243B8940000
heap
page read and write
5FB4000
trusted library allocation
page read and write
7A3E000
stack
page read and write
C98A000
trusted library allocation
page read and write
7FD6B000
trusted library allocation
page execute read
5CBE000
stack
page read and write
1F8D027C000
heap
page read and write
CA78000
trusted library allocation
page read and write
D75B000
trusted library allocation
page read and write
6ACD000
trusted library allocation
page read and write
CA9E000
trusted library allocation
page read and write
C9A0000
trusted library allocation
page read and write
262AD750000
heap
page read and write
20D9290E000
heap
page read and write
20D92962000
heap
page read and write
787A000
trusted library allocation
page read and write
C99D000
trusted library allocation
page read and write
20D92900000
heap
page read and write
CA3A000
trusted library allocation
page read and write
6FDE000
stack
page read and write
20D9205C000
heap
page read and write
1EF7BB00000
heap
page read and write
CDA0000
trusted library allocation
page read and write
153B77E000
stack
page read and write
262AE002000
heap
page read and write
8DD4000
trusted library allocation
page read and write
A380000
trusted library allocation
page read and write
5FB8000
trusted library allocation
page read and write
20D92986000
heap
page read and write
D792000
trusted library allocation
page read and write
D895000
trusted library allocation
page read and write
C9F4000
trusted library allocation
page read and write
20E3AD56000
heap
page read and write
23425E46000
heap
page read and write
6A2E000
trusted library allocation
page read and write
CAC8000
trusted library allocation
page read and write
CA3A000
trusted library allocation
page read and write
D8B3000
trusted library allocation
page read and write
1F8D0229000
heap
page read and write
D878000
trusted library allocation
page read and write
D7CF000
trusted library allocation
page read and write
30A0000
trusted library allocation
page execute and read and write
CE0D000
trusted library allocation
page read and write
1EF7BA3C000
heap
page read and write
20D929B5000
heap
page read and write
1595000
trusted library allocation
page read and write
A340000
trusted library allocation
page read and write
6130000
trusted library allocation
page read and write
262B30FE000
heap
page read and write
20E3AD7B000
heap
page read and write
CAE6000
trusted library allocation
page read and write
20D91E60000
heap
page read and write
32FD000
trusted library allocation
page read and write
CA43000
trusted library allocation
page read and write
CE06000
trusted library allocation
page read and write
D752000
trusted library allocation
page read and write
41C1000
trusted library allocation
page read and write
1D4FDE84000
heap
page read and write
CBCC000
trusted library allocation
page read and write
20D929AC000
heap
page read and write
D85C000
trusted library allocation
page read and write
6A0D000
trusted library allocation
page read and write
CEC6000
trusted library allocation
page read and write
262AD800000
heap
page read and write
13F628E2000
heap
page read and write
CDD0000
heap
page read and write
D879000
trusted library allocation
page read and write
50DB3BE000
stack
page read and write
CB8F000
trusted library allocation
page read and write
34AC000
trusted library allocation
page read and write
5FBA000
trusted library allocation
page read and write
14D0000
trusted library allocation
page read and write
243B9140000
remote allocation
page read and write
41D0000
trusted library allocation
page read and write
CAE6000
trusted library allocation
page read and write
1795000
trusted library allocation
page read and write
20D92986000
heap
page read and write
20D92E02000
heap
page read and write
262AEC61000
trusted library allocation
page read and write
CABB000
trusted library allocation
page read and write
19911279000
heap
page read and write
CDF3000
trusted library allocation
page read and write
262AE015000
heap
page read and write
20D9299B000
heap
page read and write
20D92986000
heap
page read and write
13F627F0000
trusted library allocation
page read and write
1EF7BA13000
heap
page read and write
5FBC000
trusted library allocation
page read and write
CBD0000
trusted library allocation
page read and write
F9900FE000
stack
page read and write
20D929BC000
heap
page read and write
79D6000
trusted library allocation
page read and write
7AD4000
trusted library allocation
page read and write
1F8D025E000
heap
page read and write
20D929B7000
heap
page read and write
8163D7B000
stack
page read and write
7FD6C000
trusted library allocation
page readonly
20D92961000
heap
page read and write
CB95000
trusted library allocation
page read and write
539E000
stack
page read and write
262B2F30000
trusted library allocation
page read and write
1C4A3897000
heap
page read and write
23425E4D000
heap
page read and write
9B40000
trusted library allocation
page read and write
A350000
trusted library allocation
page read and write
CAE1000
trusted library allocation
page read and write
C99D000
trusted library allocation
page read and write
D0AC000
trusted library allocation
page read and write
20D9297E000
heap
page read and write
CA61000
trusted library allocation
page read and write
78AA000
trusted library allocation
page read and write
E7F26AC000
stack
page read and write
5FA0000
trusted library allocation
page read and write
79CE000
trusted library allocation
page read and write
7A4F000
trusted library allocation
page read and write
F17000
unkown
page readonly
20E3AD7B000
heap
page read and write
1598000
trusted library allocation
page read and write
20D9297C000
heap
page read and write
6ABB000
trusted library allocation
page read and write
20D92914000
heap
page read and write
CBD0000
trusted library allocation
page read and write
20D9297A000
heap
page read and write
1D4FDE3C000
heap
page read and write
20D929B5000
heap
page read and write
D74E000
trusted library allocation
page read and write
CA6C000
trusted library allocation
page read and write
CADA000
trusted library allocation
page read and write
20D9295F000
heap
page read and write
9B50000
trusted library allocation
page read and write
20D9299D000
heap
page read and write
19911802000
trusted library allocation
page read and write
16CF000
heap
page read and write
D7EE000
trusted library allocation
page read and write
C9E4000
trusted library allocation
page read and write
20D920D4000
heap
page read and write
7AD8000
trusted library allocation
page read and write
CDF0000
heap
page read and write
20E3AD8D000
heap
page read and write
1A2F2A13000
heap
page read and write
5FCF000
trusted library allocation
page read and write
20D92962000
heap
page read and write
20D92976000
heap
page read and write
1593000
trusted library allocation
page read and write
C913000
trusted library allocation
page read and write
262AE118000
heap
page read and write
E003B8C000
stack
page read and write
1F8D0248000
heap
page read and write
D050000
trusted library allocation
page read and write
20D9294E000
heap
page read and write
CE7D000
trusted library allocation
page read and write
B5103FE000
stack
page read and write
C9ED000
trusted library allocation
page read and write
20D91E00000
heap
page read and write
31C1000
trusted library allocation
page read and write
1F8D022C000
heap
page read and write
9E5827C000
stack
page read and write
20D9290D000
heap
page read and write
CA2C000
trusted library allocation
page read and write
E003EFE000
stack
page read and write
D881000
trusted library allocation
page read and write
1C4A4002000
trusted library allocation
page read and write
1F8D0A02000
trusted library allocation
page read and write
5DC4000
trusted library allocation
page read and write
1D4FDE00000
heap
page read and write
158B000
trusted library allocation
page read and write
20D92964000
heap
page read and write
262B2F80000
remote allocation
page read and write
6A16000
trusted library allocation
page read and write
13F63112000
heap
page read and write
243B9140000
remote allocation
page read and write
23425E49000
heap
page read and write
CA60000
trusted library allocation
page read and write
5F9D000
trusted library allocation
page read and write
CB4D000
trusted library allocation
page read and write
13F628C3000
heap
page read and write
5FCE000
trusted library allocation
page read and write
7FD66000
trusted library allocation
page readonly
20D92680000
remote allocation
page read and write
E7F307E000
stack
page read and write
20D92113000
heap
page read and write
C99D000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
243B89E0000
trusted library allocation
page read and write
1C4A3700000
heap
page read and write
5FC0000
trusted library allocation
page read and write
1500000
trusted library allocation
page read and write
262AD89E000
heap
page read and write
CA34000
trusted library allocation
page read and write
CB90000
trusted library allocation
page read and write
1D4FDE49000
heap
page read and write
CCF0000
trusted library allocation
page read and write
CB9D000
trusted library allocation
page read and write
6D5E000
stack
page read and write
D794000
trusted library allocation
page read and write
DB0000
unkown
page readonly
23425E4B000
heap
page read and write
C900000
trusted library allocation
page read and write
5F9E000
trusted library allocation
page read and write
D877000
trusted library allocation
page read and write
5FC9000
trusted library allocation
page read and write
13F62680000
heap
page read and write
20D9297A000
heap
page read and write
1EF7BB08000
heap
page read and write
20D9299B000
heap
page read and write
D7CB000
trusted library allocation
page read and write
243B8A02000
heap
page read and write
23425E5F000
heap
page read and write
CB4F000
trusted library allocation
page read and write
CE83000
trusted library allocation
page read and write
CA6F000
trusted library allocation
page read and write
CABF000
trusted library allocation
page read and write
23425C10000
heap
page read and write
1812000
trusted library allocation
page read and write
9B10000
trusted library allocation
page read and write
7AD4000
trusted library allocation
page read and write
20D929BE000
heap
page read and write
1C4A3877000
heap
page read and write
20D920A6000
heap
page read and write
CD00000
trusted library allocation
page read and write
6D1D000
stack
page read and write
812000
unkown
page readonly
20D92978000
heap
page read and write
7A90000
trusted library allocation
page read and write
816392B000
stack
page read and write
1853000
heap
page read and write
5FC0000
trusted library allocation
page read and write
C984000
trusted library allocation
page read and write
6AD7000
trusted library allocation
page read and write
D796000
trusted library allocation
page read and write
262B2E28000
trusted library allocation
page read and write
20D9297A000
heap
page read and write
D759000
trusted library allocation
page read and write
1792000
trusted library allocation
page read and write
9AF7000
trusted library allocation
page read and write
5FD0000
trusted library allocation
page read and write
7A4B000
trusted library allocation
page read and write
CB99000
trusted library allocation
page read and write
8E6000
unkown
page readonly
6AD3000
trusted library allocation
page read and write
9B72000
unkown
page readonly
C98A000
trusted library allocation
page read and write
9E5837E000
stack
page read and write
13F62888000
heap
page read and write
20D9299D000
heap
page read and write
C4BF97D000
stack
page read and write
20D92964000
heap
page read and write
5FB6000
trusted library allocation
page read and write
D70B000
trusted library allocation
page read and write
D040000
trusted library allocation
page read and write
13F62800000
heap
page read and write
99E4000
trusted library allocation
page read and write
D90C000
trusted library allocation
page read and write
20D92997000
heap
page read and write
23425E60000
heap
page read and write
D882000
trusted library allocation
page read and write
782D000
trusted library allocation
page read and write
32ADC7A000
stack
page read and write
9E5847B000
stack
page read and write
D185000
trusted library allocation
page read and write
E66000
unkown
page readonly
1840000
trusted library allocation
page read and write
CADE000
trusted library allocation
page read and write
59F0000
unkown
page readonly
174B000
trusted library allocation
page read and write
1802000
trusted library allocation
page read and write
3D13E77000
stack
page read and write
20D9299F000
heap
page read and write
D956000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
20E3AD40000
heap
page read and write
B5107FE000
stack
page read and write
C9E9000
trusted library allocation
page read and write
C4BF6FE000
stack
page read and write
C969000
trusted library allocation
page read and write
5FB3000
trusted library allocation
page read and write
153B07F000
stack
page read and write
CDE0000
trusted library allocation
page read and write
D798000
trusted library allocation
page read and write
262B30FD000
heap
page read and write
F50000
heap
page read and write
1C4A383C000
heap
page read and write
179C000
trusted library allocation
page read and write
CADE000
trusted library allocation
page read and write
20E3AD81000
heap
page read and write
5FBA000
trusted library allocation
page read and write
CE06000
trusted library allocation
page read and write
DA26000
trusted library allocation
page read and write
262B2D10000
trusted library allocation
page read and write
CA49000
trusted library allocation
page read and write
B51067E000
stack
page read and write
20D9299B000
heap
page read and write
8ED000
unkown
page readonly
20D92964000
heap
page read and write
50DBA7F000
stack
page read and write
D021000
trusted library allocation
page read and write
20D920E1000
heap
page read and write
CAE1000
trusted library allocation
page read and write
CA49000
trusted library allocation
page read and write
7FD7B000
trusted library allocation
page readonly
153AE7C000
stack
page read and write
243B8A40000
heap
page read and write
330E000
trusted library allocation
page read and write
262B2E50000
trusted library allocation
page read and write
23425E6C000
heap
page read and write
C903000
trusted library allocation
page read and write
20D92963000
heap
page read and write
CA3A000
trusted library allocation
page read and write
262B3100000
heap
page read and write
D198000
trusted library allocation
page read and write
D79F000
trusted library allocation
page read and write
CA49000
trusted library allocation
page read and write
CEB1000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
20D92976000
heap
page read and write
5FA4000
trusted library allocation
page read and write
7FD53000
trusted library allocation
page execute read
1410000
heap
page read and write
745E000
stack
page read and write
20D9297E000
heap
page read and write
CAC1000
trusted library allocation
page read and write
7ACE000
trusted library allocation
page read and write
20D920BE000
heap
page read and write
262AD8BB000
heap
page read and write
CB07000
trusted library allocation
page read and write
CA2C000
trusted library allocation
page read and write
D8C3000
trusted library allocation
page read and write
D1A1000
trusted library allocation
page read and write
C919000
trusted library allocation
page read and write
E7F2AF8000
stack
page read and write
D0F0000
trusted library allocation
page read and write
CADE000
trusted library allocation
page read and write
CB06000
trusted library allocation
page read and write
CD91000
trusted library allocation
page read and write
5E40000
trusted library allocation
page read and write
D163000
trusted library allocation
page read and write
CAE3000
trusted library allocation
page read and write
163E000
heap
page read and write
9E582FF000
stack
page read and write
262B301F000
heap
page read and write
20E3AD64000
heap
page read and write
7FD55000
trusted library allocation
page execute read
5FC4000
trusted library allocation
page read and write
6AD3000
trusted library allocation
page read and write
335D000
trusted library allocation
page read and write
19911255000
heap
page read and write
13F63002000
heap
page read and write
7FD74000
trusted library allocation
page execute read
20D92E03000
heap
page read and write
CAA5000
trusted library allocation
page read and write
14F0000
heap
page read and write
D168000
trusted library allocation
page read and write
CAD4000
trusted library allocation
page read and write
13F626F0000
heap
page read and write
A360000
trusted library allocation
page read and write
C9E4000
trusted library allocation
page read and write
1868000
heap
page read and write
13F6313B000
heap
page read and write
20D9297D000
heap
page read and write
243B8A29000
heap
page read and write
CAC6000
trusted library allocation
page read and write
262B2E20000
trusted library allocation
page read and write
153B57B000
stack
page read and write
5FA1000
trusted library allocation
page read and write
9B60000
trusted library allocation
page read and write
CB0A000
trusted library allocation
page read and write
CD60000
heap
page read and write
CADC000
trusted library allocation
page read and write
D153000
trusted library allocation
page read and write
262AD88C000
heap
page read and write
20D92E20000
heap
page read and write
782D000
trusted library allocation
page read and write
A360000
trusted library allocation
page read and write
DA2E000
trusted library allocation
page read and write
23425E44000
heap
page read and write
9B00000
unkown
page read and write
20D92000000
heap
page read and write
D0F6000
trusted library allocation
page read and write
CAA5000
trusted library allocation
page read and write
262AD893000
heap
page read and write
20D9299F000
heap
page read and write
9A50000
trusted library allocation
page read and write
A300000
trusted library allocation
page read and write
7B0D000
trusted library allocation
page read and write
78AA000
trusted library allocation
page read and write
20D92978000
heap
page read and write
20D92E02000
heap
page read and write
23425E6E000
heap
page read and write
23425E00000
heap
page read and write
1A2F2A8A000
heap
page read and write
D1A9000
trusted library allocation
page read and write
CA34000
trusted library allocation
page read and write
5E20000
trusted library allocation
page read and write
99E0000
trusted library allocation
page read and write
1C4A3813000
heap
page read and write
3D13FFF000
stack
page read and write
7FD65000
trusted library allocation
page execute read
19910FE0000
heap
page read and write
262B2E20000
trusted library allocation
page read and write
CAAD000
trusted library allocation
page read and write
13F62902000
heap
page read and write
20D92986000
heap
page read and write
CB4E000
trusted library allocation
page read and write
13F628CA000
heap
page read and write
6BDE000
stack
page read and write
20D929D6000
heap
page read and write
5FB6000
trusted library allocation
page read and write
F9904F9000
stack
page read and write
34EB000
trusted library allocation
page read and write
A360000
trusted library allocation
page read and write
C4BF77E000
stack
page read and write
CA60000
trusted library allocation
page read and write
262AD874000
heap
page read and write
5FB4000
trusted library allocation
page read and write
7FD6D000
trusted library allocation
page execute read
20D9297B000
heap
page read and write
C9ED000
trusted library allocation
page read and write
5FBA000
trusted library allocation
page read and write
20E3AC90000
heap
page read and write
1709000
trusted library allocation
page read and write
CAA5000
trusted library allocation
page read and write
5F9A000
trusted library allocation
page read and write
9A40000
trusted library allocation
page read and write
20D92058000
heap
page read and write
5E00000
trusted library allocation
page read and write
20D92986000
heap
page read and write
20D92995000
heap
page read and write
CA4A000
trusted library allocation
page read and write
262AD88A000
heap
page read and write
262B302C000
heap
page read and write
5FA3000
trusted library allocation
page read and write
CA77000
trusted library allocation
page read and write
1830000
trusted library allocation
page read and write
20D92961000
heap
page read and write
CA57000
trusted library allocation
page read and write
1EF7BA7E000
heap
page read and write
1C4A3882000
heap
page read and write
F9903F8000
stack
page read and write
C9E4000
trusted library allocation
page read and write
69E3000
trusted library allocation
page read and write
D70C000
trusted library allocation
page read and write
23425BB0000
heap
page read and write
CC2000
unkown
page readonly
262AE159000
heap
page read and write
262B3060000
heap
page read and write
CAAD000
trusted library allocation
page read and write
765D000
stack
page read and write
CE76000
trusted library allocation
page read and write
1EF7B8C0000
heap
page read and write
D106000
trusted library allocation
page read and write
DA27000
trusted library allocation
page read and write
CA86000
trusted library allocation
page read and write
5FAF000
trusted library allocation
page read and write
3464000
trusted library allocation
page read and write
CE70000
trusted library allocation
page read and write
1A2F2A00000
heap
page read and write
1C4A384B000
heap
page read and write
B51037A000
stack
page read and write
5FBA000
trusted library allocation
page read and write
17CE000
trusted library allocation
page read and write
A360000
unkown
page read and write
78A8000
trusted library allocation
page read and write
1843000
trusted library allocation
page read and write
6A36000
trusted library allocation
page read and write
9EAB000
trusted library allocation
page read and write
D5FE000
stack
page read and write
CCD0000
trusted library allocation
page read and write
15D1000
trusted library allocation
page read and write
23426402000
trusted library allocation
page read and write
5E09000
trusted library allocation
page read and write
20D92993000
heap
page read and write
D01C000
stack
page read and write
D79E000
trusted library allocation
page read and write
20D92980000
heap
page read and write
CBC5000
trusted library allocation
page read and write
CA60000
trusted library allocation
page read and write
F99007B000
stack
page read and write
20D9297C000
heap
page read and write
158B000
trusted library allocation
page read and write
262B2E2E000
trusted library allocation
page read and write
69F6000
trusted library allocation
page read and write
3030000
trusted library allocation
page read and write
CB91000
trusted library allocation
page read and write
D794000
trusted library allocation
page read and write
20E3AD70000
heap
page read and write
CD89000
trusted library allocation
page read and write
1F8D0160000
heap
page read and write
A350000
trusted library allocation
page read and write
32AE0FD000
stack
page read and write
CA43000
trusted library allocation
page read and write
20D92052000
heap
page read and write
CA38000
trusted library allocation
page read and write
CA34000
trusted library allocation
page read and write
15CE000
trusted library allocation
page read and write
410AD7B000
stack
page read and write
C9E4000
trusted library allocation
page read and write
5FA0000
trusted library allocation
page read and write
20E3AD51000
heap
page read and write
69E0000
trusted library allocation
page read and write
153B87C000
stack
page read and write
20E3AB55000
heap
page read and write
78EE000
stack
page read and write
23425F02000
heap
page read and write
6ABB000
trusted library allocation
page read and write
32AE3FF000
stack
page read and write
9E5887F000
stack
page read and write
178F000
trusted library allocation
page read and write
13F62690000
heap
page read and write
20D9297A000
heap
page read and write
D199000
trusted library allocation
page read and write
701E000
stack
page read and write
CAE7000
trusted library allocation
page read and write
5E20000
trusted library allocation
page read and write
CADE000
trusted library allocation
page read and write
CEAD000
trusted library allocation
page read and write
D987000
trusted library allocation
page read and write
E7F34FE000
stack
page read and write
3090000
trusted library allocation
page read and write
CB92000
trusted library allocation
page read and write
20D92986000
heap
page read and write
A390000
trusted library allocation
page read and write
9B70000
unkown
page readonly
CA6F000
trusted library allocation
page read and write
50DB977000
stack
page read and write
14D3000
trusted library allocation
page execute and read and write
E7F2FFB000
stack
page read and write
5FA4000
trusted library allocation
page read and write
262AD8A0000
heap
page read and write
1EF7BA5C000
heap
page read and write
32ADEFC000
stack
page read and write
CBCC000
trusted library allocation
page read and write
CC10000
trusted library allocation
page read and write
1EF7BA00000
heap
page read and write
CBCE000
trusted library allocation
page read and write
16C0000
heap
page read and write
D19D000
trusted library allocation
page read and write
20D9204F000
heap
page read and write
CAB5000
trusted library allocation
page read and write
CA2C000
trusted library allocation
page read and write
153B97F000
stack
page read and write
14DD000
trusted library allocation
page execute and read and write
15A0000
trusted library allocation
page read and write
20D920F6000
heap
page read and write
F99077F000
unkown
page read and write
1A2F2B13000
heap
page read and write
20D92089000
heap
page read and write
1F8D0272000
heap
page read and write
CADE000
trusted library allocation
page read and write
7FD6F000
trusted library allocation
page execute read
30B0000
heap
page read and write
262AD8FE000
heap
page read and write
13F6286D000
heap
page read and write
32AE2FF000
stack
page read and write
529D000
stack
page read and write
262AE118000
heap
page read and write
CA50000
trusted library allocation
page read and write
E66000
unkown
page readonly
20D92997000
heap
page read and write
CAC8000
trusted library allocation
page read and write
D9E3000
trusted library allocation
page read and write
5FAF000
trusted library allocation
page read and write
23425E31000
heap
page read and write
19911040000
heap
page read and write
1F8D0100000
heap
page read and write
262AE7E0000
trusted library allocation
page read and write
15C6000
trusted library allocation
page read and write
5FA4000
trusted library allocation
page read and write
20D9297D000
heap
page read and write
262B30CB000
heap
page read and write
C994000
trusted library allocation
page read and write
CB4F000
trusted library allocation
page read and write
CAB6000
trusted library allocation
page read and write
262AD813000
heap
page read and write
5FB6000
trusted library allocation
page read and write
CAD8000
trusted library allocation
page read and write
7AD4000
trusted library allocation
page read and write
20D9299F000
heap
page read and write
DA2F000
trusted library allocation
page read and write
D15E000
trusted library allocation
page read and write
20D929C3000
heap
page read and write
33D2000
trusted library allocation
page read and write
1C4A3913000
heap
page read and write
32ADDFF000
stack
page read and write
F9905F7000
stack
page read and write
5F80000
trusted library allocation
page read and write
1F8D0213000
heap
page read and write
D040000
unkown
page read and write
9AF4000
trusted library allocation
page read and write
CAD8000
trusted library allocation
page read and write
CE00000
trusted library allocation
page read and write
20D92965000
heap
page read and write
61A7000
heap
page read and write
1C4A382A000
heap
page read and write
1F8D00F0000
heap
page read and write
7AD4000
trusted library allocation
page read and write
3094000
trusted library allocation
page read and write
CB8A000
trusted library allocation
page read and write
CA9E000
trusted library allocation
page read and write
20D92976000
heap
page read and write
CAE6000
trusted library allocation
page read and write
5FB3000
trusted library allocation
page read and write
C9ED000
trusted library allocation
page read and write
E7F2EFA000
stack
page read and write
20D92977000
heap
page read and write
16C9000
heap
page read and write
262B3053000
heap
page read and write
8E6000
unkown
page readonly
F9906FF000
stack
page read and write
D020000
trusted library allocation
page read and write
262AD760000
heap
page read and write
5FB3000
trusted library allocation
page read and write
CAAD000
trusted library allocation
page read and write
5FC0000
trusted library allocation
page read and write
1EF7B850000
heap
page read and write
C94E000
trusted library allocation
page read and write
6A2F000
trusted library allocation
page read and write
5E30000
trusted library allocation
page read and write
CAA5000
trusted library allocation
page read and write
20E3AD88000
heap
page read and write
CAB5000
trusted library allocation
page read and write
CAE3000
trusted library allocation
page read and write
7877000
trusted library allocation
page read and write
E7F30FE000
stack
page read and write
20D92961000
heap
page read and write
5FBD000
trusted library allocation
page read and write
32A7000
trusted library allocation
page read and write
3460000
trusted library allocation
page read and write
1846000
trusted library allocation
page read and write
1EF7BA29000
heap
page read and write
12F4000
stack
page read and write
E00407E000
stack
page read and write
1850000
heap
page read and write
410AE7B000
stack
page read and write
A390000
trusted library allocation
page read and write
CBCB000
trusted library allocation
page read and write
7FD78000
trusted library allocation
page execute read
78AB000
trusted library allocation
page read and write
20D9297E000
heap
page read and write
20D9297A000
heap
page read and write
20E3AD4D000
heap
page read and write
CB91000
trusted library allocation
page read and write
D958000
trusted library allocation
page read and write
20D92680000
remote allocation
page read and write
1F8D024A000
heap
page read and write
20D92965000
heap
page read and write
262B30E2000
heap
page read and write
5B7E000
stack
page read and write
D94E000
trusted library allocation
page read and write
CCE3000
trusted library allocation
page read and write
50DB33B000
stack
page read and write
7FD75000
trusted library allocation
page readonly
81640FE000
stack
page read and write
D756000
trusted library allocation
page read and write
CA50000
trusted library allocation
page read and write
812000
unkown
page readonly
20D929A8000
heap
page read and write
E7F317F000
stack
page read and write
159D000
trusted library allocation
page read and write
262ADFF0000
trusted library allocation
page read and write
50DB87B000
stack
page read and write
6A37000
trusted library allocation
page read and write
20D9298D000
heap
page read and write
20D92991000
heap
page read and write
5FB4000
trusted library allocation
page read and write
A3A0000
trusted library allocation
page read and write
D698000
trusted library allocation
page read and write
CABB000
trusted library allocation
page read and write
20D92053000
heap
page read and write
20D92976000
heap
page read and write
20D92914000
heap
page read and write
14ED000
trusted library allocation
page execute and read and write
1C4A384F000
heap
page read and write
CCE7000
trusted library allocation
page read and write
20D92976000
heap
page read and write
D99B000
trusted library allocation
page read and write
262B3102000
heap
page read and write
19910FD0000
heap
page read and write
50DB67D000
stack
page read and write
1D4FDE50000
heap
page read and write
D19B000
trusted library allocation
page read and write
20E3AD70000
heap
page read and write
CB51000
trusted library allocation
page read and write
1EF7C202000
trusted library allocation
page read and write
CB08000
trusted library allocation
page read and write
DB46000
trusted library allocation
page read and write
B5106F9000
stack
page read and write
8EF000
unkown
page readonly
181B000
trusted library allocation
page execute and read and write
17CD000
trusted library allocation
page read and write
23425E65000
heap
page read and write
C97C000
trusted library allocation
page read and write
D111000
trusted library allocation
page read and write
262AD878000
heap
page read and write
CA78000
trusted library allocation
page read and write
CA3A000
trusted library allocation
page read and write
CB93000
trusted library allocation
page read and write
CA60000
trusted library allocation
page read and write
CAC1000
trusted library allocation
page read and write
CAAD000
trusted library allocation
page read and write
CEA0000
trusted library allocation
page read and write
5FFB000
trusted library allocation
page read and write
CA83000
trusted library allocation
page read and write
A3B0000
trusted library allocation
page read and write
77E4000
trusted library allocation
page read and write
153B4FC000
stack
page read and write
CA9E000
trusted library allocation
page read and write
20D92802000
heap
page read and write
7A49000
trusted library allocation
page read and write
D835000
trusted library allocation
page read and write
7920000
trusted library allocation
page read and write
20D92986000
heap
page read and write
CA78000
trusted library allocation
page read and write
3D13A7B000
stack
page read and write
20D92963000
heap
page read and write
262B2F50000
trusted library allocation
page read and write
D989000
trusted library allocation
page read and write
262B300E000
heap
page read and write
8163EFE000
stack
page read and write
32ADA7B000
stack
page read and write
6A1B000
trusted library allocation
page read and write
DA5F000
trusted library allocation
page read and write
179D000
trusted library allocation
page read and write
DAC9000
trusted library allocation
page read and write
CB01000
trusted library allocation
page read and write
1A2F2990000
heap
page read and write
CA25000
trusted library allocation
page read and write
1A2F3202000
trusted library allocation
page read and write
F99027B000
stack
page read and write
13F62813000
heap
page read and write
CB91000
trusted library allocation
page read and write
20D92968000
heap
page read and write
CA3A000
trusted library allocation
page read and write
3D140FC000
stack
page read and write
1991123C000
heap
page read and write
20D9296D000
heap
page read and write
20D9297A000
heap
page read and write
CA7B000
trusted library allocation
page read and write
A3C0000
trusted library allocation
page read and write
1C4A3908000
heap
page read and write
262AE113000
heap
page read and write
153B3FC000
stack
page read and write
CA49000
trusted library allocation
page read and write
DB0B000
trusted library allocation
page read and write
20D9204B000
heap
page read and write
20D9297B000
heap
page read and write
1547000
trusted library allocation
page read and write
13F6283E000
heap
page read and write
6A33000
trusted library allocation
page read and write
E00427E000
stack
page read and write
23425E47000
heap
page read and write
20D9204D000
heap
page read and write
1A2F2920000
heap
page read and write
20D9297A000
heap
page read and write
5E20000
trusted library allocation
page read and write
CAE3000
trusted library allocation
page read and write
CC10000
trusted library allocation
page read and write
A350000
trusted library allocation
page read and write
243B8A00000
heap
page read and write
1815000
trusted library allocation
page execute and read and write
5FB6000
trusted library allocation
page read and write
20D92975000
heap
page read and write
5E22000
trusted library allocation
page read and write
1A2F29C0000
trusted library allocation
page read and write
E7F327E000
stack
page read and write
CA25000
trusted library allocation
page read and write
79CC000
trusted library allocation
page read and write
20D92976000
heap
page read and write
6A91000
trusted library allocation
page read and write
7AE2000
trusted library allocation
page read and write
CA25000
trusted library allocation
page read and write
5FA3000
trusted library allocation
page read and write
D753000
trusted library allocation
page read and write
50DB77B000
stack
page read and write
CA6C000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
6070000
trusted library allocation
page read and write
262AD913000
heap
page read and write
69F0000
trusted library allocation
page read and write
D7D0000
trusted library allocation
page read and write
243B9202000
trusted library allocation
page read and write
5FBA000
trusted library allocation
page read and write
F17000
unkown
page readonly
7FD62000
trusted library allocation
page readonly
1EF7B9C0000
trusted library allocation
page read and write
20D92102000
heap
page read and write
23425E8C000
heap
page read and write
5FB6000
trusted library allocation
page read and write
CCE0000
trusted library allocation
page read and write
1C4A386F000
heap
page read and write
20D92974000
heap
page read and write
D795000
trusted library allocation
page read and write
CAA5000
trusted library allocation
page read and write
1810000
trusted library allocation
page read and write
5F9C000
trusted library allocation
page read and write
CAC8000
trusted library allocation
page read and write
1D4FDDC0000
heap
page read and write
308E000
stack
page read and write
7FD54000
trusted library allocation
page readonly
8DF2000
trusted library allocation
page read and write
262B30F7000
heap
page read and write
243B8B02000
heap
page read and write
20D92070000
heap
page read and write
6A2F000
trusted library allocation
page read and write
CA43000
trusted library allocation
page read and write
15C4000
trusted library allocation
page read and write
CA49000
trusted library allocation
page read and write
3D13EFF000
stack
page read and write
19911213000
heap
page read and write
CC10000
trusted library allocation
page read and write
A340000
trusted library allocation
page read and write
20D9297E000
heap
page read and write
C96E000
trusted library allocation
page read and write
5FC4000
trusted library allocation
page read and write
CD90000
trusted library allocation
page read and write
CE21000
trusted library allocation
page read and write
7FD52000
trusted library allocation
page readonly
20D92054000
heap
page read and write
262B2C90000
trusted library allocation
page read and write
262B30A5000
heap
page read and write
CAAD000
trusted library allocation
page read and write
D7EF000
trusted library allocation
page read and write
CA49000
trusted library allocation
page read and write
20D9203C000
heap
page read and write
262AE900000
trusted library section
page readonly
CA6C000
trusted library allocation
page read and write
786F000
trusted library allocation
page read and write
7870000
trusted library allocation
page read and write
CAE1000
trusted library allocation
page read and write
1596000
trusted library allocation
page read and write
6AD7000
trusted library allocation
page read and write
262B30A9000
heap
page read and write
243B89B0000
heap
page read and write
CBD0000
trusted library allocation
page read and write
CB48000
trusted library allocation
page read and write
E7F2CFA000
stack
page read and write
20D92050000
heap
page read and write
1F8D0300000
heap
page read and write
20D9298B000
heap
page read and write
9BE4000
unkown
page readonly
CB9B000
trusted library allocation
page read and write
CAE7000
trusted library allocation
page read and write
8DC0000
trusted library allocation
page read and write
20E3AB50000
heap
page read and write
1502000
trusted library allocation
page read and write
7B05000
trusted library allocation
page read and write
262AD7C0000
heap
page read and write
410AF7E000
stack
page read and write
7A92000
trusted library allocation
page read and write
D6D0000
trusted library allocation
page read and write
20D9299E000
heap
page read and write
5FBC000
trusted library allocation
page read and write
1806000
trusted library allocation
page execute and read and write
3090000
trusted library allocation
page read and write
E7F2BFB000
stack
page read and write
20D91DF0000
heap
page read and write
14D4000
trusted library allocation
page read and write
7943000
trusted library allocation
page read and write
5F69000
stack
page read and write
CA25000
trusted library allocation
page read and write
CA83000
trusted library allocation
page read and write
D103000
trusted library allocation
page read and write
3040000
heap
page execute and read and write
6A36000
trusted library allocation
page read and write
D87A000
trusted library allocation
page read and write
5FF3000
trusted library allocation
page read and write
20D92986000
heap
page read and write
1D4FDE4E000
heap
page read and write
1EF7BA5D000
heap
page read and write
8163FF7000
stack
page read and write
782B000
trusted library allocation
page read and write
CA9E000
trusted library allocation
page read and write
B51077F000
stack
page read and write
CDED000
trusted library allocation
page read and write
61A0000
heap
page read and write
CAB6000
trusted library allocation
page read and write
CAC8000
trusted library allocation
page read and write
5FB1000
trusted library allocation
page read and write
D707000
trusted library allocation
page read and write
158D000
trusted library allocation
page read and write
3010000
trusted library allocation
page execute and read and write
786F000
trusted library allocation
page read and write
6C1C000
stack
page read and write
CA2C000
trusted library allocation
page read and write
D7D1000
trusted library allocation
page read and write
99F0000
trusted library allocation
page execute and read and write
1EF7BA88000
heap
page read and write
74DE000
stack
page read and write
20E3AD66000
heap
page read and write
23425E6A000
heap
page read and write
5FC2000
trusted library allocation
page read and write
CEC7000
trusted library allocation
page read and write
7FD7A000
trusted library allocation
page execute read
1A2F2B02000
heap
page read and write
CAD3000
trusted library allocation
page read and write
13F62829000
heap
page read and write
5FBA000
trusted library allocation
page read and write
262AE910000
trusted library section
page readonly
7A43000
trusted library allocation
page read and write
C9A0000
trusted library allocation
page read and write
CA3A000
trusted library allocation
page read and write
3D13C7B000
stack
page read and write
CA34000
trusted library allocation
page read and write
20D92E02000
heap
page read and write
20D9297A000
heap
page read and write
20E3AB40000
heap
page read and write
E7F32FE000
stack
page read and write
CBD0000
trusted library allocation
page read and write
5FAF000
trusted library allocation
page read and write
262B2E60000
trusted library allocation
page read and write
D818000
trusted library allocation
page read and write
9AF0000
trusted library allocation
page read and write
CAA5000
trusted library allocation
page read and write
CE41000
trusted library allocation
page read and write
1F8D024C000
heap
page read and write
D8C5000
trusted library allocation
page read and write
1EF7B860000
heap
page read and write
CE70000
trusted library allocation
page read and write
CBD0000
trusted library allocation
page read and write
20D92081000
heap
page read and write
20D92976000
heap
page read and write
8ED000
unkown
page readonly
F990878000
stack
page read and write
1F8D028A000
heap
page read and write
C4BF87E000
stack
page read and write
20D929C6000
heap
page read and write
CABF000
trusted library allocation
page read and write
CEB6000
trusted library allocation
page read and write
C9F4000
trusted library allocation
page read and write
775D000
stack
page read and write
23425E45000
heap
page read and write
262B2F80000
trusted library allocation
page read and write
8163E7B000
stack
page read and write
330A000
trusted library allocation
page read and write
20D92999000
heap
page read and write
262B2E50000
trusted library allocation
page read and write
31BF000
stack
page read and write
59F2000
unkown
page readonly
CDE6000
trusted library allocation
page read and write
5900000
trusted library allocation
page read and write
7872000
trusted library allocation
page read and write
CF1E000
stack
page read and write
5FB9000
trusted library allocation
page read and write
C4BF9FF000
stack
page read and write
C954000
trusted library allocation
page read and write
5FC5000
trusted library allocation
page read and write
CAA5000
trusted library allocation
page read and write
5FC2000
trusted library allocation
page read and write
5FBA000
trusted library allocation
page read and write
20D92E02000
heap
page read and write
20D92916000
heap
page read and write
D159000
trusted library allocation
page read and write
5E26000
trusted library allocation
page read and write
23425DE0000
trusted library allocation
page read and write
23425E62000
heap
page read and write
77E6000
trusted library allocation
page read and write
CD90000
trusted library allocation
page read and write
262B2C80000
trusted library allocation
page read and write
81641FF000
stack
page read and write
1C4A384D000
heap
page read and write
262AE8E0000
trusted library section
page readonly
6F9F000
stack
page read and write
20D920C5000
heap
page read and write
6ACD000
trusted library allocation
page read and write
23425E63000
heap
page read and write
1595000
trusted library allocation
page read and write
7B13000
trusted library allocation
page read and write
D117000
trusted library allocation
page read and write
591A000
trusted library allocation
page read and write
A380000
trusted library allocation
page read and write
262AD7F0000
trusted library allocation
page read and write
7879000
trusted library allocation
page read and write
20E3AD8C000
heap
page read and write
CCF1000
trusted library allocation
page read and write
58FE000
stack
page read and write
5FB9000
trusted library allocation
page read and write
20E3AD4B000
heap
page read and write
20D92986000
heap
page read and write
20D929A8000
heap
page read and write
77B6000
trusted library allocation
page read and write
C9ED000
trusted library allocation
page read and write
CA34000
trusted library allocation
page read and write
410B07F000
stack
page read and write
D64C000
trusted library allocation
page read and write
CBD0000
trusted library allocation
page read and write
CA60000
trusted library allocation
page read and write
20E3AD67000
heap
page read and write
CE26000
trusted library allocation
page read and write
C9ED000
trusted library allocation
page read and write
62A0000
trusted library allocation
page read and write
751E000
stack
page read and write
E00437F000
stack
page read and write
7ADE000
trusted library allocation
page read and write
8163C7E000
stack
page read and write
CE86000
trusted library allocation
page read and write
186B000
heap
page read and write
262B30FB000
heap
page read and write
1860000
heap
page read and write
705E000
stack
page read and write
20E3AD62000
heap
page read and write
7AD6000
trusted library allocation
page read and write
20D92997000
heap
page read and write
20D91F60000
trusted library allocation
page read and write
5FB6000
trusted library allocation
page read and write
C973000
trusted library allocation
page read and write
1D4FDE29000
heap
page read and write
20D9297C000
heap
page read and write
C921000
trusted library allocation
page read and write
5FC5000
trusted library allocation
page read and write
20D92961000
heap
page read and write
7FD79000
trusted library allocation
page readonly
CA49000
trusted library allocation
page read and write
A300000
trusted library allocation
page read and write
1A2F2A3C000
heap
page read and write
D797000
trusted library allocation
page read and write
5E10000
trusted library allocation
page read and write
1C4A37A0000
trusted library allocation
page read and write
1EF7BA60000
heap
page read and write
CAAD000
trusted library allocation
page read and write
CA2A000
trusted library allocation
page read and write
5FC2000
trusted library allocation
page read and write
C4BFBFD000
stack
page read and write
A340000
trusted library allocation
page read and write
CEA6000
trusted library allocation
page read and write
23425E3A000
heap
page read and write
7FD68000
trusted library allocation
page readonly
1D4FDF08000
heap
page read and write
CAE6000
trusted library allocation
page read and write
CD8C000
trusted library allocation
page read and write
7ADA000
trusted library allocation
page read and write
CEAC000
trusted library allocation
page read and write
60F0000
trusted library allocation
page read and write
7871000
trusted library allocation
page read and write
D18E000
trusted library allocation
page read and write
262B2F80000
remote allocation
page read and write
23425E42000
heap
page read and write
150D000
trusted library allocation
page read and write
1D4FDD60000
heap
page read and write
20D9205B000
heap
page read and write
7930000
trusted library allocation
page read and write
CA2A000
trusted library allocation
page read and write
23425E85000
heap
page read and write
CCDE000
trusted library allocation
page read and write
5FBF000
trusted library allocation
page read and write
F9902FE000
stack
page read and write
262AD83C000
heap
page read and write
6AD7000
trusted library allocation
page read and write
CAE8000
trusted library allocation
page read and write
A350000
trusted library allocation
page read and write
7871000
trusted library allocation
page read and write
1EF7BB13000
heap
page read and write
20D9297C000
heap
page read and write
CEB6000
trusted library allocation
page read and write
1EF7BA8D000
heap
page read and write
D79A000
trusted library allocation
page read and write
9E58677000
stack
page read and write
CE23000
trusted library allocation
page read and write
DB15000
trusted library allocation
page read and write
D717000
trusted library allocation
page read and write
23425E50000
heap
page read and write
32AE4FE000
stack
page read and write
5FB9000
trusted library allocation
page read and write
CAC1000
trusted library allocation
page read and write
CAE6000
trusted library allocation
page read and write
CCD0000
trusted library allocation
page read and write
1F8D024F000
heap
page read and write
20D92962000
heap
page read and write
20D92976000
heap
page read and write
D17F000
trusted library allocation
page read and write
51C0000
trusted library allocation
page read and write
5FD0000
trusted library allocation
page read and write
CA28000
trusted library allocation
page read and write
CEC0000
trusted library allocation
page read and write
20D92680000
remote allocation
page read and write
CAC1000
trusted library allocation
page read and write
5F9B000
trusted library allocation
page read and write
C98A000
trusted library allocation
page read and write
D068000
trusted library allocation
page read and write
D99C000
trusted library allocation
page read and write
7FD6A000
trusted library allocation
page readonly
5890000
trusted library allocation
page read and write
20E3AD7B000
heap
page read and write
17C8000
trusted library allocation
page read and write
D68E000
trusted library allocation
page read and write
D1A9000
trusted library allocation
page read and write
CCF8000
trusted library allocation
page read and write
13F628B9000
heap
page read and write
153B37E000
stack
page read and write
1551000
trusted library allocation
page read and write
CCD0000
trusted library allocation
page read and write
7879000
trusted library allocation
page read and write
7FD67000
trusted library allocation
page execute read
20D92108000
heap
page read and write
20D9299F000
heap
page read and write
262B2F80000
remote allocation
page read and write
5F9D000
trusted library allocation
page read and write
243B9140000
remote allocation
page read and write
617E000
stack
page read and write
9B60000
trusted library allocation
page read and write
262B2F70000
trusted library allocation
page read and write
DA25000
trusted library allocation
page read and write
1EF7BA52000
heap
page read and write
7ADC000
trusted library allocation
page read and write
23425E41000
heap
page read and write
23425E13000
heap
page read and write
CA6C000
trusted library allocation
page read and write
20D9297B000
heap
page read and write
CA2A000
trusted library allocation
page read and write
CA76000
trusted library allocation
page read and write
20D9205A000
heap
page read and write
6E9E000
stack
page read and write
153B27C000
stack
page read and write
5FF3000
trusted library allocation
page read and write
C4BFAFD000
stack
page read and write
7930000
remote allocation
page read and write
262B2E40000
trusted library allocation
page read and write
CA34000
trusted library allocation
page read and write
CA43000
trusted library allocation
page read and write
F99017E000
stack
page read and write
19911228000
heap
page read and write
262AD902000
heap
page read and write
9B00000
trusted library allocation
page read and write
20D92976000
heap
page read and write
CB93000
trusted library allocation
page read and write
D763000
trusted library allocation
page read and write
D9E2000
trusted library allocation
page read and write
6A33000
trusted library allocation
page read and write
19911268000
heap
page read and write
6ABB000
trusted library allocation
page read and write
153B67D000
stack
page read and write
20D92013000
heap
page read and write
D06E000
stack
page read and write
50DBB7F000
stack
page read and write
262B304A000
heap
page read and write
262B2F60000
trusted library allocation
page read and write
CA43000
trusted library allocation
page read and write
1793000
trusted library allocation
page read and write
5923000
heap
page execute and read and write
20D9204C000
heap
page read and write
D836000
trusted library allocation
page read and write
23425E7B000
heap
page read and write
CB93000
trusted library allocation
page read and write
262ADF30000
trusted library section
page read and write
CCEE000
trusted library allocation
page read and write
243B8A5C000
heap
page read and write
20D92116000
heap
page read and write
1D4FDF02000
heap
page read and write
20D9299B000
heap
page read and write
D030000
trusted library allocation
page read and write
20D92986000
heap
page read and write
262AE301000
trusted library allocation
page read and write
262AE8D0000
trusted library section
page readonly
CA43000
trusted library allocation
page read and write
E00417E000
stack
page read and write
20E3AC70000
heap
page read and write
1817000
trusted library allocation
page execute and read and write
1600000
heap
page read and write
CAC8000
trusted library allocation
page read and write
7FD71000
trusted library allocation
page execute read
20E3AD70000
heap
page read and write
20D9298D000
heap
page read and write
23425E7C000
heap
page read and write
7A8A000
trusted library allocation
page read and write
CA60000
trusted library allocation
page read and write
20D92029000
heap
page read and write
20D9297B000
heap
page read and write
D790000
trusted library allocation
page read and write
CEC1000
trusted library allocation
page read and write
1F8D0302000
heap
page read and write
1D4FDF13000
heap
page read and write
5FC2000
trusted library allocation
page read and write
262B2D00000
trusted library allocation
page read and write
DA60000
trusted library allocation
page read and write
262B30E6000
heap
page read and write
20D9297A000
heap
page read and write
262AE8C0000
trusted library section
page readonly
13F62913000
heap
page read and write
CBD0000
trusted library allocation
page read and write
20D92E00000
heap
page read and write
20D92986000
heap
page read and write
20D9299F000
heap
page read and write
5E20000
trusted library allocation
page read and write
CADA000
trusted library allocation
page read and write
1D4FDE27000
heap
page read and write
DB0D000
trusted library allocation
page read and write
DA24000
trusted library allocation
page read and write
735D000
stack
page read and write
5A3A000
unkown
page readonly
CAB6000
trusted library allocation
page read and write
There are 1508 hidden memdumps, click here to show them.