IOC Report

loading gif

Files

File Path
Type
Category
Malicious
QEw7lxB2iE.rtf
Rich Text Format data, unknown version
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\vbc[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
downloaded
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{D64CC614-46F7-4260-89D0-504A02C9841B}.tmp
Composite Document File V2 Document, Cannot read section info
dropped
 malicious
C:\Users\user\AppData\Local\Temp\Acly3.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\misv.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\Public\vbc.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{9A9DC6B8-1AFD-4E9C-A740-EB44B2867BB2}.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{AEABBCA8-0F81-4D81-B8F1-603A5AA42D28}.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\misv.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\QEw7lxB2iE.LNK
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Thu Dec 2 03:08:19 2021, mtime=Thu Dec 2 03:08:19 2021, atime=Thu Dec 2 03:08:22 2021, length=21019, window=hide
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Office\Recent\index.dat
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
data
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\0FSXK8N5.txt
ASCII text
dropped
 clean
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\1HY28YNR.txt
ASCII text
downloaded
 clean
C:\Users\user\Desktop\~$w7lxB2iE.rtf
data
dropped
 clean
There are 5 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE
"C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE" -Embedding
 malicious
C:\Users\Public\vbc.exe
"C:\Users\Public\vbc.exe"
malicious
C:\Users\user\AppData\Local\Temp\Acly3.exe
C:\Users\user\AppData\Local\Temp\Acly3.exe
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
C:\Users\user\AppData\Local\Temp\Acly3.exe
 malicious
C:\Users\user\AppData\Roaming\misv.exe
"C:\Users\user\AppData\Roaming\misv.exe"
malicious
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /Automation -Embedding
 clean
C:\Users\user\AppData\Local\Temp\misv.exe
C:\Users\user\AppData\Local\Temp\misv.exe
 clean

URLs

Name
IP
Malicious
http://192.3.122.180/2200/vbc.exe
192.3.122.180
 malicious
http://www.windows.com/pctv.
unknown
 clean
https://fspzka.bl.files.1drv.com/
unknown
 clean
http://scas.openformatrg/drawml/2006/main
unknown
 clean
http://investor.msn.com
unknown
 clean
http://www.msnbc.com/news/ticker.txt
unknown
 clean
http://crl.entrust.net/server1.crl0
unknown
 clean
http://ocsp.entrust.net03
unknown
 clean
http://schemas.openformatrg/package/2006/content-t
unknown
 clean
http://crl.pkioverheid.nl/DomOrganisatieLatestCRL-G2.crl0
unknown
 clean
http://www.diginotar.nl/cps/pkioverheid0
unknown
 clean
http://nsis.sf.net/NSIS_ErrorError
unknown
 clean
http://windowsmedia.com/redir/services.asp?WMPFriendly=true
unknown
 clean
http://www.hotmail.com/oe
unknown
 clean
https://eruitg.bl.files.1drv.com/
unknown
 clean
http://schemas.open
unknown
 clean
https://onedrive.live.com/download?cid=5A15FDA1AE9
clean
https://onedrive.live.com/download?cid=5A15FDA1AE98540B&resid=5A15FDA1AE98540B%21129&authkey=AC3Dy6X
unknown
 clean
https://onedrive.live.com/
unknown
 clean
https://onedrive.live.com/download?cid=5A15FDA1AE98540B&resid=5A15FDA1AE98540B%21130&authkey=AF6g200
unknown
 clean
http://services.msn.com/svcs/oe/certpage.asp?name=%s&email=%s&&Check
unknown
 clean
http://crl.pkioverheid.nl/DomOvLatestCRL.crl0
unknown
 clean
http://www.icra.org/vocabulary/.
unknown
 clean
http://schemas.openformatrg/package/2006/r
unknown
 clean
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
unknown
 clean
http://investor.msn.com/
unknown
 clean
http://www.%s.comPA
unknown
 clean
http://ocsp.entrust.net0D
unknown
 clean
https://secure.comodo.com/CPS0
unknown
 clean
http://crl.entrust.net/2048ca.crl0
unknown
 clean
There are 20 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
onedrive.live.com
unknown
 clean
eruitg.bl.files.1drv.com
unknown
 clean
fspzka.bl.files.1drv.com
unknown
 clean

IPs

IP
Domain
Country
Malicious
192.3.122.180
unknown
United States
malicious

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
o#'
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
MTTT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
f%'
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\StartupItems
u''
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\ReviewCycle
ReviewToken
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\30261
30261
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
VBAFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Arial Unicode MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Batang
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@BatangChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@DFKai-SB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Dotum
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@DotumChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@FangSong
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Gulim
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@GulimChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Gungsuh
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@GungsuhChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@KaiTi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Malgun Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Meiryo
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Meiryo UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Microsoft JhengHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@Microsoft YaHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU_HKSCS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU_HKSCS-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS Mincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS PGothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS PMincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@MS UI Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@NSimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@PMingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@PMingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@SimHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@SimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
@SimSun-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Agency FB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Aharoni
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Algerian
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Andalus
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Angsana New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
AngsanaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Aparajita
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arabic Typesetting
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Black
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Narrow
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Rounded MT Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Arial Unicode MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Baskerville Old Face
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Batang
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
BatangChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bauhaus 93
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bell MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Berlin Sans FB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Berlin Sans FB Demi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bernard MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Blackadder ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT Black
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bodoni MT Poster Compressed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Book Antiqua
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bookman Old Style
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bookshelf Symbol 7
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Bradley Hand ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Britannic Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Broadway
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Browallia New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
BrowalliaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Brush Script MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Calibri
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Calibri Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Californian FB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Calisto MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cambria
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cambria Math
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Candara
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Castellar
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Centaur
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Century
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Century Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Century Schoolbook
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Chiller
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Colonna MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Comic Sans MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Consolas
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Constantia
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cooper Black
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Copperplate Gothic Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Copperplate Gothic Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Corbel
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Cordia New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
CordiaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Courier New
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Curlz MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DaunPenh
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
David
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DFKai-SB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DilleniaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DokChampa
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Dotum
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
DotumChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Ebrima
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Edwardian Script ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Elephant
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Engravers MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Bold ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Demi ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Light ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Eras Medium ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Estrangelo Edessa
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
EucrosiaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Euphemia
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
FangSong
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Felix Titling
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Footlight MT Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Forte
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Book
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Demi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Demi Cond
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Heavy
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Medium
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Franklin Gothic Medium Cond
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
FrankRuehl
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
FreesiaUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Freestyle Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
French Script MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gabriola
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Garamond
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gautami
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Georgia
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gigi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans MT Ext Condensed Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans Ultra Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gill Sans Ultra Bold Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gisha
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gloucester MT Extra Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Goudy Old Style
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Goudy Stout
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gulim
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
GulimChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Gungsuh
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
GungsuhChe
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Haettenschweiler
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Harlow Solid Italic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Harrington
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
High Tower Text
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Impact
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Imprint MT Shadow
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Informal Roman
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
IrisUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Iskoola Pota
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
JasmineUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Jokerman
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Juice ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
KaiTi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kalinga
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kartika
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Khmer UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
KodchiangUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kokila
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kristen ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Kunstler Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lao UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Latha
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Leelawadee
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Levenim MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
LilyUPC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Bright
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Calligraphy
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Console
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Fax
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Handwriting
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Sans
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Sans Typewriter
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Lucida Sans Unicode
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Magneto
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Maiandra GD
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Malgun Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Mangal
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Marlett
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Matura MT Script Capitals
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Meiryo
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Meiryo UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Himalaya
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft JhengHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft New Tai Lue
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft PhagsPa
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Sans Serif
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Tai Le
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Uighur
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft YaHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Microsoft Yi Baiti
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU_HKSCS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU_HKSCS-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Miriam
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Miriam Fixed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Mistral
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Modern No. 20
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Mongolian Baiti
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Monotype Corsiva
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MoolBoran
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Mincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Outlook
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS PGothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS PMincho
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Reference Sans Serif
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS Reference Specialty
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MS UI Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MT Extra
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
MV Boli
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Narkisim
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Niagara Engraved
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Niagara Solid
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
NSimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Nyala
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
OCR A Extended
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Old English Text MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Onyx
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Palace Script MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Palatino Linotype
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Papyrus
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Parchment
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Perpetua
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Perpetua Titling MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Plantagenet Cherokee
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Playbill
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
PMingLiU
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
PMingLiU-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Poor Richard
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Pristina
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Raavi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rage Italic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Ravie
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rockwell
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rockwell Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rockwell Extra Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Rod
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Sakkal Majalla
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Script MT Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe Print
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI Light
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI Semibold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Segoe UI Symbol
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Shonar Bangla
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Showcard Gothic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Shruti
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
SimHei
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Simplified Arabic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Simplified Arabic Fixed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
SimSun
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
SimSun-ExtB
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Snap ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Stencil
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Sylfaen
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Symbol
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tahoma
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tempus Sans ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Times New Roman
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Traditional Arabic
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Trebuchet MS
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tunga
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tw Cen MT
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tw Cen MT Condensed
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Tw Cen MT Condensed Extra Bold
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Utsaah
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vani
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Verdana
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vijaya
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Viner Hand ITC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vivaldi
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vladimir Script
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Vrinda
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Webdings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wide Latin
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wingdings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wingdings 2
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\MathFonts
Wingdings 3
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\397CC
397CC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Security\Trusted Documents
LastPurgeTime
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\LanguageResources\EnabledLanguages
1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
WORDFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00100000000F01FEC\Usage
SpellingAndGrammarFiles_3082
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC\Usage
SpellingAndGrammarFiles_1036
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC\Usage
SpellingAndGrammarFiles_1033
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Resiliency\DocumentRecovery\397CC
397CC
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Data
Settings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Options
ZoomApp
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D30000000100000000F01FEC\Usage
ProductFiles
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
MTTF
 clean
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word
MTTA
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400100000000F01FEC\Usage
EquationEditorFilesIntl_1033
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
 clean
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3F728A35DE52B2C8994A4FB101A03B95E87B06C8
Blob
 clean
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\12891DF7B048CD69D0196C8AD7A754C8A812A08C
Blob
 clean
There are 321 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1E511000
unkown
page read and write
 malicious
380000
unkown
page execute and read and write
 malicious
F0000
unkown
page execute and read and write
 malicious
2FE0000
unkown
page execute and read and write
 malicious
775B000
unkown
page read and write
 clean
5FF0000
unkown
page read and write
 clean
1D760000
heap private
page read and write
 clean
76FC000
unkown
page read and write
 clean
7650000
stack
page read and write
 clean
7336000
unkown
page read and write
 clean
7750000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
8E9000
heap private
page read and write
 clean
20B35000
unkown
page read and write
 clean
1840000
unkown image
page readonly
 clean
CF0000
unkown
page read and write
 clean
20D0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
269F000
stack
page read and write
 clean
2B90000
unkown image
page readonly
 clean
2DA0000
unkown
page read and write
 clean
7AEC000
stack
page read and write
 clean
3415000
heap private
page read and write
 clean
7757000
unkown
page read and write
 clean
74A0000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7708000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
76C8000
stack
page read and write
 clean
8CD000
unkown
page execute and read and write
 clean
280000
unkown image
page readonly
 clean
40E6000
unkown
page read and write
 clean
200000
unkown image
page read and write
 clean
6581000
unkown
page read and write
 clean
1C920000
heap private
page read and write
 clean
CF5000
unkown
page read and write
 clean
312000
heap private
page read and write
 clean
CF5000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
CF0000
unkown
page read and write
 clean
5F6A000
heap private
page read and write
 clean
2F02000
unkown
page read and write
 clean
436000
unkown
page read and write
 clean
2D84000
unkown
page read and write
 clean
1CC7D000
stack
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
65D8000
unkown
page read and write
 clean
7EF94000
unkown
page read and write
 clean
20000
unkown image
page read and write
 clean
30000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
416000
unkown image
page read and write
 clean
1D727000
unkown
page read and write
 clean
31A0000
unkown
page read and write
 clean
5F6B000
heap private
page read and write
 clean
7AE0000
stack
page read and write
 clean
1CDCE000
stack
page read and write
 clean
209C000
unkown
page read and write
 clean
1D00000
unkown
page read and write
 clean
7AFA000
stack
page read and write
 clean
5F71000
heap private
page read and write
 clean
3E0000
unkown image
page readonly
 clean
D00000
unkown
page read and write
 clean
3CA000
heap private
page read and write
 clean
3A52000
heap private
page read and write
 clean
10000
unkown image
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
5F6B000
heap private
page read and write
 clean
41C000
unkown image
page read and write
 clean
1C0000
heap default
page read and write
 clean
77000
heap private
page read and write
 clean
22E0000
unkown
page read and write
 clean
5F65000
heap private
page read and write
 clean
760000
unkown image
page readonly
 clean
840000
unkown image
page readonly
 clean
2D19000
unkown
page read and write
 clean
40D0000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
1F34000
unkown
page read and write
 clean
77E000
heap default
page read and write
 clean
CF0000
unkown
page read and write
 clean
19A4000
heap default
page read and write
 clean
20B0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
20A0000
unkown image
page readonly
 clean
60C0000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
3050000
heap private
page read and write
 clean
8440000
unkown
page read and write
 clean
2E36000
unkown
page read and write
 clean
65B6000
unkown
page read and write
 clean
2B8000
unkown
page read and write
 clean
40B0000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
5CF0000
heap private
page read and write
 clean
2890000
unkown image
page readonly
 clean
4130000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
7AE4000
stack
page read and write
 clean
7740000
unkown
page read and write
 clean
7300000
unkown
page read and write
 clean
5A5E000
unkown
page read and write
 clean
4780000
unkown
page read and write
 clean
7A3E000
stack
page read and write
 clean
65C7000
unkown
page read and write
 clean
220000
unkown
page execute read
 clean
5F6F000
heap private
page read and write
 clean
8B3000
unkown
page execute and read and write
 clean
478D000
unkown
page read and write
 clean
7715000
unkown
page read and write
 clean
1DA0000
heap private
page read and write
 clean
401000
unkown image
page execute read
 clean
40A000
unkown image
page read and write
 clean
27A0000
unkown
page read and write
 clean
33D000
heap default
page read and write
 clean
480000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
5A50000
unkown
page read and write
 clean
2F10000
unkown
page read and write
 clean
90000
unkown image
page readonly
 clean
80000
unkown image
page readonly
 clean
CF0000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
3E0000
unkown
page read and write
 clean
7B0B000
stack
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
763C000
stack
page read and write
 clean
27A0000
unkown
page read and write
 clean
20B52000
unkown
page read and write
 clean
1DA4000
heap private
page read and write
 clean
293000
unkown
page read and write
 clean
7707000
unkown
page read and write
 clean
1ED5F000
stack
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1D70000
unkown
page read and write
 clean
6030000
unkown
page read and write
 clean
5F10000
unkown
page read and write
 clean
2091000
unkown
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
5FE000
stack
page read and write
 clean
7300000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
1839000
unkown image
page readonly
 clean
7768000
unkown
page read and write
 clean
65B4000
unkown
page read and write
 clean
5A6B000
unkown
page read and write
 clean
3950000
unkown
page read and write
 clean
8247000
unkown image
page readonly
 clean
3040000
unkown
page read and write
 clean
65B1000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
40F0000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
1EB0000
unkown
page read and write
 clean
76CE000
stack
page read and write
 clean
400000
unkown image
page readonly
 clean
2F70000
unkown image
page readonly
 clean
7870000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
3FA0000
heap private
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
7617000
stack
page read and write
 clean
1C7000
heap default
page read and write
 clean
1D2DE000
stack
page read and write
 clean
32AB000
unkown
page read and write
 clean
870000
unkown image
page readonly
 clean
400000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
1CEDE000
stack
page read and write
 clean
330000
unkown
page read and write
 clean
65B4000
unkown
page read and write
 clean
6577000
unkown
page read and write
 clean
1DBE8000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7711000
unkown
page read and write
 clean
5A6B000
unkown
page read and write
 clean
400000
unkown
page read and write
 clean
1FE000
heap default
page read and write
 clean
2DB0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
4890000
unkown
page read and write
 clean
65D0000
unkown
page read and write
 clean
5F23000
unkown
page read and write
 clean
5970000
unkown
page read and write
 clean
40E9000
unkown
page read and write
 clean
20F8000
unkown
page read and write
 clean
442000
unkown image
page read and write
 clean
4E7000
heap default
page read and write
 clean
3110000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
62F000
unkown
page read and write
 clean
366000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
1DC34000
unkown
page read and write
 clean
8B4000
unkown
page read and write
 clean
2DF4000
heap private
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
1DE6F000
stack
page read and write
 clean
20D5000
unkown
page read and write
 clean
6621000
unkown
page read and write
 clean
3100000
heap private
page read and write
 clean
660B000
unkown
page read and write
 clean
40E0000
unkown
page read and write
 clean
5A72000
unkown
page read and write
 clean
3B0000
unkown image
page readonly
 clean
1D20000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
6750000
unkown
page read and write
 clean
7B00000
stack
page read and write
 clean
1F30000
unkown
page read and write
 clean
7BD4000
stack
page read and write
 clean
7722000
unkown
page read and write
 clean
1EB1E000
stack
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
7AC0000
unkown
page read and write
 clean
5F60000
heap private
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
2B8000
unkown
page read and write
 clean
628000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
5A6B000
heap private
page read and write
 clean
4E0000
unkown
page read and write
 clean
5A69000
unkown
page read and write
 clean
438000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
65DF000
unkown
page read and write
 clean
7AE7000
stack
page read and write
 clean
6040000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
1E00000
unkown image
page readonly
 clean
2D92000
unkown
page read and write
 clean
58E0000
heap private
page read and write
 clean
1CABD000
stack
page read and write
 clean
1987000
heap default
page read and write
 clean
CF5000
unkown
page read and write
 clean
7300000
unkown
page read and write
 clean
1F50000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
6574000
unkown
page read and write
 clean
2F20000
unkown
page read and write
 clean
2A0000
heap private
page read and write
 clean
3410000
heap private
page read and write
 clean
4890000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
3A0000
unkown image
page readonly
 clean
5C0000
heap default
page read and write
 clean
400000
unkown image
page readonly
 clean
44C000
unkown image
page readonly
 clean
20F0000
unkown
page read and write
 clean
21E0000
unkown
page read and write
 clean
1F519000
unkown
page read and write
 clean
2F18000
unkown
page read and write
 clean
230000
unkown
page read and write
 clean
3A30000
heap private
page read and write
 clean
5A6B000
unkown
page read and write
 clean
44C000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
5A50000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
2D13000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
8A0000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
360000
unkown image
page readonly
 clean
3C0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
76F2000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7B13000
stack
page read and write
 clean
760000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
4120000
unkown
page read and write
 clean
4890000
unkown
page read and write
 clean
423000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
2890000
unkown
page read and write
 clean
1CB91000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
257000
heap default
page read and write
 clean
B60000
unkown image
page readonly
 clean
9120000
unkown image
page readonly
 clean
7B18000
stack
page read and write
 clean
32B0000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
2F50000
unkown
page read and write
 clean
2DD0000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
1B0000
unkown
page execute read
 clean
4BB000
unkown
page read and write
 clean
6538000
unkown
page read and write
 clean
3B6F000
stack
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
40A000
unkown image
page write copy
 clean
1DF0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
5CA0000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
20B30000
unkown
page read and write
 clean
5A5E000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
657A000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
1CB0B000
unkown
page read and write
 clean
2F40000
unkown
page read and write
 clean
32A0000
unkown
page read and write
 clean
B20000
heap private
page execute and read and write
 clean
6573000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
7704000
unkown
page read and write
 clean
8DA000
unkown
page execute and read and write
 clean
CF0000
unkown
page read and write
 clean
3A0F000
stack
page read and write
 clean
70000
heap private
page read and write
 clean
20690000
heap private
page execute and read and write
 clean
5F65000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
490000
unkown
page read and write
 clean
A70000
heap private
page read and write
 clean
20000
unkown
page read and write
 clean
32A0000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
20BA000
unkown
page read and write
 clean
44C000
unkown image
page readonly
 clean
6596000
unkown
page read and write
 clean
7642000
stack
page read and write
 clean
4D4000
heap private
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
274000
heap default
page read and write
 clean
6760000
unkown
page read and write
 clean
5E4000
heap default
page read and write
 clean
4110000
unkown
page read and write
 clean
32A8000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1A0000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
422000
unkown image
page read and write
 clean
7720000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
40A000
unkown image
page write copy
 clean
2B8000
unkown
page read and write
 clean
184E000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
1A0000
unkown image
page readonly
 clean
5F84000
heap private
page read and write
 clean
1E59A000
unkown
page read and write
 clean
3022000
heap private
page read and write
 clean
CF5000
unkown
page read and write
 clean
660E000
unkown
page read and write
 clean
5CB6000
unkown
page read and write
 clean
18C000
unkown
page read and write
 clean
65A6000
unkown
page read and write
 clean
A60000
unkown
page read and write
 clean
293000
unkown
page read and write
 clean
3F0000
heap private
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
D00000
unkown
page read and write
 clean
7BF4000
heap private
page read and write
 clean
65BC000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
532000
heap default
page read and write
 clean
60000
unkown image
page readonly
 clean
5A78000
unkown
page read and write
 clean
5F80000
heap private
page read and write
 clean
3A50000
heap private
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
76F7000
unkown
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
3917000
heap private
page read and write
 clean
6734000
heap private
page read and write
 clean
1C10000
unkown image
page readonly
 clean
40000
unkown image
page readonly
 clean
4250000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7763000
unkown
page read and write
 clean
2F4000
heap private
page read and write
 clean
20E8000
unkown
page read and write
 clean
179000
unkown
page read and write
 clean
5F6B000
heap private
page read and write
 clean
D00000
unkown
page read and write
 clean
65E6000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
65B4000
unkown
page read and write
 clean
18D8000
heap private
page read and write
 clean
CF0000
unkown
page read and write
 clean
1FB0000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
1C8BE000
stack
page read and write
 clean
88E000
stack
page read and write
 clean
7635000
stack
page read and write
 clean
7A50000
heap private
page read and write
 clean
1DD40000
unkown
page read and write
 clean
230000
unkown image
page readonly
 clean
1DB4000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
1D40000
unkown
page read and write
 clean
6585000
unkown
page read and write
 clean
5F21000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2D60000
unkown
page read and write
 clean
1E130000
unkown image
page readonly
 clean
7BD0000
stack
page read and write
 clean
50000
unkown image
page readonly
 clean
7737000
unkown
page read and write
 clean
2890000
unkown
page read and write
 clean
771A000
unkown
page read and write
 clean
1DC42000
unkown
page read and write
 clean
731000
heap default
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
40A000
unkown image
page write copy
 clean
CF0000
unkown
page read and write
 clean
408000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
20EC0000
unkown
page read and write
 clean
7460000
unkown
page read and write
 clean
2E00000
unkown
page read and write
 clean
1DB68000
unkown
page read and write
 clean
279F000
stack
page read and write
 clean
4390000
unkown image
page readonly
 clean
1DBC8000
unkown
page read and write
 clean
40A000
unkown image
page write copy
 clean
8E00000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
5F90000
heap private
page read and write
 clean
3D0000
unkown image
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
5D0000
heap default
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
420000
unkown image
page read and write
 clean
76F4000
unkown
page read and write
 clean
2D80000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
3A34000
heap private
page read and write
 clean
7420000
unkown
page read and write
 clean
19F000
unkown
page read and write
 clean
5F81000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
408000
unkown image
page readonly
 clean
1EF0000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
6634000
unkown
page read and write
 clean
7610000
stack
page read and write
 clean
27A0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
7D62000
unkown
page read and write
 clean
7AFE000
stack
page read and write
 clean
2A3000
unkown
page read and write
 clean
779000
heap default
page read and write
 clean
408000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
8060000
unkown image
page readonly
 clean
2A3000
unkown
page read and write
 clean
7AF5000
stack
page read and write
 clean
3058000
heap private
page read and write
 clean
2484000
heap private
page read and write
 clean
470000
unkown image
page readonly
 clean
1DD40000
unkown
page read and write
 clean
4100000
unkown
page read and write
 clean
657B000
unkown
page read and write
 clean
5A60000
heap private
page read and write
 clean
401000
unkown image
page execute read
 clean
7AE2000
stack
page read and write
 clean
1DD40000
unkown
page read and write
 clean
5F9E000
heap private
page read and write
 clean
7752000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
5F7E000
heap private
page read and write
 clean
1D06D000
stack
page read and write
 clean
5A77000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
2D82000
unkown
page read and write
 clean
774E000
unkown
page read and write
 clean
5A77000
unkown
page read and write
 clean
2B8000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
7410000
unkown
page read and write
 clean
6589000
unkown
page read and write
 clean
5F9E000
heap private
page read and write
 clean
3000000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
427000
unkown image
page read and write
 clean
7745000
unkown
page read and write
 clean
776E000
unkown
page read and write
 clean
CFB000
unkown
page read and write
 clean
1C86C000
stack
page read and write
 clean
CF0000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
6634000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
5A6E000
unkown
page read and write
 clean
32C0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7612000
stack
page read and write
 clean
60000
unkown image
page readonly
 clean
7FFFFFB2000
unkown image
page readonly
 clean
408000
unkown image
page readonly
 clean
20E0000
unkown
page read and write
 clean
40A000
unkown image
page read and write
 clean
6C0000
unkown image
page readonly
 clean
2A3000
unkown
page read and write
 clean
44C000
unkown image
page readonly
 clean
41B000
unkown image
page read and write
 clean
423000
unkown image
page readonly
 clean
1F2E000
unkown
page read and write
 clean
7EF2C000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
504000
heap default
page read and write
 clean
422000
unkown image
page read and write
 clean
442000
unkown image
page read and write
 clean
10000
unkown image
page read and write
 clean
7EFDF000
unkown
page read and write
 clean
40D000
unkown image
page read and write
 clean
7B20000
stack
page read and write
 clean
1CB40000
heap private
page execute and read and write
 clean
B10000
unkown
page read and write
 clean
5BE000
stack
page read and write
 clean
770C000
unkown
page read and write
 clean
5F6C000
heap private
page read and write
 clean
CF5000
unkown
page read and write
 clean
7B1A000
stack
page read and write
 clean
5A65000
heap private
page read and write
 clean
1E567000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
5F84000
heap private
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
6700000
unkown
page read and write
 clean
48A0000
unkown
page read and write
 clean
1D6A000
unkown
page read and write
 clean
735000
heap default
page read and write
 clean
40B0000
unkown
page read and write
 clean
656F000
unkown
page read and write
 clean
408000
unkown image
page readonly
 clean
400000
unkown image
page readonly
 clean
7C0000
unkown
page read and write
 clean
5F7B000
heap private
page read and write
 clean
6BC000
stack
page read and write
 clean
65B8000
unkown
page read and write
 clean
3870000
unkown image
page readonly
 clean
1850000
unkown
page read and write
 clean
230000
unkown
page read and write
 clean
5F15000
unkown
page read and write
 clean
775F000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
CF0000
unkown
page read and write
 clean
430000
unkown
page read and write
 clean
40D000
unkown image
page read and write
 clean
CF0000
unkown
page read and write
 clean
7632000
stack
page read and write
 clean
8E00000
unkown
page read and write
 clean
408000
unkown image
page readonly
 clean
18D0000
heap private
page read and write
 clean
6595000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
76F0000
unkown
page read and write
 clean
40A000
unkown image
page write copy
 clean
CF5000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
273000
unkown
page read and write
 clean
1F04000
unkown
page read and write
 clean
3A6000
heap private
page read and write
 clean
27A0000
unkown
page read and write
 clean
20000
unkown
page read and write
 clean
4D0000
heap private
page read and write
 clean
20D6E000
unkown
page read and write
 clean
1FA0000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
890000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
7EFC2000
unkown image
page readonly
 clean
314D000
stack
page read and write
 clean
CF0000
unkown
page read and write
 clean
1C55F000
stack
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
6AF000
stack
page read and write
 clean
7718000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
40B0000
unkown
page read and write
 clean
33EE000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
F0000
heap private
page read and write
 clean
1F511000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
5E90000
heap private
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
346000
heap default
page read and write
 clean
232B000
unkown
page read and write
 clean
1DF7E000
stack
page read and write | page guard
 clean
401000
unkown image
page execute read
 clean
7EFC0000
unkown image
page readonly
 clean
7FFFFFC2000
unkown image
page readonly
 clean
65AB000
unkown
page read and write
 clean
5A78000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
1D440000
heap private
page read and write
 clean
5A69000
unkown
page read and write
 clean
1D60000
unkown
page read and write
 clean
1EC1F000
stack
page read and write
 clean
7700000
unkown
page read and write
 clean
5CB0000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
65DA000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
866000
heap private
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
6588000
unkown
page read and write
 clean
961000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
48DB000
unkown
page read and write
 clean
5D70000
heap private
page read and write
 clean
965000
unkown
page read and write
 clean
2890000
unkown
page read and write
 clean
CE0000
unkown image
page readonly
 clean
75E5000
stack
page read and write
 clean
50000
unkown image
page readonly
 clean
6634000
unkown
page read and write
 clean
2D50000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
190000
unkown image
page readonly
 clean
7734000
unkown
page read and write
 clean
930000
heap private
page read and write
 clean
1E5A0000
unkown
page read and write
 clean
6C7000
heap default
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
2EE000
stack
page read and write
 clean
2D16000
unkown
page read and write
 clean
5A78000
unkown
page read and write
 clean
20F4000
unkown
page read and write
 clean
7B11000
stack
page read and write
 clean
1D0DE000
stack
page read and write
 clean
194F000
stack
page read and write
 clean
7C00000
unkown
page read and write
 clean
6737000
heap private
page read and write
 clean
5F10000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
3D67000
unkown image
page readonly
 clean
274000
unkown
page read and write
 clean
CF8000
unkown
page read and write
 clean
6E4000
heap default
page read and write
 clean
CF5000
unkown
page read and write
 clean
32A0000
unkown
page read and write
 clean
D50000
unkown image
page readonly
 clean
7AF8000
stack
page read and write
 clean
CF0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
1839000
unkown image
page readonly
 clean
21F0000
unkown image
page readonly
 clean
5F7E000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
3049000
unkown
page read and write
 clean
212BE000
unkown
page read and write
 clean
6616000
unkown
page read and write
 clean
1A0000
unkown image
page readonly
 clean
2FD0000
unkown image
page read and write
 clean
1DD40000
unkown
page read and write
 clean
211000
unkown
page read and write
 clean
8C4000
unkown
page read and write
 clean
58B0000
unkown
page read and write
 clean
2DF0000
heap private
page read and write
 clean
2100000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
629000
heap default
page read and write
 clean
22E0000
unkown image
page readonly
 clean
1A0000
unkown image
page readonly
 clean
7B0F000
stack
page read and write
 clean
5A71000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
1DB8A000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
400000
unkown image
page readonly
 clean
6586000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
23C000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
78AD000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
40F000
unkown image
page read and write
 clean
33E0000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
1DD40000
unkown
page read and write
 clean
7B02000
stack
page read and write
 clean
65E4000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
1F58000
unkown
page read and write
 clean
1F41000
unkown
page read and write
 clean
2F0000
heap private
page read and write
 clean
10000
unkown image
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
1DB60000
unkown
page read and write
 clean
1D770000
unkown image
page readonly
 clean
3B70000
heap private
page read and write
 clean
18C000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
6634000
unkown
page read and write
 clean
5A6B000
unkown
page read and write
 clean
2F70000
unkown image
page readonly
 clean
7738000
unkown
page read and write
 clean
7AB0000
unkown
page read and write
 clean
293000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
8940000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
7BFE000
heap private
page read and write
 clean
CF5000
unkown
page read and write
 clean
74000
heap private
page read and write
 clean
7300000
unkown
page read and write
 clean
78E0000
unkown
page read and write
 clean
78D0000
unkown
page read and write
 clean
20C0000
unkown
page read and write
 clean
1950000
heap private
page read and write
 clean
76A0000
stack
page read and write
 clean
1DD2000
heap private
page read and write
 clean
5F97000
heap private
page read and write
 clean
7648000
stack
page read and write
 clean
60000
unkown image
page readonly
 clean
89000
unkown
page read and write
 clean
408000
unkown image
page readonly
 clean
44C000
unkown image
page readonly
 clean
50000
unkown image
page readonly
 clean
F4000
heap private
page read and write
 clean
CF5000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
7EFD0000
unkown image
page readonly
 clean
2DE0000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
278F000
stack
page read and write
 clean
5F10000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
7BFE000
heap private
page read and write
 clean
6582000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
5A76000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
943000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
771E000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
5A6B000
unkown
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
74A4000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
3B80000
unkown image
page readonly
 clean
1DD40000
unkown
page read and write
 clean
1DE6000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
4C0000
unkown
page read and write
 clean
3F7E000
stack
page read and write
 clean
8B000
unkown
page read and write
 clean
7748000
unkown
page read and write
 clean
1A0000
unkown image
page readonly
 clean
1D444000
heap private
page read and write
 clean
1D58F000
stack
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
6598000
unkown
page read and write
 clean
1ED0000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
65AC000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
300000
heap default
page read and write
 clean
58D0000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7768000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
3419000
heap private
page read and write
 clean
773C000
unkown
page read and write
 clean
5F6B000
heap private
page read and write
 clean
3004000
heap private
page read and write
 clean
7EFD0000
unkown image
page readonly
 clean
7EFDF000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
5C7000
heap default
page read and write
 clean
5A6C000
unkown
page read and write
 clean
60000
unkown
page read and write
 clean
2A3000
unkown
page read and write
 clean
423000
unkown image
page readonly
 clean
1DD40000
unkown
page read and write
 clean
1EB6000
unkown
page read and write
 clean
6730000
heap private
page read and write
 clean
7EF2F000
unkown
page read and write
 clean
516000
unkown
page read and write
 clean
7FFFFFB2000
unkown image
page readonly
 clean
7AF1000
stack
page read and write
 clean
661C000
unkown
page read and write
 clean
216B000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
40B0000
unkown
page read and write
 clean
1D50000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
7FFFFFD0000
unkown image
page readonly
 clean
1DD40000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
2890000
unkown image
page readonly
 clean
230000
heap private
page read and write
 clean
3930000
unkown
page read and write
 clean
75E0000
stack
page read and write
 clean
36E000
stack
page read and write
 clean
66F0000
unkown
page read and write
 clean
6000000
unkown
page read and write
 clean
92B000
unkown
page execute and read and write
 clean
1DD40000
unkown
page read and write
 clean
5A71000
unkown
page read and write
 clean
18C000
unkown
page read and write
 clean
16E000
unkown
page read and write
 clean
5E0000
unkown image
page readonly
 clean
3400000
unkown
page read and write
 clean
3290000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
3043000
unkown
page read and write
 clean
2480000
heap private
page read and write
 clean
7A60000
unkown
page read and write
 clean
2F80000
heap private
page execute and read and write
 clean
3EE000
stack
page read and write
 clean
440000
unkown image
page read and write
 clean
5F19000
unkown
page read and write
 clean
8E0000
heap private
page read and write
 clean
1980000
heap default
page read and write
 clean
1CB80000
heap private
page read and write
 clean
6595000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
7EFE0000
unkown image
page readonly
 clean
3A60000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
1FA4000
unkown
page read and write
 clean
7FFFFFB0000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
40000
unkown image
page readonly
 clean
38FA000
heap private
page read and write
 clean
400000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
2D00000
unkown
page read and write
 clean
656C000
unkown
page read and write
 clean
310000
heap private
page read and write
 clean
3C0000
heap private
page read and write
 clean
2F30000
unkown
page read and write
 clean
2F2D000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
4E0000
heap default
page read and write
 clean
1DB86000
unkown
page read and write
 clean
CF5000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
2135000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
1F18000
unkown
page read and write
 clean
6C0000
heap default
page read and write
 clean
CF5000
unkown
page read and write
 clean
330000
heap default
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
1DBFA000
unkown
page read and write
 clean
2E0000
heap default
page read and write
 clean
171000
unkown
page read and write
 clean
7761000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
1F60000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
250000
unkown image
page read and write
 clean
7702000
unkown
page read and write
 clean
2D20000
unkown image
page readonly
 clean
7EFDF000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
B0D000
stack
page read and write
 clean
7732000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
661C000
unkown
page read and write
 clean
76F0000
unkown
page read and write
 clean
184E000
unkown image
page readonly
 clean
425000
unkown image
page read and write
 clean
7FFFFFC0000
unkown image
page readonly
 clean
7A62000
unkown
page read and write
 clean
639000
heap default
page read and write
 clean
5F10000
unkown
page read and write
 clean
770000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
65BD000
unkown
page read and write
 clean
450000
unkown
page read and write
 clean
7C36000
unkown
page read and write
 clean
7FEFF1A0000
unkown
page execute read
 clean
1A0000
unkown image
page readonly
 clean
7741000
unkown
page read and write
 clean
250000
heap default
page read and write
 clean
3000000
heap private
page read and write
 clean
250000
heap default
page read and write
 clean
1C0000
heap default
page read and write
 clean
30000
unkown image
page readonly
 clean
326F000
stack
page read and write
 clean
89000
unkown
page read and write
 clean
44C000
unkown image
page readonly
 clean
18D000
unkown
page read and write
 clean
37E0000
unkown image
page readonly
 clean
7300000
unkown
page read and write
 clean
1DB0000
unkown
page read and write
 clean
CF8000
unkown
page read and write
 clean
27A0000
unkown
page read and write
 clean
240000
unkown image
page read and write
 clean
3A0000
heap private
page read and write
 clean
5BC0000
heap private
page read and write
 clean
400000
unkown image
page readonly
 clean
1A80000
unkown image
page readonly
 clean
8476000
unkown
page read and write
 clean
7300000
unkown
page read and write
 clean
65C6000
unkown
page read and write
 clean
2CE000
stack
page read and write
 clean
770A000
unkown
page read and write
 clean
293000
unkown
page read and write
 clean
431000
unkown image
page read and write
 clean
4140000
unkown
page read and write
 clean
7BF0000
heap private
page read and write
 clean
20EA0000
unkown
page read and write
 clean
1CF3D000
stack
page read and write
 clean
3F90000
unkown
page read and write
 clean
44C000
unkown image
page readonly
 clean
27A0000
unkown
page read and write
 clean
7B07000
stack
page read and write
 clean
CF0000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
1D380000
heap private
page read and write
 clean
7EF30000
unkown
page execute and read and write
 clean
1A0000
unkown image
page readonly
 clean
1DC4F000
unkown
page read and write
 clean
64C0000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
7EFC0000
unkown image
page readonly
 clean
7FFFFFC0000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
1EE2000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
34B000
heap default
page read and write
 clean
38F0000
heap private
page read and write
 clean
5F10000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
6621000
unkown
page read and write
 clean
EE0000
unkown image
page readonly
 clean
66E0000
unkown
page read and write
 clean
776A000
unkown
page read and write
 clean
773E000
unkown
page read and write
 clean
23D000
unkown
page read and write
 clean
1D32E000
unkown
page read and write
 clean
2130000
heap private
page read and write
 clean
25D000
unkown
page read and write
 clean
6673000
unkown
page read and write
 clean
74B0000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
770E000
unkown
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
431000
unkown image
page read and write
 clean
40A000
unkown image
page write copy
 clean
75F0000
stack
page read and write
 clean
1D462000
heap private
page read and write
 clean
20C9000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
2F70000
unkown
page read and write
 clean
637000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
370000
unkown image
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
423000
unkown image
page readonly
 clean
8E00000
unkown
page read and write
 clean
661C000
unkown
page read and write
 clean
3E0000
unkown
page read and write
 clean
5F89000
heap private
page read and write
 clean
32C6000
unkown
page read and write
 clean
1CA6D000
stack
page read and write
 clean
7EFC2000
unkown image
page readonly
 clean
1DD40000
unkown
page read and write
 clean
240000
unkown image
page readonly
 clean
19C0000
unkown image
page readonly
 clean
1F10000
unkown
page read and write
 clean
1DC60000
unkown image
page readonly
 clean
210000
unkown
page read and write
 clean
7EFB0000
unkown image
page readonly
 clean
7300000
unkown
page read and write
 clean
2D30000
unkown image
page read and write
 clean
774A000
unkown
page read and write
 clean
6FF000
heap default
page read and write
 clean
5E0000
unkown image
page readonly
 clean
6621000
unkown
page read and write
 clean
1DF7F000
stack
page read and write
 clean
400000
unkown image
page readonly
 clean
CF0000
unkown
page read and write
 clean
400000
unkown image
page readonly
 clean
288F000
stack
page read and write
 clean
20B70000
unkown
page read and write
 clean
1B60000
unkown image
page readonly
 clean
7890000
unkown
page read and write
 clean
5A78000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
7414000
unkown
page read and write
 clean
20F2000
unkown
page read and write
 clean
7630000
stack
page read and write
 clean
2F60000
unkown
page read and write
 clean
50000
unkown image
page readonly
 clean
329D000
unkown
page read and write
 clean
8941000
unkown
page read and write
 clean
5890000
unkown
page read and write
 clean
40C0000
unkown
page read and write
 clean
611000
heap default
page read and write
 clean
44C000
unkown image
page readonly
 clean
65AF000
unkown
page read and write
 clean
860000
heap private
page read and write
 clean
27A0000
unkown
page read and write
 clean
19D0000
unkown image
page readonly
 clean
658C000
unkown
page read and write
 clean
2D1C000
unkown
page read and write
 clean
6020000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
770000
unkown image
page readonly
 clean
20B5000
unkown
page read and write
 clean
401000
unkown image
page execute read
 clean
1C00000
unkown image
page readonly
 clean
415000
unkown image
page read and write
 clean
CF0000
unkown
page read and write
 clean
424F000
stack
page read and write
 clean
6010000
unkown
page read and write
 clean
5F25000
unkown
page read and write
 clean
65D2000
unkown
page read and write
 clean
AC0000
unkown
page execute and read and write
 clean
76E0000
unkown
page read and write
 clean
8C0000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
2F0000
unkown image
page readonly
 clean
B1E000
stack
page read and write
 clean
7710000
unkown
page read and write
 clean
4890000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
7930000
unkown
page read and write
 clean
74F0000
unkown
page read and write
 clean
1DD40000
unkown
page read and write
 clean
174000
unkown
page read and write
 clean
8E00000
unkown
page read and write
 clean
408000
unkown image
page readonly
 clean
7EFB0000
unkown image
page readonly
 clean
58A0000
unkown
page read and write
 clean
190000
unkown image
page readonly
 clean
CF5000
unkown
page read and write
 clean
60000
unkown image
page readonly
 clean
7EFD0000
unkown image
page readonly
 clean
635000
heap default
page read and write
 clean
2066E000
unkown
page read and write
 clean
7300000
unkown
page read and write
 clean
3C47000
unkown image
page readonly
 clean
5A78000
unkown
page read and write
 clean
65B5000
unkown
page read and write
 clean
5F7B000
heap private
page read and write
 clean
2FC0000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
190000
unkown image
page readonly
 clean
3FB0000
unkown
page read and write
 clean
2099000
unkown
page read and write
 clean
10000
unkown image
page read and write
 clean
CF0000
unkown
page read and write
 clean
307000
heap default
page read and write
 clean
5F10000
unkown
page read and write
 clean
2DC2000
unkown
page read and write
 clean
7EFC0000
unkown image
page readonly
 clean
1EA8F000
stack
page read and write
 clean
66C0000
unkown
page read and write
 clean
927000
unkown
page execute and read and write
 clean
1DB63000
unkown
page read and write
 clean
3C0000
unkown image
page readonly
 clean
104000
unkown
page execute and read and write
 clean
2D80000
unkown
page read and write
 clean
CF0000
unkown
page read and write
 clean
8B000
unkown
page read and write
 clean
3E7000
heap private
page read and write
 clean
5F7C000
heap private
page read and write
 clean
2F2F000
unkown
page read and write
 clean
6580000
unkown
page read and write
 clean
7730000
unkown
page read and write
 clean
A80000
heap private
page read and write
 clean
1DD40000
unkown
page read and write
 clean
2D77000
unkown image
page readonly
 clean
7A6C000
unkown
page read and write
 clean
210C000
unkown
page read and write
 clean
32A3000
unkown
page read and write
 clean
7300000
unkown
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
69D0000
unkown
page read and write
 clean
1E0AE000
stack
page read and write
 clean
C8F000
stack
page read and write
 clean
1DD40000
unkown
page read and write
 clean
1EC5F000
stack
page read and write
 clean
7600000
stack
page read and write
 clean
3FE000
stack
page read and write
 clean
1DB0000
heap private
page read and write
 clean
7EFB2000
unkown image
page readonly
 clean
7EFB2000
unkown image
page readonly
 clean
78C0000
unkown
page read and write
 clean
1E317000
unkown image
page readonly
 clean
6589000
unkown
page read and write
 clean
7FFFFFC2000
unkown image
page readonly
 clean
There are 1112 hidden memdumps, click here to show them.