IOC Report

loading gif

Files

File Path
Type
Category
Malicious
survey-1378794827.xls
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date: Thu Nov 25 10:07:14 2021, Security: 0
initial sample
 malicious
C:\Users\user\Desktop\survey-1378794827.xls
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1251, Name of Creating Application: Microsoft Excel, Create Time/Date: Fri Jun 5 19:19:34 2015, Last Saved Time/Date: Thu Nov 25 10:07:14 2021, Security: 0
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\910AAA36-0A15-4C10-8D87-FDCB55CCE8C8
XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\CBE1DD72.tmp
Composite Document File V2 Document, Cannot read section info
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF6F5851CED86FA606.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DFDA9BDA7C10ADA3A7.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\A5B1.tmp
Composite Document File V2 Document, Cannot read section info
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DF6B851E0CDFC5B426.TMP
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\~DFC61FD91824AB246B.TMP
data
dropped
 clean

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE
"C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE" /automation -Embedding
 malicious
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\System32\regsvr32.exe" C:\Datop\besta.ocx
 malicious
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\System32\regsvr32.exe" C:\Datop\bestb.ocx
 malicious
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\System32\regsvr32.exe" C:\Datop\bestc.ocx
 malicious
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /automation -Embedding
 malicious
C:\Windows\System32\regsvr32.exe
"C:\Windows\System32\regsvr32.exe" C:\Datop\besta.ocx
 malicious
C:\Windows\System32\regsvr32.exe
"C:\Windows\System32\regsvr32.exe" C:\Datop\bestb.ocx
 malicious
C:\Windows\System32\regsvr32.exe
"C:\Windows\System32\regsvr32.exe" C:\Datop\bestc.ocx
 malicious

URLs

Name
IP
Malicious
https://api.diagnosticssdf.office.com
unknown
 clean
https://login.microsoftonline.com/
unknown
 clean
https://shell.suite.office.com:1443
unknown
 clean
https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
unknown
 clean
https://autodiscover-s.outlook.com/
unknown
 clean
https://roaming.edog.
unknown
 clean
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
unknown
 clean
https://cdn.entity.
unknown
 clean
https://api.addins.omex.office.net/appinfo/query
unknown
 clean
https://clients.config.office.net/user/v1.0/tenantassociationkey
unknown
 clean
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
unknown
 clean
https://powerlift.acompli.net
unknown
 clean
https://rpsticket.partnerservices.getmicrosoftkey.com
unknown
 clean
https://lookup.onenote.com/lookup/geolocation/v1
unknown
 clean
https://cortana.ai
unknown
 clean
https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
 clean
https://cloudfiles.onenote.com/upload.aspx
unknown
 clean
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
unknown
 clean
https://entitlement.diagnosticssdf.office.com
unknown
 clean
https://na01.oscs.protection.outlook.com/api/SafeLinksApi/GetPolicy
unknown
 clean
https://api.aadrm.com/
unknown
 clean
https://ofcrecsvcapi-int.azurewebsites.net/
unknown
 clean
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
unknown
 clean
https://api.microsoftstream.com/api/
unknown
 clean
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
unknown
 clean
https://cr.office.com
unknown
 clean
https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
unknown
 clean
https://portal.office.com/account/?ref=ClientMeControl
unknown
 clean
https://graph.ppe.windows.net
unknown
 clean
https://res.getmicrosoftkey.com/api/redemptionevents
unknown
 clean
https://powerlift-frontdesk.acompli.net
unknown
 clean
https://tasks.office.com
unknown
 clean
https://officeci.azurewebsites.net/api/
unknown
 clean
https://sr.outlook.office.net/ws/speech/recognize/assistant/work
unknown
 clean
https://store.office.cn/addinstemplate
unknown
 clean
https://api.aadrm.com
unknown
 clean
https://outlook.office.com/autosuggest/api/v1/init?cvid=
unknown
 clean
https://globaldisco.crm.dynamics.com
unknown
 clean
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
 clean
https://dev0-api.acompli.net/autodetect
unknown
 clean
https://www.odwebp.svc.ms
unknown
 clean
https://api.powerbi.com/v1.0/myorg/groups
unknown
 clean
https://web.microsoftstream.com/video/
unknown
 clean
https://api.addins.store.officeppe.com/addinstemplate
unknown
 clean
https://graph.windows.net
unknown
 clean
https://dataservice.o365filtering.com/
unknown
 clean
https://officesetup.getmicrosoftkey.com
unknown
 clean
https://analysis.windows.net/powerbi/api
unknown
 clean
https://prod-global-autodetect.acompli.net/autodetect
unknown
 clean
https://outlook.office365.com/autodiscover/autodiscover.json
unknown
 clean
https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
unknown
 clean
https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
unknown
 clean
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
unknown
 clean
https://ncus.contentsync.
unknown
 clean
https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
unknown
 clean
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
unknown
 clean
https://srkcampus.org/OYcMRJbL/ji.html
192.185.129.7
 clean
http://weather.service.msn.com/data.aspx
unknown
 clean
https://apis.live.net/v5.0/
unknown
 clean
https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
unknown
 clean
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
unknown
 clean
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
unknown
 clean
https://management.azure.com
unknown
 clean
https://outlook.office365.com
unknown
 clean
https://wus2.contentsync.
unknown
 clean
https://incidents.diagnostics.office.com
unknown
 clean
https://clients.config.office.net/user/v1.0/ios
unknown
 clean
https://insertmedia.bing.office.net/odc/insertmedia
unknown
 clean
https://o365auditrealtimeingestion.manage.office.com
unknown
 clean
https://outlook.office365.com/api/v1.0/me/Activities
unknown
 clean
https://api.office.net
unknown
 clean
https://incidents.diagnosticssdf.office.com
unknown
 clean
https://asgsmsproxyapi.azurewebsites.net/
unknown
 clean
https://clients.config.office.net/user/v1.0/android/policies
unknown
 clean
https://entitlement.diagnostics.office.com
unknown
 clean
https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
unknown
 clean
https://substrate.office.com/search/api/v2/init
unknown
 clean
https://outlook.office.com/
unknown
 clean
https://storage.live.com/clientlogs/uploadlocation
unknown
 clean
https://outlook.office365.com/
unknown
 clean
https://webshell.suite.office.com
unknown
 clean
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
unknown
 clean
https://substrate.office.com/search/api/v1/SearchHistory
unknown
 clean
https://management.azure.com/
unknown
 clean
https://login.windows.net/common/oauth2/authorize
unknown
 clean
https://klevvrtech.com/zxywJAC24KJ/ji.html
192.185.79.2
 clean
https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
unknown
 clean
https://graph.windows.net/
unknown
 clean
https://api.powerbi.com/beta/myorg/imports
unknown
 clean
https://devnull.onenote.com
unknown
 clean
https://ncus.pagecontentsync.
unknown
 clean
https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
unknown
 clean
https://messaging.office.com/
unknown
 clean
https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
unknown
 clean
https://augloop.office.com/v2
unknown
 clean
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
unknown
 clean
https://skyapi.live.net/Activity/
unknown
 clean
https://clients.config.office.net/user/v1.0/mac
unknown
 clean
https://dataservice.o365filtering.com
unknown
 clean
https://api.cortana.ai
unknown
 clean
http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check
unknown
 clean
http://www.windows.com/pctv.
unknown
 clean
http://investor.msn.com
unknown
 clean
http://www.msnbc.com/news/ticker.txt
unknown
 clean
http://www.icra.org/vocabulary/.
unknown
 clean
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
unknown
 clean
http://investor.msn.com/
unknown
 clean
http://www.%s.comPA
unknown
 clean
http://windowsmedia.com/redir/services.asp?WMPFriendly=true
unknown
 clean
http://www.hotmail.com/oe
unknown
 clean
http://servername/isapibackend.dll
unknown
 clean
https://rstebet.co.id/fbmKk6n48G/ji.html
103.247.11.218
 clean
There are 102 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
klevvrtech.com
192.185.79.2
 clean
rstebet.co.id
103.247.11.218
 clean
srkcampus.org
192.185.129.7
 clean

IPs

IP
Domain
Country
Malicious
192.185.129.7
srkcampus.org
United States
clean
192.185.79.2
klevvrtech.com
United States
clean
103.247.11.218
rstebet.co.id
Indonesia
clean

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
qg,
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
rg,
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
RemoteClearDate
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3
Last
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
FilePath
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
StartDate
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
EndDate
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
Properties
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.4954&crev=3\0
Url
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\internet\WebServiceCache
LastClean
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableWinHttpCertAuth
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableIsOwnerRegex
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableSessionAwareHttpClose
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableADALForExtendedApps
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
DisableADALSetSilentAuth
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
msoridDisableGuestCredProvider
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
msoridDisableOstringReplace
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
LastBootTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle
ReviewToken
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\1C02F
1C02F
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
VBAFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
MSForms
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ExdCache\Excel8.0
MSComctlLib
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
%~,
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\315AD
315AD
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\31FCF
31FCF
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General
FileFormatBallotBoxTelemetrySent
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-US
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
en-US
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109110000000000000000F01FEC\Usage
EXCELFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
RoamingConfigurableSettings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
RoamingLastSyncTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
RoamingLastWriteTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IOAV
LastBootTime
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109E60090400000000000F01FEC\Usage
ProductNonBootFilesIntl_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109E60090400000000000F01FEC\Usage
ProductNonBootFilesIntl_1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents
LastPurgeTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
8k,
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel
MTTT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
ReviewToken
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\2EE55
2EE55
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
VBAFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\StartupItems
n{,
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\system32\qagentrt.dll,-10
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\System32\wuaueng.dll,-400
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
ProductNonBootFilesIntl_1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\3AF14
3AF14
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Security\Trusted Documents
LastPurgeTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Place MRU
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Max Display
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 1
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 3
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 4
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 5
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 6
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 8
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 9
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 10
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 11
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 12
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 13
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 14
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 15
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 16
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 17
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 18
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 19
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\file mru
Item 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Resiliency\DocumentRecovery\3BFB6
3BFB6
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
EXCELFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
ProductNonBootFilesIntl_1033
 clean
There are 99 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF53CC8F000
unkown image
page readonly
 clean
7FF5CF075000
unkown image
page readonly
 clean
2155A390000
unkown image
page readonly
 clean
7FF56B95D000
unkown image
page readonly
 clean
7FF5D269F000
unkown image
page readonly
 clean
63F1C7E000
stack
page read and write
 clean
1FF027A0000
unkown image
page readonly
 clean
7FF5907D3000
unkown image
page readonly
 clean
237114FC000
unkown
page read and write
 clean
2655000
unkown image
page readonly
 clean
25F4000
unkown image
page readonly
 clean
2C70000
unkown
page read and write
 clean
2928000
unkown
page read and write
 clean
7FAB0000
unkown image
page readonly
 clean
7DF59B092000
unkown image
page readonly
 clean
23711254000
unkown
page read and write
 clean
23711370000
unkown
page read and write
 clean
7FF590840000
unkown image
page readonly
 clean
7DF506C90000
unkown image
page readonly
 clean
237114BD000
unkown
page read and write
 clean
77E0000
unkown
page read and write
 clean
2651000
unkown image
page readonly
 clean
86F35FD000
stack
page read and write
 clean
2581000
unkown image
page readonly
 clean
7FF5D2B1D000
unkown image
page readonly
 clean
7FF5D2755000
unkown image
page readonly
 clean
7FF52B35F000
unkown image
page readonly
 clean
7FE02000
unkown image
page readonly
 clean
7FF546413000
unkown image
page readonly
 clean
28E0000
unkown
page read and write
 clean
2370C518000
unkown
page read and write
 clean
24CF8150000
unkown
page read and write
 clean
23711274000
unkown
page read and write
 clean
24CF823C000
unkown
page read and write
 clean
5413CFE000
stack
page read and write
 clean
1F4EF740000
unkown
page read and write
 clean
24CF8780000
unkown image
page readonly
 clean
7FF54F93E000
unkown image
page readonly
 clean
24021E02000
unkown
page read and write
 clean
7FF54645D000
unkown image
page readonly
 clean
5B0000
unkown image
page readonly
 clean
7FF54F648000
unkown image
page readonly
 clean
7FF546593000
unkown image
page readonly
 clean
1E8D7E00000
unkown
page read and write
 clean
2B90000
unkown image
page readonly
 clean
7FF585766000
unkown image
page readonly
 clean
25FD000
unkown image
page readonly
 clean
2370BC40000
unkown
page read and write
 clean
7FF53CBC9000
unkown image
page readonly
 clean
7FF5D2B29000
unkown image
page readonly
 clean
7FF56B910000
unkown image
page readonly
 clean
63F1B7A000
stack
page read and write
 clean
7FF52B35B000
unkown image
page readonly
 clean
7FAC0000
unkown image
page readonly
 clean
1E8D8550000
unkown
page read and write
 clean
1B3BAA80000
unkown
page read and write
 clean
7DF565480000
unkown image
page readonly
 clean
7FF54FB6F000
unkown image
page readonly
 clean
7FAC0000
unkown image
page readonly
 clean
25BB000
unkown image
page readonly
 clean
2B6A000
heap private
page read and write
 clean
7FF53CC48000
unkown image
page readonly
 clean
25C1000
unkown image
page readonly
 clean
7DF5525A0000
unkown image
page readonly
 clean
2155A458000
unkown
page read and write
 clean
7FF546608000
unkown image
page readonly
 clean
1F8229E0000
heap default
page read and write
 clean
1F4EF380000
unkown
page read and write
 clean
1B3BA9CE000
unkown
page read and write
 clean
7FF5CECE3000
unkown image
page readonly
 clean
7FF52B0FD000
unkown image
page readonly
 clean
7FF4F129C000
unkown image
page readonly
 clean
7FF5D2B25000
unkown image
page readonly
 clean
86F347F000
stack
page read and write
 clean
2B60000
heap private
page read and write
 clean
6AC610F000
stack
page read and write
 clean
1F822A1D000
unkown
page read and write
 clean
24CF8000000
unkown image
page readonly
 clean
7FDF2000
unkown image
page readonly
 clean
24CF7FE0000
unkown image
page read and write
 clean
5A0000
unkown image
page read and write
 clean
7FF5CF06F000
unkown image
page readonly
 clean
24021620000
heap default
page read and write
 clean
7FF545C9E000
unkown image
page readonly
 clean
1A34FDB0000
unkown
page read and write
 clean
24021908000
unkown
page read and write
 clean
7FF546510000
unkown image
page readonly
 clean
9E83DFF000
stack
page read and write
 clean
265C000
unkown image
page readonly
 clean
7DF552580000
unkown image
page readonly
 clean
25ED000
unkown image
page readonly
 clean
290EC902000
unkown
page read and write
 clean
5D0000
unkown image
page readonly
 clean
2258000
unkown image
page readonly
 clean
2C00000
unkown
page read and write
 clean
255D000
unkown image
page readonly
 clean
1E8D7EB8000
unkown
page read and write
 clean
7FF5CF204000
unkown image
page readonly
 clean
24CF8270000
unkown
page read and write
 clean
2155AC02000
unkown
page read and write
 clean
7DF5A6162000
unkown image
page readonly
 clean
7FF5856AC000
unkown image
page readonly
 clean
2370D090000
unkown
page read and write
 clean
1B3BB7F0000
unkown
page read and write
 clean
290EC87C000
unkown
page read and write
 clean
2486000
unkown image
page readonly
 clean
7FF5907A9000
unkown image
page readonly
 clean
7FF54F90D000
unkown image
page readonly
 clean
2370BC6F000
unkown
page read and write
 clean
7930000
unkown
page read and write
 clean
2402184E000
unkown
page read and write
 clean
1A34F802000
unkown
page read and write
 clean
4804000
heap private
page read and write
 clean
290EC710000
unkown image
page readonly
 clean
24CF8020000
unkown image
page readonly
 clean
23711300000
unkown
page read and write
 clean
7FF5CF155000
unkown image
page readonly
 clean
1F4EEB13000
unkown
page read and write
 clean
1F4EF3C3000
unkown
page read and write
 clean
7FF5D2BB6000
unkown image
page readonly
 clean
7DF59B0B0000
unkown image
page readonly
 clean
7FF56BA20000
unkown image
page readonly
 clean
7FF4F1294000
unkown image
page readonly
 clean
7FF5CF1EB000
unkown image
page readonly
 clean
23711400000
unkown
page read and write
 clean
1E8D7E6E000
unkown
page read and write
 clean
1F4EF38C000
unkown
page read and write
 clean
63F1CFF000
stack
page read and write
 clean
79B32FE000
stack
page read and write
 clean
1F822A20000
unkown
page read and write
 clean
7FAB2000
unkown image
page readonly
 clean
7FF585674000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
7FF4F12C5000
unkown image
page readonly
 clean
79B387F000
stack
page read and write
 clean
256D000
unkown image
page readonly
 clean
1F4EF365000
unkown
page read and write
 clean
7FF546303000
unkown image
page readonly
 clean
7FF52B278000
unkown image
page readonly
 clean
290EC740000
heap default
page read and write
 clean
2667000
unkown image
page readonly
 clean
2370C330000
unkown
page read and write
 clean
7FF52B013000
unkown image
page readonly
 clean
1B3BA9E9000
unkown
page read and write
 clean
A66000
unkown image
page readonly
 clean
2590000
unkown image
page readonly
 clean
7FF5D2BAF000
unkown image
page readonly
 clean
7DF59B092000
unkown image
page readonly
 clean
24CF8229000
unkown
page read and write
 clean
1A34FDB0000
unkown
page read and write
 clean
7FF5D2BA8000
unkown image
page readonly
 clean
B2A10FE000
stack
page read and write
 clean
1F4EE9E0000
heap default
page read and write
 clean
7DF540C70000
unkown image
page readonly
 clean
7FF5DE38F000
unkown image
page readonly
 clean
7FF52B35F000
unkown image
page readonly
 clean
7FF53CA5E000
unkown image
page readonly
 clean
2370BC77000
unkown
page read and write
 clean
2651000
unkown image
page readonly
 clean
2370BB80000
unkown image
page readonly
 clean
2586000
unkown image
page readonly
 clean
7FF58579F000
unkown image
page readonly
 clean
7FF56B920000
unkown image
page readonly
 clean
1A34F5C0000
heap private
page read and write
 clean
2CB1000
unkown
page read and write
 clean
237114F5000
unkown
page read and write
 clean
7FF546500000
unkown image
page readonly
 clean
290EC829000
unkown
page read and write
 clean
290EC813000
unkown
page read and write
 clean
F1B3A7E000
stack
page read and write
 clean
264B000
unkown image
page readonly
 clean
7FF5CF20B000
unkown image
page readonly
 clean
6E0000
unkown image
page readonly
 clean
216647E000
stack
page read and write
 clean
7FF59082F000
unkown image
page readonly
 clean
7FF5CF1E6000
unkown image
page readonly
 clean
7DF55BF50000
unkown image
page readonly
 clean
7FF52B299000
unkown image
page readonly
 clean
7DF5A6162000
unkown image
page readonly
 clean
7FF5DE16D000
unkown image
page readonly
 clean
2655000
unkown image
page readonly
 clean
7FF54FB4D000
unkown image
page readonly
 clean
1A34FC00000
unkown image
page readonly
 clean
7FF546568000
unkown image
page readonly
 clean
86F32FF000
stack
page read and write
 clean
7FF5D2AFC000
unkown image
page readonly
 clean
7FF58553D000
unkown image
page readonly
 clean
7FF5903D5000
unkown image
page readonly
 clean
7D0000
unkown image
page readonly
 clean
2370BD02000
unkown
page read and write
 clean
7FF5D28E3000
unkown image
page readonly
 clean
7FF53CC6D000
unkown image
page readonly
 clean
237114ED000
unkown
page read and write
 clean
2589000
unkown image
page readonly
 clean
2371142C000
unkown
page read and write
 clean
7F7A2000
unkown image
page readonly
 clean
1FF03002000
unkown
page read and write
 clean
2494000
unkown image
page readonly
 clean
7FF5854A7000
unkown image
page readonly
 clean
24CF8400000
unkown image
page readonly
 clean
7FF5D28DC000
unkown image
page readonly
 clean
2998000
unkown
page read and write
 clean
7DF565470000
unkown image
page readonly
 clean
2667000
unkown image
page readonly
 clean
2155A400000
unkown
page read and write
 clean
7FF5D2A9D000
unkown image
page readonly
 clean
1A34F600000
unkown image
page readonly
 clean
25C9000
unkown image
page readonly
 clean
7FCF0000
unkown image
page readonly
 clean
7FF53CBF5000
unkown image
page readonly
 clean
7FF585697000
unkown image
page readonly
 clean
7DF540C62000
unkown image
page readonly
 clean
7DF55BF42000
unkown image
page readonly
 clean
7FF56B989000
unkown image
page readonly
 clean
1FF0284B000
unkown
page read and write
 clean
24021A00000
unkown image
page readonly
 clean
7DF581352000
unkown image
page readonly
 clean
9320E7C000
stack
page read and write
 clean
7FF5D287A000
unkown image
page readonly
 clean
1E8D82E0000
unkown image
page readonly
 clean
2CB8000
unkown
page read and write
 clean
290EC850000
unkown
page read and write
 clean
1F4EF3B0000
unkown
page read and write
 clean
1F4EF35F000
unkown
page read and write
 clean
7DF5E84E2000
unkown image
page readonly
 clean
7FF5D2AF7000
unkown image
page readonly
 clean
2258000
unkown image
page readonly
 clean
7FF5907A5000
unkown image
page readonly
 clean
7DF552592000
unkown image
page readonly
 clean
1F822A06000
unkown
page read and write
 clean
7FF5D2940000
unkown image
page readonly
 clean
4FCB6FD000
stack
page read and write
 clean
932071C000
unkown
page read and write
 clean
2155A465000
unkown
page read and write
 clean
1F822A11000
unkown
page read and write
 clean
2155A442000
unkown
page read and write
 clean
7FF5D2ADC000
unkown image
page readonly
 clean
7FF59079D000
unkown image
page readonly
 clean
1F4EF36E000
unkown
page read and write
 clean
2960000
heap default
page read and write
 clean
7FF54663B000
unkown image
page readonly
 clean
2370BBD0000
heap default
page read and write
 clean
2370BC8B000
unkown
page read and write
 clean
256D000
unkown image
page readonly
 clean
24CF8200000
unkown
page read and write
 clean
86B000
unkown
page read and write
 clean
7FF54664F000
unkown image
page readonly
 clean
25DD000
unkown image
page readonly
 clean
7FF5D2452000
unkown image
page readonly
 clean
83E000
stack
page read and write
 clean
1F4EF3C0000
unkown
page read and write
 clean
24CF8600000
unkown image
page readonly
 clean
1F4EF38B000
unkown
page read and write
 clean
7FF5D28DA000
unkown image
page readonly
 clean
7FF53CB9C000
unkown image
page readonly
 clean
1F4EF900000
unkown
page read and write
 clean
2155A47E000
unkown
page read and write
 clean
25CC000
unkown image
page readonly
 clean
23711120000
unkown
page read and write
 clean
1A34F5D0000
unkown image
page readonly
 clean
7DF5E8500000
unkown image
page readonly
 clean
7DF581352000
unkown image
page readonly
 clean
1F4EEA58000
unkown
page read and write
 clean
1A350000000
unkown
page read and write
 clean
7DF552582000
unkown image
page readonly
 clean
1F4EF802000
unkown
page read and write
 clean
7FF546360000
unkown image
page readonly
 clean
2402183C000
unkown
page read and write
 clean
7FF5D2390000
unkown image
page readonly
 clean
290EC876000
unkown
page read and write
 clean
9E844FE000
stack
page read and write
 clean
7FF5907B3000
unkown image
page readonly
 clean
216687D000
stack
page read and write
 clean
7FF54F933000
unkown image
page readonly
 clean
7FF5D2465000
unkown image
page readonly
 clean
2155A46B000
unkown
page read and write
 clean
2B7F000
stack
page read and write
 clean
2155A431000
unkown
page read and write
 clean
7FF5CF1F0000
unkown image
page readonly
 clean
2370CB30000
unkown image
page read and write
 clean
23711452000
unkown
page read and write
 clean
7FF5DE3BE000
unkown image
page readonly
 clean
1E8D8470000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
7FF546113000
unkown image
page readonly
 clean
7FF5CF1FD000
unkown image
page readonly
 clean
2981000
unkown
page read and write
 clean
3B0000
unkown image
page read and write
 clean
7FF585682000
unkown image
page readonly
 clean
2370BC79000
unkown
page read and write
 clean
7DF506C82000
unkown image
page readonly
 clean
1F4EF36A000
unkown
page read and write
 clean
7FF54662D000
unkown image
page readonly
 clean
1FF02913000
unkown
page read and write
 clean
2402184B000
unkown
page read and write
 clean
265C000
unkown image
page readonly
 clean
7FE00000
unkown image
page readonly
 clean
7DF540C50000
unkown image
page readonly
 clean
1F4EF3C4000
unkown
page read and write
 clean
2370CD10000
unkown image
page readonly
 clean
7FF5464A5000
unkown image
page readonly
 clean
7FF5CF185000
unkown image
page readonly
 clean
2370BC58000
unkown
page read and write
 clean
1B3BA9DD000
unkown
page read and write
 clean
1A34FDB0000
unkown
page read and write
 clean
7FF546463000
unkown image
page readonly
 clean
7FF56BA16000
unkown image
page readonly
 clean
2991000
unkown
page read and write
 clean
3C0000
unkown image
page readonly
 clean
76DF000
stack
page read and write
 clean
2E9A000
heap private
page read and write
 clean
7F7A0000
unkown image
page readonly
 clean
25DD000
unkown image
page readonly
 clean
23711447000
unkown
page read and write
 clean
7FF52B295000
unkown image
page readonly
 clean
7DF565460000
unkown image
page readonly
 clean
1A34F700000
unkown image
page readonly
 clean
1F4EEA00000
unkown
page read and write
 clean
93210FC000
stack
page read and write
 clean
7FF5460FF000
unkown image
page readonly
 clean
7FF54F639000
unkown image
page readonly
 clean
7FF590854000
unkown image
page readonly
 clean
1F4EEAAB000
unkown
page read and write
 clean
7FF5D245D000
unkown image
page readonly
 clean
2155A380000
heap private
page read and write
 clean
2F40000
unkown image
page readonly
 clean
24021902000
unkown
page read and write
 clean
1F4EF36A000
unkown
page read and write
 clean
7DF498F60000
unkown image
page readonly
 clean
7DF59B090000
unkown image
page readonly
 clean
7FF4F111A000
unkown image
page readonly
 clean
1E8D7D90000
heap private
page read and write
 clean
74F0000
unkown
page read and write
 clean
1F4EF39F000
unkown
page read and write
 clean
7FF5D2987000
unkown image
page readonly
 clean
2CA8000
unkown
page read and write
 clean
7FF54FAA5000
unkown image
page readonly
 clean
7FF5D2913000
unkown image
page readonly
 clean
1F822A0F000
unkown
page read and write
 clean
7FF546128000
unkown image
page readonly
 clean
7FF54F9E4000
unkown image
page readonly
 clean
7FDF0000
unkown image
page readonly
 clean
7FF5856E3000
unkown image
page readonly
 clean
2370BC91000
unkown
page read and write
 clean
7DF4E63B0000
unkown image
page readonly
 clean
7FF5CECE9000
unkown image
page readonly
 clean
5F7000
unkown
page read and write
 clean
1FF02800000
unkown
page read and write
 clean
7DF5E4B20000
unkown image
page readonly
 clean
1F4EF802000
unkown
page read and write
 clean
7FF5CEED3000
unkown image
page readonly
 clean
3C0000
unkown image
page readonly
 clean
1FF02849000
unkown
page read and write
 clean
2651000
unkown image
page readonly
 clean
25D5000
unkown image
page readonly
 clean
9320DFE000
stack
page read and write
 clean
7FF5907BA000
unkown image
page readonly
 clean
7FF5DE2BC000
unkown image
page readonly
 clean
1F4EF3BF000
unkown
page read and write
 clean
7FF56BA2D000
unkown image
page readonly
 clean
2370BC9C000
unkown
page read and write
 clean
1F4EF38E000
unkown
page read and write
 clean
1B3BA960000
unkown
page read and write
 clean
9E841FE000
stack
page read and write
 clean
7DF581350000
unkown image
page readonly
 clean
7FF546532000
unkown image
page readonly
 clean
840000
unkown image
page readonly
 clean
1F4EF3C4000
unkown
page read and write
 clean
1F4EE9C0000
unkown image
page readonly
 clean
24021C00000
unkown image
page readonly
 clean
1B3BAB00000
unkown
page read and write
 clean
1A34F5F0000
unkown image
page readonly
 clean
7FF5462D4000
unkown image
page readonly
 clean
1F4EEA49000
unkown
page read and write
 clean
7FF54F983000
unkown image
page readonly
 clean
24021D80000
unkown image
page readonly
 clean
7DF463330000
unkown image
page readonly
 clean
7FF54F9BF000
unkown image
page readonly
 clean
7FF53C2E4000
unkown image
page readonly
 clean
769E000
stack
page read and write
 clean
2C5E000
stack
page read and write
 clean
7FF56BA3B000
unkown image
page readonly
 clean
2370BC29000
unkown
page read and write
 clean
7DF5F3CC2000
unkown image
page readonly
 clean
1F8229F1000
unkown
page read and write
 clean
2370BCAF000
unkown
page read and write
 clean
1FF02CE0000
unkown image
page readonly
 clean
86F33FE000
stack
page read and write
 clean
7FF5D2BBB000
unkown image
page readonly
 clean
7DF565472000
unkown image
page readonly
 clean
2CA8000
unkown
page read and write
 clean
9E83CFD000
stack
page read and write
 clean
7FF53CBD3000
unkown image
page readonly
 clean
1F4EEA55000
unkown
page read and write
 clean
2370BC9E000
unkown
page read and write
 clean
25A0000
unkown image
page readonly
 clean
9320F7C000
stack
page read and write
 clean
7FF585784000
unkown image
page readonly
 clean
1F4EF365000
unkown
page read and write
 clean
2371141E000
unkown
page read and write
 clean
2BB7000
heap private
page read and write
 clean
23711413000
unkown
page read and write
 clean
1F4EF802000
unkown
page read and write
 clean
7FF58542A000
unkown image
page readonly
 clean
7FF5DE1DD000
unkown image
page readonly
 clean
7FF5DE1F2000
unkown image
page readonly
 clean
7DF5A6180000
unkown image
page readonly
 clean
7FF5D2B3A000
unkown image
page readonly
 clean
7FF54FAB3000
unkown image
page readonly
 clean
7DF552590000
unkown image
page readonly
 clean
7FF5D2AA0000
unkown image
page readonly
 clean
21666FE000
stack
page read and write
 clean
2370BBA0000
unkown image
page readonly
 clean
7F9B0000
unkown image
page readonly
 clean
6AC65FF000
stack
page read and write
 clean
290ECE50000
unkown image
page readonly
 clean
7DF506CA0000
unkown image
page readonly
 clean
7DF59B0A2000
unkown image
page readonly
 clean
7FF5CEFE3000
unkown image
page readonly
 clean
7FF56BA4F000
unkown image
page readonly
 clean
1FF0284F000
unkown
page read and write
 clean
1F4EF3A0000
unkown
page read and write
 clean
2155A440000
unkown
page read and write
 clean
25CC000
unkown image
page readonly
 clean
7FF54FB6F000
unkown image
page readonly
 clean
1A34F7F0000
unkown
page read and write
 clean
237114DC000
unkown
page read and write
 clean
2155A370000
unkown image
page read and write
 clean
23711390000
unkown
page read and write
 clean
1F4EEA84000
unkown
page read and write
 clean
1B3BAF60000
unkown image
page readonly
 clean
7FF546543000
unkown image
page readonly
 clean
7FF56B947000
unkown image
page readonly
 clean
290ECAD0000
unkown image
page readonly
 clean
7FF54FB6B000
unkown image
page readonly
 clean
2BB0000
heap private
page read and write
 clean
A55000
unkown image
page readonly
 clean
7DF5A6160000
unkown image
page readonly
 clean
7FF4F0A01000
unkown image
page readonly
 clean
237114AF000
unkown
page read and write
 clean
1E8D82D0000
unkown image
page readonly
 clean
7FF5DDE7F000
unkown image
page readonly
 clean
21665FE000
stack
page read and write
 clean
7FF54663E000
unkown image
page readonly
 clean
7FF53CC7B000
unkown image
page readonly
 clean
1F4EF35D000
unkown
page read and write
 clean
25D5000
unkown image
page readonly
 clean
7FF5DE162000
unkown image
page readonly
 clean
7FF54659A000
unkown image
page readonly
 clean
2155A45C000
unkown
page read and write
 clean
2155A47A000
unkown
page read and write
 clean
7DF506C80000
unkown image
page readonly
 clean
7FF5856CD000
unkown image
page readonly
 clean
24021600000
unkown image
page readonly
 clean
2B50000
unkown
page read and write
 clean
83B000
unkown
page read and write
 clean
1F4EEA51000
unkown
page read and write
 clean
7DF5A6160000
unkown image
page readonly
 clean
7FF585693000
unkown image
page readonly
 clean
7FF5D2B08000
unkown image
page readonly
 clean
7FF5DE3CB000
unkown image
page readonly
 clean
2938000
unkown
page read and write
 clean
7FF5D2770000
unkown image
page readonly
 clean
7FDF0000
unkown image
page readonly
 clean
1B3BA9F5000
unkown
page read and write
 clean
7FF5D2BEB000
unkown image
page readonly
 clean
24021700000
unkown image
page readonly
 clean
93213FE000
stack
page read and write
 clean
86F2F7B000
stack
page read and write
 clean
7FF53CC7E000
unkown image
page readonly
 clean
2880000
unkown image
page readonly
 clean
7FF5D2BEF000
unkown image
page readonly
 clean
2370C559000
unkown
page read and write
 clean
3F0000
unkown image
page readonly
 clean
6AC6579000
stack
page read and write
 clean
1F4EF3C0000
unkown
page read and write
 clean
1E8D7DA0000
unkown image
page readonly
 clean
7FF4F12F5000
unkown image
page readonly
 clean
7FF546547000
unkown image
page readonly
 clean
86F307E000
stack
page read and write
 clean
7FF5DE305000
unkown image
page readonly
 clean
7FF5DE244000
unkown image
page readonly
 clean
25AA000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
1FF0283C000
unkown
page read and write
 clean
2BC0000
unkown image
page readonly
 clean
7FF5CF094000
unkown image
page readonly
 clean
237110A0000
unkown
page read and write
 clean
290ECE60000
unkown image
page readonly
 clean
7FF4E503E000
unkown image
page readonly
 clean
25CC000
unkown image
page readonly
 clean
2155A3E0000
heap default
page read and write
 clean
64A000
unkown
page read and write
 clean
25D9000
unkown image
page readonly
 clean
2B3E000
stack
page read and write
 clean
7FF5464C4000
unkown image
page readonly
 clean
2370C415000
unkown
page read and write
 clean
7FF54FB2F000
unkown image
page readonly
 clean
7FF5CF21B000
unkown image
page readonly
 clean
7FF54FB3B000
unkown image
page readonly
 clean
7DF506C90000
unkown image
page readonly
 clean
7FF54F1BE000
unkown image
page readonly
 clean
7FF5CF1DF000
unkown image
page readonly
 clean
24CF824B000
unkown
page read and write
 clean
1A34F823000
unkown
page read and write
 clean
7FF58579F000
unkown image
page readonly
 clean
7FF5D26F6000
unkown image
page readonly
 clean
1F4EF963000
unkown
page read and write
 clean
7FF590010000
unkown image
page readonly
 clean
1F4EF3BF000
unkown
page read and write
 clean
24021829000
unkown
page read and write
 clean
75E0000
unkown
page read and write
 clean
7DF581342000
unkown image
page readonly
 clean
25A0000
unkown image
page readonly
 clean
25FD000
unkown image
page readonly
 clean
2594000
unkown image
page readonly
 clean
63F17BA000
unkown
page read and write
 clean
7FF5461F4000
unkown image
page readonly
 clean
7DF5E8500000
unkown image
page readonly
 clean
7F792000
unkown image
page readonly
 clean
4800000
heap private
page read and write
 clean
25DD000
unkown image
page readonly
 clean
7FF53CA2D000
unkown image
page readonly
 clean
7FF54FAD5000
unkown image
page readonly
 clean
2CAC000
unkown
page read and write
 clean
7FF5DE3CD000
unkown image
page readonly
 clean
1F4EEA4F000
unkown
page read and write
 clean
7FF53CC60000
unkown image
page readonly
 clean
237114D7000
unkown
page read and write
 clean
23711260000
unkown
page read and write
 clean
1B3BAD60000
unkown image
page readonly
 clean
7FF5463A0000
unkown image
page readonly
 clean
7FF4F0BC3000
unkown image
page readonly
 clean
1A34F5D0000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
7FF5D2BD4000
unkown image
page readonly
 clean
7FF5D2BED000
unkown image
page readonly
 clean
295F000
stack
page read and write
 clean
7FF5D2AD2000
unkown image
page readonly
 clean
7F7A2000
unkown image
page readonly
 clean
24CF8030000
unkown image
page readonly
 clean
1F4EF325000
unkown
page read and write
 clean
7FF546507000
unkown image
page readonly
 clean
7FF5CEA8E000
unkown image
page readonly
 clean
24CF8302000
unkown
page read and write
 clean
7FF546181000
unkown image
page readonly
 clean
7FF5D2BBE000
unkown image
page readonly
 clean
1B3BA9E3000
heap default
page read and write
 clean
24CF8313000
unkown
page read and write
 clean
2B80000
heap private
page read and write
 clean
1E8D7EC7000
unkown
page read and write
 clean
1F4EEA53000
unkown
page read and write
 clean
1A34F902000
unkown
page read and write
 clean
1B3BAB50000
unkown
page read and write
 clean
24CF8300000
unkown
page read and write
 clean
240215B0000
unkown image
page read and write
 clean
1B3BA840000
unkown image
page readonly
 clean
54139FC000
unkown
page read and write
 clean
2988000
unkown
page read and write
 clean
7FF53CBA8000
unkown image
page readonly
 clean
7DF59B0A0000
unkown image
page readonly
 clean
7FF546585000
unkown image
page readonly
 clean
7DF5E4B10000
unkown image
page readonly
 clean
7FF5D2AC8000
unkown image
page readonly
 clean
7DF5E84F0000
unkown image
page readonly
 clean
23711380000
unkown
page read and write
 clean
7DF565462000
unkown image
page readonly
 clean
7FF54657D000
unkown image
page readonly
 clean
2370BB80000
unkown image
page readonly
 clean
2370CD30000
unkown image
page readonly
 clean
7DF5F3CC0000
unkown image
page readonly
 clean
7FF54653C000
unkown image
page readonly
 clean
7FF58579D000
unkown image
page readonly
 clean
9E842FF000
stack
page read and write
 clean
7FF59077D000
unkown image
page readonly
 clean
7FF53CBC5000
unkown image
page readonly
 clean
7FF5DE2E8000
unkown image
page readonly
 clean
7FF5D2AE7000
unkown image
page readonly
 clean
7FF56BA4D000
unkown image
page readonly
 clean
7FDF2000
unkown image
page readonly
 clean
265C000
unkown image
page readonly
 clean
290EC770000
unkown
page read and write
 clean
1F4EF380000
unkown
page read and write
 clean
24CF8050000
heap default
page read and write
 clean
2370C502000
unkown
page read and write
 clean
7FF5CF127000
unkown image
page readonly
 clean
7FF4F0B64000
unkown image
page readonly
 clean
2BDD000
unkown
page read and write
 clean
290EC85B000
unkown
page read and write
 clean
24CF8213000
unkown
page read and write
 clean
B2A127E000
stack
page read and write
 clean
24CF8A02000
unkown
page read and write
 clean
7DF540C62000
unkown image
page readonly
 clean
7FF5D276A000
unkown image
page readonly
 clean
86F327E000
stack
page read and write
 clean
7FF5DDF2E000
unkown image
page readonly
 clean
7FF5D2BDE000
unkown image
page readonly
 clean
2985000
unkown
page read and write
 clean
2590000
unkown image
page readonly
 clean
1B3BAB45000
heap private
page read and write
 clean
2890000
unkown image
page readonly
 clean
1F822950000
unkown
page read and write
 clean
7FF5CF21F000
unkown image
page readonly
 clean
7FF58578B000
unkown image
page readonly
 clean
2370BB70000
heap private
page read and write
 clean
1FF02908000
unkown
page read and write
 clean
264B000
unkown image
page readonly
 clean
1B3BAB40000
heap private
page read and write
 clean
7FF5DE3CF000
unkown image
page readonly
 clean
4FCBE7E000
stack
page read and write
 clean
7FAC2000
unkown image
page readonly
 clean
86F36FE000
stack
page read and write
 clean
1F822A11000
unkown
page read and write
 clean
7DF5E4B12000
unkown image
page readonly
 clean
24021813000
unkown
page read and write
 clean
7F7B0000
unkown image
page readonly
 clean
1B3BA980000
heap default
page read and write
 clean
7FF5DE3CF000
unkown image
page readonly
 clean
1FF02902000
unkown
page read and write
 clean
7FF5464FD000
unkown image
page readonly
 clean
7FF52B26C000
unkown image
page readonly
 clean
290EC6F0000
unkown image
page readonly
 clean
7FF58556F000
unkown image
page readonly
 clean
7DF5F3CD2000
unkown image
page readonly
 clean
1A34F800000
unkown
page read and write
 clean
1E8D7DF0000
heap default
page read and write
 clean
7FF54FB40000
unkown image
page readonly
 clean
7FF54641E000
unkown image
page readonly
 clean
7DF59B0A0000
unkown image
page readonly
 clean
7DF4E29E0000
unkown image
page readonly
 clean
1F822F30000
unkown image
page readonly
 clean
1F4EF3D1000
unkown
page read and write
 clean
2923000
heap default
page read and write
 clean
2931000
unkown
page read and write
 clean
1B3BB550000
unkown
page read and write
 clean
7DF5525A0000
unkown image
page readonly
 clean
1B3BA820000
unkown image
page read and write
 clean
7DF565472000
unkown image
page readonly
 clean
2EF0000
unkown image
page readonly
 clean
7FF56B29B000
unkown image
page readonly
 clean
7FF53CC8B000
unkown image
page readonly
 clean
2370C402000
unkown
page read and write
 clean
5413F7E000
stack
page read and write
 clean
7FF56B7ED000
unkown image
page readonly
 clean
1F4EEAE8000
unkown
page read and write
 clean
2452000
unkown image
page readonly
 clean
2667000
unkown image
page readonly
 clean
1B3BAB49000
heap private
page read and write
 clean
1B3BAB00000
unkown
page read and write
 clean
256D000
unkown image
page readonly
 clean
2370BBE0000
unkown image
page readonly
 clean
7FF52B2A3000
unkown image
page readonly
 clean
7FF52B318000
unkown image
page readonly
 clean
1F4EEA5B000
unkown
page read and write
 clean
2258000
unkown image
page readonly
 clean
7DF5E4B10000
unkown image
page readonly
 clean
7DF540C50000
unkown image
page readonly
 clean
2370C558000
unkown
page read and write
 clean
93211FE000
stack
page read and write
 clean
7DF565480000
unkown image
page readonly
 clean
1F4EEA4B000
unkown
page read and write
 clean
7F7A0000
unkown image
page readonly
 clean
1F4EF365000
unkown
page read and write
 clean
21664FC000
stack
page read and write
 clean
B2A137E000
stack
page read and write
 clean
7DF5F3CC0000
unkown image
page readonly
 clean
B2A147E000
stack
page read and write
 clean
2667000
unkown image
page readonly
 clean
1F4EEA4A000
unkown
page read and write
 clean
7FF546616000
unkown image
page readonly
 clean
7F790000
unkown image
page readonly
 clean
1F4EEAE7000
unkown
page read and write
 clean
7DF581340000
unkown image
page readonly
 clean
7FF546557000
unkown image
page readonly
 clean
1F822A1E000
unkown
page read and write
 clean
7FF585355000
unkown image
page readonly
 clean
1A34F5B0000
unkown image
page read and write
 clean
7FF58561E000
unkown image
page readonly
 clean
2DC0000
unkown image
page readonly
 clean
7DF55BF52000
unkown image
page readonly
 clean
7FE00000
unkown image
page readonly
 clean
7FF5DE2C5000
unkown image
page readonly
 clean
29E0000
unkown image
page readonly
 clean
2155A502000
unkown
page read and write
 clean
25C5000
unkown image
page readonly
 clean
1B3BA860000
unkown image
page readonly
 clean
7C0000
unkown image
page read and write
 clean
1B3BA9E6000
unkown
page read and write
 clean
720000
heap default
page read and write
 clean
7FF54634D000
unkown image
page readonly
 clean
1E8D7F13000
unkown
page read and write
 clean
7DF581360000
unkown image
page readonly
 clean
7FF545CA4000
unkown image
page readonly
 clean
25C5000
unkown image
page readonly
 clean
7FF54FA9D000
unkown image
page readonly
 clean
7FF5DDF2A000
unkown image
page readonly
 clean
7FF56B9B5000
unkown image
page readonly
 clean
2586000
unkown image
page readonly
 clean
2370BC74000
unkown
page read and write
 clean
25D5000
unkown image
page readonly
 clean
1F4EF37D000
unkown
page read and write
 clean
24CF8000000
unkown image
page readonly
 clean
2A00000
heap default
page read and write
 clean
28BE000
stack
page read and write
 clean
86F34FF000
stack
page read and write
 clean
7FF56B957000
unkown image
page readonly
 clean
240215F0000
unkown image
page readonly
 clean
2155A3B0000
unkown image
page readonly
 clean
477E000
stack
page read and write
 clean
7FF5D2BDB000
unkown image
page readonly
 clean
216677F000
stack
page read and write
 clean
25C9000
unkown image
page readonly
 clean
7FF58568C000
unkown image
page readonly
 clean
2155A44D000
unkown
page read and write
 clean
5E0000
unkown image
page readonly
 clean
28BB000
unkown
page read and write
 clean
7FF59086F000
unkown image
page readonly
 clean
7FF53CA53000
unkown image
page readonly
 clean
2452000
unkown image
page readonly
 clean
7DF5E84F2000
unkown image
page readonly
 clean
2486000
unkown image
page readonly
 clean
2B67000
heap private
page read and write
 clean
7FF5DE0A8000
unkown image
page readonly
 clean
23711251000
unkown
page read and write
 clean
7FF5D298D000
unkown image
page readonly
 clean
7FF546343000
unkown image
page readonly
 clean
2594000
unkown image
page readonly
 clean
7FF4F136D000
unkown image
page readonly
 clean
2C60000
unkown image
page readonly
 clean
86F317B000
stack
page read and write
 clean
7FF52B31F000
unkown image
page readonly
 clean
7FF53C943000
unkown image
page readonly
 clean
2370BB60000
unkown image
page read and write
 clean
7FF59085B000
unkown image
page readonly
 clean
1F822D25000
heap private
page read and write
 clean
7DF506C82000
unkown image
page readonly
 clean
9320FFB000
stack
page read and write
 clean
7FF545DF0000
unkown image
page readonly
 clean
7DF5A6170000
unkown image
page readonly
 clean
7DF506C92000
unkown image
page readonly
 clean
22D0000
unkown image
page readonly
 clean
7FF56B99A000
unkown image
page readonly
 clean
1B3BB7F0000
unkown
page read and write
 clean
7FF4F1374000
unkown image
page readonly
 clean
2370BC54000
unkown
page read and write
 clean
25A0000
unkown image
page readonly
 clean
1FF02802000
unkown
page read and write
 clean
25ED000
unkown image
page readonly
 clean
1FF027D0000
unkown image
page readonly
 clean
7FF5D29A3000
unkown image
page readonly
 clean
25C9000
unkown image
page readonly
 clean
1B3BA9C6000
unkown
page read and write
 clean
1A34FD80000
unkown image
page readonly
 clean
7FF5DDC14000
unkown image
page readonly
 clean
23711390000
unkown
page read and write
 clean
7FAB2000
unkown image
page readonly
 clean
7FF54F633000
unkown image
page readonly
 clean
7FF5856EA000
unkown image
page readonly
 clean
2155A8D0000
unkown image
page readonly
 clean
1F4EF35A000
unkown
page read and write
 clean
1E8D8700000
unkown
page read and write
 clean
67B000
unkown
page read and write
 clean
1F4EF800000
unkown
page read and write
 clean
255D000
unkown image
page readonly
 clean
86F31FF000
stack
page read and write
 clean
9E840FF000
stack
page read and write
 clean
2155A457000
unkown
page read and write
 clean
7FF5DE096000
unkown image
page readonly
 clean
25D9000
unkown image
page readonly
 clean
2594000
unkown image
page readonly
 clean
7FF5CF21F000
unkown image
page readonly
 clean
7FAD0000
unkown image
page readonly
 clean
1F4EEAA0000
unkown
page read and write
 clean
7FF53CBBD000
unkown image
page readonly
 clean
28E0000
unkown image
page readonly
 clean
7FF52B2C5000
unkown image
page readonly
 clean
24CF8130000
unkown image
page readonly
 clean
7FF546341000
unkown image
page readonly
 clean
6C0000
unkown
page read and write
 clean
1F4EF86A000
unkown
page read and write
 clean
7FF5DE2C3000
unkown image
page readonly
 clean
25AA000
unkown image
page readonly
 clean
1F822D20000
heap private
page read and write
 clean
1F4EF35D000
unkown
page read and write
 clean
2900000
heap default
page read and write
 clean
7DF552590000
unkown image
page readonly
 clean
2370CD20000
unkown image
page readonly
 clean
2370CB23000
unkown
page read and write
 clean
82B000
unkown
page read and write
 clean
22D0000
unkown image
page readonly
 clean
7FF58578E000
unkown image
page readonly
 clean
F1B3E7F000
stack
page read and write
 clean
7DF5A6180000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
1F4EEB08000
unkown
page read and write
 clean
2155AB40000
unkown
page read and write
 clean
7FF54660F000
unkown image
page readonly
 clean
1A34F820000
unkown
page read and write
 clean
9320CFF000
stack
page read and write
 clean
5C60000
unkown
page read and write
 clean
2BBA000
heap private
page read and write
 clean
7DF5F3CE0000
unkown image
page readonly
 clean
7FE10000
unkown image
page readonly
 clean
23711250000
unkown
page read and write
 clean
700000
unkown
page read and write
 clean
1F4EECD0000
unkown image
page readonly
 clean
7FF54F71F000
unkown image
page readonly
 clean
7FF56B97D000
unkown image
page readonly
 clean
2CA3000
heap default
page read and write
 clean
7FAB0000
unkown image
page readonly
 clean
1F4EEA13000
unkown
page read and write
 clean
1A34F710000
unkown image
page readonly
 clean
7FF5CF138000
unkown image
page readonly
 clean
1B3BAB10000
unkown
page read and write
 clean
2371145F000
unkown
page read and write
 clean
1B3BA9F5000
unkown
page read and write
 clean
7D0000
unkown image
page readonly
 clean
7FF5D2764000
unkown image
page readonly
 clean
7FF5D27C1000
unkown image
page readonly
 clean
7FF5CF163000
unkown image
page readonly
 clean
2155A6D0000
unkown image
page readonly
 clean
2CA5000
unkown
page read and write
 clean
7FF4F11C7000
unkown image
page readonly
 clean
7DF55BF60000
unkown image
page readonly
 clean
1B3BA9F5000
unkown
page read and write
 clean
7FF5D2A64000
unkown image
page readonly
 clean
23711238000
unkown
page read and write
 clean
1F4EEAC2000
unkown
page read and write
 clean
7FF54FABA000
unkown image
page readonly
 clean
7FF54FB28000
unkown image
page readonly
 clean
7FF53CB83000
unkown image
page readonly
 clean
1F4EEA3C000
unkown
page read and write
 clean
2370CC10000
unkown
page read and write
 clean
1F4EF3C3000
unkown
page read and write
 clean
1B3BA988000
heap default
page read and write
 clean
7FF58555C000
unkown image
page readonly
 clean
2581000
unkown image
page readonly
 clean
1F4EF3AD000
unkown
page read and write
 clean
7DF5F3CD2000
unkown image
page readonly
 clean
7FF52B257000
unkown image
page readonly
 clean
7DF5E84E0000
unkown image
page readonly
 clean
2155A43A000
unkown
page read and write
 clean
2921000
unkown
page read and write
 clean
7FF56B748000
unkown image
page readonly
 clean
7FF5DE3BB000
unkown image
page readonly
 clean
7FF54FA67000
unkown image
page readonly
 clean
7DF404B50000
unkown image
page readonly
 clean
7FF4F0C29000
unkown image
page readonly
 clean
1B3BB0F0000
unkown image
page readonly
 clean
2CA1000
unkown
page read and write
 clean
7FF5CF113000
unkown image
page readonly
 clean
1F4EF140000
unkown
page read and write
 clean
2371123E000
unkown
page read and write
 clean
255D000
unkown image
page readonly
 clean
7FF54F823000
unkown image
page readonly
 clean
2370C500000
unkown
page read and write
 clean
7FF53CC8F000
unkown image
page readonly
 clean
7FF52ABE4000
unkown image
page readonly
 clean
7FF53C4FE000
unkown image
page readonly
 clean
7FF52B34E000
unkown image
page readonly
 clean
1A34F620000
heap default
page read and write
 clean
4FCBCFE000
stack
page read and write
 clean
7FF546589000
unkown image
page readonly
 clean
2155A425000
unkown
page read and write
 clean
3220000
unkown image
page readonly
 clean
7DF55BF50000
unkown image
page readonly
 clean
7FF54664B000
unkown image
page readonly
 clean
1B3BA840000
unkown image
page readonly
 clean
1FF0284A000
unkown
page read and write
 clean
7FF53CA7E000
unkown image
page readonly
 clean
5413EFB000
stack
page read and write
 clean
1F4EF160000
unkown image
page readonly
 clean
5B0000
unkown image
page readonly
 clean
7FF5DE2DC000
unkown image
page readonly
 clean
1E8D7F02000
unkown
page read and write
 clean
2155A456000
unkown
page read and write
 clean
7FF56BA0F000
unkown image
page readonly
 clean
7DF5E84F0000
unkown image
page readonly
 clean
2494000
unkown image
page readonly
 clean
7FF4F119D000
unkown image
page readonly
 clean
24CF824D000
unkown
page read and write
 clean
2EA0000
unkown image
page readonly
 clean
1F4EEA52000
unkown
page read and write
 clean
1FF02851000
unkown
page read and write
 clean
7FF5D28AF000
unkown image
page readonly
 clean
1F4EEA57000
unkown
page read and write
 clean
2667000
unkown image
page readonly
 clean
7DF565470000
unkown image
page readonly
 clean
6AC6679000
stack
page read and write
 clean
7FF546408000
unkown image
page readonly
 clean
1F4EF740000
unkown
page read and write
 clean
7FF5D2793000
unkown image
page readonly
 clean
1F4EEAA7000
unkown
page read and write
 clean
24CF828A000
unkown
page read and write
 clean
1FF027F0000
heap default
page read and write
 clean
7FF56B985000
unkown image
page readonly
 clean
7FF52B28D000
unkown image
page readonly
 clean
7FF4F12D3000
unkown image
page readonly
 clean
F1B3D77000
stack
page read and write
 clean
1F4EE980000
heap private
page read and write
 clean
7FF5D2721000
unkown image
page readonly
 clean
23711230000
unkown
page read and write
 clean
1F822D30000
unkown image
page readonly
 clean
1F4EEADF000
unkown
page read and write
 clean
7FF5D2BEF000
unkown image
page readonly
 clean
23711350000
unkown
page read and write
 clean
1B3BB760000
unkown image
page read and write
 clean
25D9000
unkown image
page readonly
 clean
290EC800000
unkown
page read and write
 clean
23711270000
unkown
page read and write
 clean
1B3BAB30000
unkown
page read and write
 clean
2586000
unkown image
page readonly
 clean
7FF5462D8000
unkown image
page readonly
 clean
1FF02900000
unkown
page read and write
 clean
7FF5CECF8000
unkown image
page readonly
 clean
7DF581340000
unkown image
page readonly
 clean
76E0000
unkown
page read and write
 clean
1FF027A0000
unkown image
page readonly
 clean
21669FE000
stack
page read and write
 clean
1F8229B0000
unkown image
page readonly
 clean
7DF581342000
unkown image
page readonly
 clean
1FF02813000
unkown
page read and write
 clean
1F4EEED0000
unkown image
page readonly
 clean
7DF552580000
unkown image
page readonly
 clean
7FF5DE39B000
unkown image
page readonly
 clean
1F4EF377000
unkown
page read and write
 clean
1F4EF902000
unkown
page read and write
 clean
7FF5D2AE3000
unkown image
page readonly
 clean
7FF58549D000
unkown image
page readonly
 clean
7FF4F11B9000
unkown image
page readonly
 clean
2D70000
unkown image
page readonly
 clean
7FF5D2BCD000
unkown image
page readonly
 clean
24021800000
unkown
page read and write
 clean
290A000
heap default
page read and write
 clean
1F4EF3C0000
unkown
page read and write
 clean
1F4EF750000
unkown image
page read and write
 clean
25ED000
unkown image
page readonly
 clean
1F4EF740000
unkown
page read and write
 clean
1F4EF802000
unkown
page read and write
 clean
2447000
unkown image
page readonly
 clean
1F4EF202000
unkown
page read and write
 clean
7DF552582000
unkown image
page readonly
 clean
7FF54FAA9000
unkown image
page readonly
 clean
2655000
unkown image
page readonly
 clean
76F0000
unkown
page read and write
 clean
1B3BA9E2000
unkown
page read and write
 clean
7DF5E84E2000
unkown image
page readonly
 clean
9320B7C000
stack
page read and write
 clean
7F7B0000
unkown image
page readonly
 clean
23711360000
unkown
page read and write
 clean
7FF52B2AA000
unkown image
page readonly
 clean
1F4EF37F000
unkown
page read and write
 clean
7F790000
unkown image
page readonly
 clean
7FF53C753000
unkown image
page readonly
 clean
2402184F000
unkown
page read and write
 clean
237114F7000
unkown
page read and write
 clean
2370C400000
unkown
page read and write
 clean
7FF52B344000
unkown image
page readonly
 clean
25B5000
unkown image
page readonly
 clean
7FF585770000
unkown image
page readonly
 clean
7DF540C70000
unkown image
page readonly
 clean
7FF5DE2B2000
unkown image
page readonly
 clean
1F8228F0000
unkown image
page read and write
 clean
7FF4F1360000
unkown image
page readonly
 clean
1E8D8590000
unkown image
page write copy
 clean
1F4EEA4E000
unkown
page read and write
 clean
7DF540C52000
unkown image
page readonly
 clean
2155A477000
unkown
page read and write
 clean
7FF5856D9000
unkown image
page readonly
 clean
2370CB20000
unkown
page read and write
 clean
7F690000
unkown image
page readonly
 clean
237114A8000
unkown
page read and write
 clean
7FF5D28F7000
unkown image
page readonly
 clean
7FF54FA77000
unkown image
page readonly
 clean
7DF5E84E0000
unkown image
page readonly
 clean
1E8D8602000
unkown
page read and write
 clean
7FF4F137B000
unkown image
page readonly
 clean
2370C340000
unkown image
page read and write
 clean
7FF5856D5000
unkown image
page readonly
 clean
23711090000
unkown
page read and write
 clean
7FF53CBDA000
unkown image
page readonly
 clean
25B5000
unkown image
page readonly
 clean
2370BD13000
unkown
page read and write
 clean
1F4EEA8B000
unkown
page read and write
 clean
47C0000
unkown
page read and write
 clean
7FF52B32B000
unkown image
page readonly
 clean
9E83B7B000
stack
page read and write
 clean
1FF0284D000
unkown
page read and write
 clean
1A34FE02000
unkown
page read and write
 clean
2155A42A000
unkown
page read and write
 clean
7FF5D2AC4000
unkown image
page readonly
 clean
2589000
unkown image
page readonly
 clean
2155AA50000
unkown image
page readonly
 clean
1B3BB0E0000
unkown image
page readonly
 clean
7FF56BA08000
unkown image
page readonly
 clean
290EC720000
unkown image
page readonly
 clean
7DF459E10000
unkown image
page readonly
 clean
1E8D7EC9000
unkown
page read and write
 clean
2370C0D0000
unkown image
page readonly
 clean
1F4EF300000
unkown
page read and write
 clean
2590000
unkown image
page readonly
 clean
7FF54FA88000
unkown image
page readonly
 clean
1F4EF35B000
unkown
page read and write
 clean
7F792000
unkown image
page readonly
 clean
7FF59084D000
unkown image
page readonly
 clean
2370C250000
unkown image
page readonly
 clean
4FCBB7F000
stack
page read and write
 clean
1F4EF372000
unkown
page read and write
 clean
9E83FFD000
stack
page read and write
 clean
7FF5DE3B4000
unkown image
page readonly
 clean
7FF5461B5000
unkown image
page readonly
 clean
7FF56BA1B000
unkown image
page readonly
 clean
2370C701000
unkown
page read and write
 clean
7FF58575F000
unkown image
page readonly
 clean
1E8D80D0000
unkown image
page readonly
 clean
2AE0000
unkown
page read and write
 clean
1B3BA9CE000
unkown
page read and write
 clean
23711130000
unkown
page read and write
 clean
1F822A07000
unkown
page read and write
 clean
1F4EF3B0000
unkown
page read and write
 clean
1F8230B0000
unkown image
page readonly
 clean
1F8229A0000
unkown image
page readonly
 clean
1F4EF319000
unkown
page read and write
 clean
290E000
stack
page read and write
 clean
1F4EF39F000
unkown
page read and write
 clean
2402186F000
unkown
page read and write
 clean
25B5000
unkown image
page readonly
 clean
2155A46A000
unkown
page read and write
 clean
2C80000
heap default
page read and write
 clean
1F4EF050000
unkown image
page readonly
 clean
7DF5A6170000
unkown image
page readonly
 clean
1F822910000
unkown image
page readonly
 clean
2370CD00000
unkown image
page readonly
 clean
7FF5DE313000
unkown image
page readonly
 clean
1F4EE9F0000
unkown image
page readonly
 clean
2155A467000
unkown
page read and write
 clean
290EC83F000
unkown
page read and write
 clean
240215C0000
heap private
page read and write
 clean
467E000
stack
page read and write
 clean
7FF5DE1E6000
unkown image
page readonly
 clean
646000
unkown
page read and write
 clean
1F4EEA29000
unkown
page read and write
 clean
7FF5D2AC0000
unkown image
page readonly
 clean
7FF590836000
unkown image
page readonly
 clean
7DF5E4B22000
unkown image
page readonly
 clean
28C0000
unkown
page read and write
 clean
2486000
unkown image
page readonly
 clean
7FF5461FF000
unkown image
page readonly
 clean
7DF59B0A2000
unkown image
page readonly
 clean
296A000
heap default
page read and write
 clean
24CF827D000
unkown
page read and write
 clean
1F4EF902000
unkown
page read and write
 clean
7FF585758000
unkown image
page readonly
 clean
1F4EE990000
unkown image
page readonly
 clean
7FF54FB36000
unkown image
page readonly
 clean
7FF590828000
unkown image
page readonly
 clean
7DF506C80000
unkown image
page readonly
 clean
24CF8255000
unkown
page read and write
 clean
7FF5DE388000
unkown image
page readonly
 clean
2165FEB000
unkown
page read and write
 clean
7FF53CC74000
unkown image
page readonly
 clean
1FF02862000
unkown
page read and write
 clean
2155A390000
unkown image
page readonly
 clean
2B70000
unkown image
page readonly
 clean
7FF5DE396000
unkown image
page readonly
 clean
7FF546634000
unkown image
page readonly
 clean
7DF5E84F2000
unkown image
page readonly
 clean
25BB000
unkown image
page readonly
 clean
7FF5856A8000
unkown image
page readonly
 clean
7FF53CB04000
unkown image
page readonly
 clean
2370BED0000
unkown image
page readonly
 clean
292C000
unkown
page read and write
 clean
290ECCD0000
unkown image
page readonly
 clean
2571000
unkown image
page readonly
 clean
1A34FA00000
unkown image
page readonly
 clean
7DF5F3CE0000
unkown image
page readonly
 clean
25C1000
unkown image
page readonly
 clean
2155A427000
unkown
page read and write
 clean
7FF54FA7C000
unkown image
page readonly
 clean
290ED002000
unkown
page read and write
 clean
24021913000
unkown
page read and write
 clean
79B327E000
stack
page read and write
 clean
1E8D8712000
unkown
page read and write
 clean
1B3BA830000
unkown
page read and write
 clean
541417F000
stack
page read and write
 clean
25FD000
unkown image
page readonly
 clean
1F8229EB000
heap default
page read and write
 clean
29A5000
unkown
page read and write
 clean
5A60000
unkown image
page readonly
 clean
1E8D7DC0000
unkown image
page readonly
 clean
25C1000
unkown image
page readonly
 clean
7FF4F135B000
unkown image
page readonly
 clean
2447000
unkown image
page readonly
 clean
1F822930000
unkown image
page readonly
 clean
5414077000
stack
page read and write
 clean
7DF540C60000
unkown image
page readonly
 clean
1F4EF37B000
unkown
page read and write
 clean
5413C7F000
stack
page read and write
 clean
7DF59B090000
unkown image
page readonly
 clean
1B3BAAA0000
unkown image
page readonly
 clean
7FF54F95E000
unkown image
page readonly
 clean
7FF4F0B62000
unkown image
page readonly
 clean
7FF5DE3AD000
unkown image
page readonly
 clean
1B3BA870000
unkown image
page readonly
 clean
7FF5DE2FD000
unkown image
page readonly
 clean
9E8370B000
unkown
page read and write
 clean
2155A484000
unkown
page read and write
 clean
7FF5D238D000
unkown image
page readonly
 clean
1F822A11000
unkown
page read and write
 clean
F1B3C7B000
stack
page read and write
 clean
7FF5DE11A000
unkown image
page readonly
 clean
79B34FB000
stack
page read and write
 clean
2155A3F0000
unkown image
page readonly
 clean
7FF5CF033000
unkown image
page readonly
 clean
2370BCFD000
unkown
page read and write
 clean
290EC6F0000
unkown image
page readonly
 clean
1E8D7DA0000
unkown image
page readonly
 clean
24021885000
unkown
page read and write
 clean
7FF4F12C9000
unkown image
page readonly
 clean
1F4EEAE5000
unkown
page read and write
 clean
2155A3C0000
unkown image
page readonly
 clean
2571000
unkown image
page readonly
 clean
290EC913000
unkown
page read and write
 clean
6AC64FA000
stack
page read and write
 clean
86F2D77000
stack
page read and write
 clean
7FF5D2911000
unkown image
page readonly
 clean
7FF53CAA3000
unkown image
page readonly
 clean
7FF5CEFBD000
unkown image
page readonly
 clean
7FF56BA3E000
unkown image
page readonly
 clean
2945000
unkown
page read and write
 clean
7FF4F134F000
unkown image
page readonly
 clean
7FF54661B000
unkown image
page readonly
 clean
1F4EF36A000
unkown
page read and write
 clean
7FF53CC5B000
unkown image
page readonly
 clean
4FCBC77000
stack
page read and write
 clean
2371143A000
unkown
page read and write
 clean
2370BC13000
unkown
page read and write
 clean
7FF5DE335000
unkown image
page readonly
 clean
7FF54F1C4000
unkown image
page readonly
 clean
7FF5856B8000
unkown image
page readonly
 clean
7FF54F9C5000
unkown image
page readonly
 clean
1E8D7E13000
unkown
page read and write
 clean
23711340000
unkown
page read and write
 clean
7FF4F1356000
unkown image
page readonly
 clean
7FF56B6F8000
unkown image
page readonly
 clean
7FF4F12BD000
unkown image
page readonly
 clean
1FF02AD0000
unkown image
page readonly
 clean
4FCB97B000
stack
page read and write
 clean
7A10000
unkown
page read and write
 clean
1FF02CD0000
unkown image
page readonly
 clean
1B3BA9F5000
heap default
page read and write
 clean
7FF54FB5B000
unkown image
page readonly
 clean
7FF54FB5E000
unkown image
page readonly
 clean
7FF58576B000
unkown image
page readonly
 clean
1F4EF349000
unkown
page read and write
 clean
237114BC000
unkown
page read and write
 clean
298C000
unkown
page read and write
 clean
7DF506C92000
unkown image
page readonly
 clean
7DF5F3CD0000
unkown image
page readonly
 clean
7DF565460000
unkown image
page readonly
 clean
7FF52AF0E000
unkown image
page readonly
 clean
1F4EF3A0000
unkown
page read and write
 clean
24021852000
unkown
page read and write
 clean
1F822910000
unkown image
page readonly
 clean
1B3BB780000
unkown
page readonly
 clean
541427F000
stack
page read and write
 clean
7DF5E4B30000
unkown image
page readonly
 clean
63F1BF9000
stack
page read and write
 clean
7FF546363000
unkown image
page readonly
 clean
7DF540C52000
unkown image
page readonly
 clean
7FF5CEFEE000
unkown image
page readonly
 clean
5F3000
unkown
page read and write
 clean
7FF4F138F000
unkown image
page readonly
 clean
7FF53CC56000
unkown image
page readonly
 clean
30A0000
unkown image
page readonly
 clean
7FF5D2984000
unkown image
page readonly
 clean
25F4000
unkown image
page readonly
 clean
2589000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
F1B371B000
unkown
page read and write
 clean
1B3BA9CE000
unkown
page read and write
 clean
7FF53C2DE000
unkown image
page readonly
 clean
25AA000
unkown image
page readonly
 clean
7DF5E4B30000
unkown image
page readonly
 clean
2370C260000
unkown image
page readonly
 clean
22D0000
unkown image
page readonly
 clean
2155A460000
unkown
page read and write
 clean
86F291C000
unkown
page read and write
 clean
7FF4E503E000
unkown image
page readonly
 clean
2370CD40000
unkown image
page readonly
 clean
850000
unkown
page read and write
 clean
237114F9000
unkown
page read and write
 clean
1A34F840000
unkown
page read and write
 clean
7DF506CA0000
unkown image
page readonly
 clean
1FF0282A000
unkown
page read and write
 clean
7DF565462000
unkown image
page readonly
 clean
7FF546357000
unkown image
page readonly
 clean
237114D7000
unkown
page read and write
 clean
1F4EF346000
unkown
page read and write
 clean
7DF540C60000
unkown image
page readonly
 clean
1F4EEAB1000
unkown
page read and write
 clean
2E90000
heap private
page read and write
 clean
264B000
unkown image
page readonly
 clean
79B33FC000
stack
page read and write
 clean
1F4EF35D000
unkown
page read and write
 clean
7FF5DE24E000
unkown image
page readonly
 clean
1F4EF190000
unkown image
page write copy
 clean
290EC86D000
unkown
page read and write
 clean
1F4EE990000
unkown image
page readonly
 clean
7DF5E4B22000
unkown image
page readonly
 clean
7FF53C768000
unkown image
page readonly
 clean
B2A157F000
stack
page read and write
 clean
1F4EEABB000
unkown
page read and write
 clean
7FE02000
unkown image
page readonly
 clean
86F38FF000
stack
page read and write
 clean
2155A47B000
unkown
page read and write
 clean
290EC866000
unkown
page read and write
 clean
2988000
unkown
page read and write
 clean
7FF585705000
unkown image
page readonly
 clean
7FF5D277F000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
7FF546620000
unkown image
page readonly
 clean
1FF027C0000
unkown image
page readonly
 clean
7FF5D2AA7000
unkown image
page readonly
 clean
7DF55BF60000
unkown image
page readonly
 clean
7DF4A4030000
unkown image
page readonly
 clean
23711110000
unkown
page read and write
 clean
7FAD0000
unkown image
page readonly
 clean
7FF5DE309000
unkown image
page readonly
 clean
1F4EEA5A000
unkown
page read and write
 clean
7DF55BF42000
unkown image
page readonly
 clean
B2A107E000
stack
page read and write
 clean
7FF54664D000
unkown image
page readonly
 clean
1B3BB790000
unkown
page read and write
 clean
7DF581360000
unkown image
page readonly
 clean
24CF8308000
unkown
page read and write
 clean
7FF5CF14D000
unkown image
page readonly
 clean
7FF53CADF000
unkown image
page readonly
 clean
23711390000
unkown
page read and write
 clean
1A34F829000
unkown
page read and write
 clean
1E8D7E43000
unkown
page read and write
 clean
7FF5CF00E000
unkown image
page readonly
 clean
2581000
unkown image
page readonly
 clean
2B84000
heap private
page read and write
 clean
7FF5D2A27000
unkown image
page readonly
 clean
7FF53CB97000
unkown image
page readonly
 clean
290EC865000
unkown
page read and write
 clean
79B2FBC000
unkown
page read and write
 clean
2155A45A000
unkown
page read and write
 clean
1F4EEAF6000
unkown
page read and write
 clean
7FF4F138F000
unkown image
page readonly
 clean
2370CCF0000
unkown image
page readonly
 clean
24CF8250000
unkown
page read and write
 clean
63F1A7F000
stack
page read and write
 clean
2667000
unkown image
page readonly
 clean
23711230000
unkown
page read and write
 clean
7DF55BF40000
unkown image
page readonly
 clean
7FF5CF20E000
unkown image
page readonly
 clean
2155A462000
unkown
page read and write
 clean
7FF5D2777000
unkown image
page readonly
 clean
7FF54649F000
unkown image
page readonly
 clean
2370C518000
unkown
page read and write
 clean
7FF5DE2A4000
unkown image
page readonly
 clean
7FE10000
unkown image
page readonly
 clean
1F4EF802000
unkown
page read and write
 clean
2CC5000
unkown
page read and write
 clean
290EC750000
unkown image
page readonly
 clean
2447000
unkown image
page readonly
 clean
1E8D8460000
unkown image
page readonly
 clean
7FF52B330000
unkown image
page readonly
 clean
24CF7FF0000
heap private
page read and write
 clean
7DF5A6172000
unkown image
page readonly
 clean
1F4EEB02000
unkown
page read and write
 clean
4FCBDFA000
stack
page read and write
 clean
79B377E000
stack
page read and write
 clean
1F822A1F000
unkown
page read and write
 clean
7DF552592000
unkown image
page readonly
 clean
1F4EF39F000
unkown
page read and write
 clean
25C5000
unkown image
page readonly
 clean
79B3677000
stack
page read and write
 clean
1FF02790000
heap private
page read and write
 clean
240217F0000
unkown
page read and write
 clean
290EC6D0000
unkown image
page read and write
 clean
1B3BAAF0000
unkown
page read and write
 clean
25BB000
unkown image
page readonly
 clean
1F4EEB16000
unkown
page read and write
 clean
7FF58577D000
unkown image
page readonly
 clean
7FF5D29BC000
unkown image
page readonly
 clean
1F4EEA4C000
unkown
page read and write
 clean
1F4EF86A000
unkown
page read and write
 clean
7FF56BA34000
unkown image
page readonly
 clean
2155A46D000
unkown
page read and write
 clean
1A34F813000
unkown
page read and write
 clean
1FF0284E000
unkown
page read and write
 clean
7FF5D28ED000
unkown image
page readonly
 clean
7FF5CF12C000
unkown image
page readonly
 clean
7FF54FB54000
unkown image
page readonly
 clean
2910000
heap private
page read and write
 clean
2571000
unkown image
page readonly
 clean
7DF59B0B0000
unkown image
page readonly
 clean
7FF5D2B33000
unkown image
page readonly
 clean
7FF5465B5000
unkown image
page readonly
 clean
2155A43C000
unkown
page read and write
 clean
7FF54643E000
unkown image
page readonly
 clean
93212FD000
stack
page read and write
 clean
7DF47F210000
unkown image
page readonly
 clean
7FF5DE31A000
unkown image
page readonly
 clean
1F8229F7000
heap default
page read and write
 clean
7FF59085E000
unkown image
page readonly
 clean
4FCB87C000
stack
page read and write
 clean
B2A0DAB000
unkown
page read and write
 clean
63F1AFE000
stack
page read and write
 clean
6AC608C000
unkown
page read and write
 clean
2900000
heap default
page read and write
 clean
2E97000
heap private
page read and write
 clean
7DF5A6172000
unkown image
page readonly
 clean
7FF52B326000
unkown image
page readonly
 clean
F1B3F7C000
stack
page read and write
 clean
1E8D7D80000
unkown image
page read and write
 clean
240215D0000
unkown image
page readonly
 clean
F1B379E000
stack
page read and write
 clean
1B3BA9E6000
heap default
page read and write
 clean
7FF585566000
unkown image
page readonly
 clean
2983000
heap default
page read and write
 clean
23711260000
unkown
page read and write
 clean
4FCBA77000
stack
page read and write
 clean
2925000
unkown
page read and write
 clean
25F4000
unkown image
page readonly
 clean
7DF581350000
unkown image
page readonly
 clean
4680000
unkown image
page readonly
 clean
7FF5CF159000
unkown image
page readonly
 clean
1F4EF384000
unkown
page read and write
 clean
2155A413000
unkown
page read and write
 clean
240215D0000
unkown image
page readonly
 clean
237114F3000
unkown
page read and write
 clean
1F822A0F000
unkown
page read and write
 clean
7FF5D2B55000
unkown image
page readonly
 clean
1F4EE970000
unkown image
page read and write
 clean
290EC802000
unkown
page read and write
 clean
7FF58579B000
unkown image
page readonly
 clean
24021846000
unkown
page read and write
 clean
7FF5DE2C7000
unkown image
page readonly
 clean
7FF59083B000
unkown image
page readonly
 clean
5BA0000
unkown image
page readonly
 clean
1F4EF379000
unkown
page read and write
 clean
7FF546528000
unkown image
page readonly
 clean
7FF5CF16A000
unkown image
page readonly
 clean
1F4EF363000
unkown
page read and write
 clean
1F4EE9B0000
unkown image
page readonly
 clean
47BE000
stack
page read and write
 clean
290EC6E0000
heap private
page read and write
 clean
7FF56BA4F000
unkown image
page readonly
 clean
2370BBB0000
unkown image
page readonly
 clean
7FF54664F000
unkown image
page readonly
 clean
24021855000
unkown
page read and write
 clean
7FF585532000
unkown image
page readonly
 clean
2370CB01000
unkown
page read and write
 clean
24021900000
unkown
page read and write
 clean
2494000
unkown image
page readonly
 clean
1FF02780000
unkown image
page read and write
 clean
7DF55BF52000
unkown image
page readonly
 clean
7FF54FA63000
unkown image
page readonly
 clean
7FF56B993000
unkown image
page readonly
 clean
1F822A0F000
unkown
page read and write
 clean
1A34F858000
unkown
page read and write
 clean
2155A463000
unkown
page read and write
 clean
7FF53CB87000
unkown image
page readonly
 clean
7FF53CAE5000
unkown image
page readonly
 clean
1FF02F50000
unkown
page read and write
 clean
7FF59086F000
unkown image
page readonly
 clean
7FF5D2A3F000
unkown image
page readonly
 clean
79B357E000
stack
page read and write
 clean
7FF56B706000
unkown image
page readonly
 clean
7FF5CF117000
unkown image
page readonly
 clean
2370C513000
unkown
page read and write
 clean
7DF5E4B12000
unkown image
page readonly
 clean
7FF546403000
unkown image
page readonly
 clean
7FF52B34B000
unkown image
page readonly
 clean
1F822970000
unkown
page read and write
 clean
7DF55BF40000
unkown image
page readonly
 clean
7FF5D29A8000
unkown image
page readonly
 clean
7FF56B933000
unkown image
page readonly
 clean
7FF5D28E1000
unkown image
page readonly
 clean
7FF546373000
unkown image
page readonly
 clean
7DF450450000
unkown image
page readonly
 clean
63B000
unkown
page read and write
 clean
7FF58534F000
unkown image
page readonly
 clean
1E8D7DD0000
unkown image
page readonly
 clean
7FF4F1348000
unkown image
page readonly
 clean
1F4EEA70000
unkown
page read and write
 clean
7FF5D27BC000
unkown image
page readonly
 clean
1FF0288C000
unkown
page read and write
 clean
7FF53CC4F000
unkown image
page readonly
 clean
7DF5F3CC2000
unkown image
page readonly
 clean
4FCB77E000
stack
page read and write
 clean
7FF5CF1D8000
unkown image
page readonly
 clean
2C8A000
heap default
page read and write
 clean
1FF02E60000
unkown image
page readonly
 clean
7DF43EB20000
unkown image
page readonly
 clean
1B3BB7A0000
unkown
page read and write
 clean
2928000
unkown
page read and write
 clean
7DF4F1B90000
unkown image
page readonly
 clean
23711390000
unkown
page read and write
 clean
7FF546119000
unkown image
page readonly
 clean
7DF5E4B20000
unkown image
page readonly
 clean
2914000
heap private
page read and write
 clean
7FF4F137E000
unkown image
page readonly
 clean
7FF53C759000
unkown image
page readonly
 clean
7FF5DE2D7000
unkown image
page readonly
 clean
7FF546371000
unkown image
page readonly
 clean
2370BC00000
unkown
page read and write
 clean
4FCB67B000
unkown
page read and write
 clean
2452000
unkown image
page readonly
 clean
237114E7000
unkown
page read and write
 clean
9E843FE000
stack
page read and write
 clean
86F2E7A000
stack
page read and write
 clean
3E0000
unkown image
page readonly
 clean
1F4EF34F000
unkown
page read and write
 clean
2BD9000
unkown
page read and write
 clean
7FF5DE39E000
unkown image
page readonly
 clean
7FAC2000
unkown image
page readonly
 clean
7DF5F3CD0000
unkown image
page readonly
 clean
1E8D7E29000
unkown
page read and write
 clean
2155A446000
unkown
page read and write
 clean
7FF5D2AB0000
unkown image
page readonly
 clean
7FF54655C000
unkown image
page readonly
 clean
7FF5463ED000
unkown image
page readonly
 clean
7FF5907D5000
unkown image
page readonly
 clean
There are 1418 hidden memdumps, click here to show them.