diff --git a/classpesieve_1_1_thread_scan_report.html b/classpesieve_1_1_thread_scan_report.html
index b04509a6d..f3a3716fe 100644
--- a/classpesieve_1_1_thread_scan_report.html
+++ b/classpesieve_1_1_thread_scan_report.html
@@ -365,7 +365,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#af30839203957e838bc299232
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00101">101</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00103">103</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 
 </div>
 </div>
diff --git a/classpesieve_1_1_thread_scanner.html b/classpesieve_1_1_thread_scanner.html
index bbeb6327c..fb556424b 100644
--- a/classpesieve_1_1_thread_scanner.html
+++ b/classpesieve_1_1_thread_scanner.html
@@ -242,7 +242,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#ae67285f50239657076a865f1
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00122">122</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00124">124</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -288,7 +288,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#ab1cc74daf162025643c225c2
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00211">211</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00213">213</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -333,7 +333,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a79df00ed9c178f7eab47cbb8
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00318">318</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00320">320</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -408,7 +408,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a69820b7fd6f60e4f136b6d71
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00176">176</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00178">178</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -445,7 +445,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a912120f6549a8b27c3e8166c
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00245">245</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00247">247</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -482,7 +482,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#ac35db3f1ec2765f9dda550b0
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00257">257</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00259">259</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -519,7 +519,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a75c0be0ec6ea82b700f3ca5e
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00287">287</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00289">289</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -562,7 +562,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a36850edb808d4be733631fa2
 </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00331">331</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00333">333</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
@@ -604,7 +604,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a23839353374eedcda7c92b0c
 
 <p>Implements <a class="el" href="classpesieve_1_1_process_feature_scanner.html#a8c85491f592bbfe32e4906dddea8973f">pesieve::ProcessFeatureScanner</a>.</p>
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00391">391</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00382">382</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
diff --git a/scanner_8cpp_source.html b/scanner_8cpp_source.html
index a3b1332a9..9443dc254 100644
--- a/scanner_8cpp_source.html
+++ b/scanner_8cpp_source.html
@@ -718,7 +718,7 @@
 <div class="ttc" id="aclasspesieve_1_1_skipped_module_report_html"><div class="ttname"><a href="classpesieve_1_1_skipped_module_report.html">pesieve::SkippedModuleReport</a></div><div class="ttdef"><b>Definition</b> <a href="module__scan__report_8h_source.html#l00114">module_scan_report.h:115</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html">pesieve::ThreadScanReport</a></div><div class="ttdoc">A report from the thread scan, generated by ThreadScanner.</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8h_source.html#l00014">thread_scanner.h:15</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html">pesieve::ThreadScanner</a></div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8h_source.html#l00109">thread_scanner.h:109</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a23839353374eedcda7c92b0c7ce6b3bf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a></div><div class="ttdeci">virtual ThreadScanReport * scanRemote()</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00391">thread_scanner.cpp:391</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a23839353374eedcda7c92b0c7ce6b3bf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a></div><div class="ttdeci">virtual ThreadScanReport * scanRemote()</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00382">thread_scanner.cpp:382</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_unreachable_module_report_html"><div class="ttname"><a href="classpesieve_1_1_unreachable_module_report.html">pesieve::UnreachableModuleReport</a></div><div class="ttdef"><b>Definition</b> <a href="module__scan__report_8h_source.html#l00094">module_scan_report.h:95</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_working_set_scan_report_html"><div class="ttname"><a href="classpesieve_1_1_working_set_scan_report.html">pesieve::WorkingSetScanReport</a></div><div class="ttdoc">A report from the working set scan, generated by WorkingSetScanner.</div><div class="ttdef"><b>Definition</b> <a href="workingset__scanner_8h_source.html#l00028">workingset_scanner.h:29</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_working_set_scan_report_html_a9167635c76bcba07d274133c8af95f17"><div class="ttname"><a href="classpesieve_1_1_working_set_scan_report.html#a9167635c76bcba07d274133c8af95f17">pesieve::WorkingSetScanReport::is_listed_module</a></div><div class="ttdeci">bool is_listed_module</div><div class="ttdef"><b>Definition</b> <a href="workingset__scanner_8h_source.html#l00097">workingset_scanner.h:97</a></div></div>
diff --git a/thread__scanner_8cpp.html b/thread__scanner_8cpp.html
index 414e3103c..a26f7b2f4 100644
--- a/thread__scanner_8cpp.html
+++ b/thread__scanner_8cpp.html
@@ -208,7 +208,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#a7b9ade21d4de016d2a048bf6
       </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00305">305</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00307">307</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 
 </div>
 </div>
@@ -227,7 +227,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#acde231c42b9527dcc026402d
       </table>
 </div><div class="memdoc">
 
-<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00362">362</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
+<p class="definition">Definition at line <a class="el" href="thread__scanner_8cpp_source.html#l00364">364</a> of file <a class="el" href="thread__scanner_8cpp_source.html">thread_scanner.cpp</a>.</p>
 <div class="dynheader">
 Here is the call graph for this function:</div>
 <div class="dyncontent">
diff --git a/thread__scanner_8cpp_source.html b/thread__scanner_8cpp_source.html
index 96f950a67..2d910e5bf 100644
--- a/thread__scanner_8cpp_source.html
+++ b/thread__scanner_8cpp_source.html
@@ -194,412 +194,403 @@
 <div class="line"><a id="l00092" name="l00092"></a><span class="lineno">   92</span>        <span class="keywordflow">case</span> Executive: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Executive&quot;</span>;</div>
 <div class="line"><a id="l00093" name="l00093"></a><span class="lineno">   93</span>        <span class="keywordflow">case</span> UserRequest: <span class="keywordflow">return</span> <span class="stringliteral">&quot;UserRequest&quot;</span>;</div>
 <div class="line"><a id="l00094" name="l00094"></a><span class="lineno">   94</span>        <span class="keywordflow">case</span> WrUserRequest: <span class="keywordflow">return</span> <span class="stringliteral">&quot;WrUserRequest&quot;</span>;</div>
-<div class="line"><a id="l00095" name="l00095"></a><span class="lineno">   95</span>    }</div>
-<div class="line"><a id="l00096" name="l00096"></a><span class="lineno">   96</span>    std::stringstream ss;</div>
-<div class="line"><a id="l00097" name="l00097"></a><span class="lineno">   97</span>    ss &lt;&lt; <span class="stringliteral">&quot;Other: &quot;</span> &lt;&lt; std::dec &lt;&lt; <a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#acfe24bd84475b4de990f163e131a99e4">thread_wait_reason</a>;</div>
-<div class="line"><a id="l00098" name="l00098"></a><span class="lineno">   98</span>    <span class="keywordflow">return</span> ss.str();</div>
-<div class="line"><a id="l00099" name="l00099"></a><span class="lineno">   99</span>}</div>
+<div class="line"><a id="l00095" name="l00095"></a><span class="lineno">   95</span>        <span class="keywordflow">case</span> WrEventPair: <span class="keywordflow">return</span> <span class="stringliteral">&quot;WrEventPair&quot;</span>;</div>
+<div class="line"><a id="l00096" name="l00096"></a><span class="lineno">   96</span>        <span class="keywordflow">case</span> WrQueue: <span class="keywordflow">return</span> <span class="stringliteral">&quot;WrQueue&quot;</span>;</div>
+<div class="line"><a id="l00097" name="l00097"></a><span class="lineno">   97</span>    }</div>
+<div class="line"><a id="l00098" name="l00098"></a><span class="lineno">   98</span>    std::stringstream ss;</div>
+<div class="line"><a id="l00099" name="l00099"></a><span class="lineno">   99</span>    ss &lt;&lt; <span class="stringliteral">&quot;Other: &quot;</span> &lt;&lt; std::dec &lt;&lt; <a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#acfe24bd84475b4de990f163e131a99e4">thread_wait_reason</a>;</div>
+<div class="line"><a id="l00100" name="l00100"></a><span class="lineno">  100</span>    <span class="keywordflow">return</span> ss.str();</div>
+<div class="line"><a id="l00101" name="l00101"></a><span class="lineno">  101</span>}</div>
 </div>
-<div class="line"><a id="l00100" name="l00100"></a><span class="lineno">  100</span> </div>
-<div class="foldopen" id="foldopen00101" data-start="{" data-end="}">
-<div class="line"><a id="l00101" name="l00101"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">  101</a></span>std::string <a class="code hl_function" href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">ThreadScanReport::translate_thread_state</a>(DWORD thread_state)</div>
-<div class="line"><a id="l00102" name="l00102"></a><span class="lineno">  102</span>{</div>
-<div class="line"><a id="l00103" name="l00103"></a><span class="lineno">  103</span>    <span class="keywordflow">switch</span> (<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">thread_state</a>) {</div>
-<div class="line"><a id="l00104" name="l00104"></a><span class="lineno">  104</span>        <span class="keywordflow">case</span> Initialized: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Initialized&quot;</span>;</div>
-<div class="line"><a id="l00105" name="l00105"></a><span class="lineno">  105</span>        <span class="keywordflow">case</span> Ready: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Ready&quot;</span>;</div>
-<div class="line"><a id="l00106" name="l00106"></a><span class="lineno">  106</span>        <span class="keywordflow">case</span> Running: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Running&quot;</span>;</div>
-<div class="line"><a id="l00107" name="l00107"></a><span class="lineno">  107</span>        <span class="keywordflow">case</span> Standby: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Standby&quot;</span>;</div>
-<div class="line"><a id="l00108" name="l00108"></a><span class="lineno">  108</span>        <span class="keywordflow">case</span> Terminated: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Terminated&quot;</span>;</div>
-<div class="line"><a id="l00109" name="l00109"></a><span class="lineno">  109</span>        <span class="keywordflow">case</span> Waiting: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Waiting&quot;</span>;</div>
-<div class="line"><a id="l00110" name="l00110"></a><span class="lineno">  110</span>        <span class="keywordflow">case</span> Transition: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Transition&quot;</span>;</div>
-<div class="line"><a id="l00111" name="l00111"></a><span class="lineno">  111</span>        <span class="keywordflow">case</span> DeferredReady: <span class="keywordflow">return</span> <span class="stringliteral">&quot;DeferredReady&quot;</span>;</div>
-<div class="line"><a id="l00112" name="l00112"></a><span class="lineno">  112</span>        <span class="keywordflow">case</span> GateWaitObsolete: <span class="keywordflow">return</span> <span class="stringliteral">&quot;GateWaitObsolete&quot;</span>;</div>
-<div class="line"><a id="l00113" name="l00113"></a><span class="lineno">  113</span>        <span class="keywordflow">case</span> WaitingForProcessInSwap: <span class="keywordflow">return</span> <span class="stringliteral">&quot;WaitingForProcessInSwap&quot;</span>;</div>
-<div class="line"><a id="l00114" name="l00114"></a><span class="lineno">  114</span>    }</div>
-<div class="line"><a id="l00115" name="l00115"></a><span class="lineno">  115</span>    std::stringstream ss;</div>
-<div class="line"><a id="l00116" name="l00116"></a><span class="lineno">  116</span>    ss &lt;&lt; <span class="stringliteral">&quot;Other: &quot;</span> &lt;&lt; std::dec &lt;&lt; <a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">thread_state</a>;</div>
-<div class="line"><a id="l00117" name="l00117"></a><span class="lineno">  117</span>    <span class="keywordflow">return</span> ss.str();</div>
-<div class="line"><a id="l00118" name="l00118"></a><span class="lineno">  118</span>}</div>
+<div class="line"><a id="l00102" name="l00102"></a><span class="lineno">  102</span> </div>
+<div class="foldopen" id="foldopen00103" data-start="{" data-end="}">
+<div class="line"><a id="l00103" name="l00103"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">  103</a></span>std::string <a class="code hl_function" href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">ThreadScanReport::translate_thread_state</a>(DWORD thread_state)</div>
+<div class="line"><a id="l00104" name="l00104"></a><span class="lineno">  104</span>{</div>
+<div class="line"><a id="l00105" name="l00105"></a><span class="lineno">  105</span>    <span class="keywordflow">switch</span> (<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">thread_state</a>) {</div>
+<div class="line"><a id="l00106" name="l00106"></a><span class="lineno">  106</span>        <span class="keywordflow">case</span> Initialized: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Initialized&quot;</span>;</div>
+<div class="line"><a id="l00107" name="l00107"></a><span class="lineno">  107</span>        <span class="keywordflow">case</span> Ready: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Ready&quot;</span>;</div>
+<div class="line"><a id="l00108" name="l00108"></a><span class="lineno">  108</span>        <span class="keywordflow">case</span> Running: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Running&quot;</span>;</div>
+<div class="line"><a id="l00109" name="l00109"></a><span class="lineno">  109</span>        <span class="keywordflow">case</span> Standby: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Standby&quot;</span>;</div>
+<div class="line"><a id="l00110" name="l00110"></a><span class="lineno">  110</span>        <span class="keywordflow">case</span> Terminated: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Terminated&quot;</span>;</div>
+<div class="line"><a id="l00111" name="l00111"></a><span class="lineno">  111</span>        <span class="keywordflow">case</span> Waiting: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Waiting&quot;</span>;</div>
+<div class="line"><a id="l00112" name="l00112"></a><span class="lineno">  112</span>        <span class="keywordflow">case</span> Transition: <span class="keywordflow">return</span> <span class="stringliteral">&quot;Transition&quot;</span>;</div>
+<div class="line"><a id="l00113" name="l00113"></a><span class="lineno">  113</span>        <span class="keywordflow">case</span> DeferredReady: <span class="keywordflow">return</span> <span class="stringliteral">&quot;DeferredReady&quot;</span>;</div>
+<div class="line"><a id="l00114" name="l00114"></a><span class="lineno">  114</span>        <span class="keywordflow">case</span> GateWaitObsolete: <span class="keywordflow">return</span> <span class="stringliteral">&quot;GateWaitObsolete&quot;</span>;</div>
+<div class="line"><a id="l00115" name="l00115"></a><span class="lineno">  115</span>        <span class="keywordflow">case</span> WaitingForProcessInSwap: <span class="keywordflow">return</span> <span class="stringliteral">&quot;WaitingForProcessInSwap&quot;</span>;</div>
+<div class="line"><a id="l00116" name="l00116"></a><span class="lineno">  116</span>    }</div>
+<div class="line"><a id="l00117" name="l00117"></a><span class="lineno">  117</span>    std::stringstream ss;</div>
+<div class="line"><a id="l00118" name="l00118"></a><span class="lineno">  118</span>    ss &lt;&lt; <span class="stringliteral">&quot;Other: &quot;</span> &lt;&lt; std::dec &lt;&lt; <a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">thread_state</a>;</div>
+<div class="line"><a id="l00119" name="l00119"></a><span class="lineno">  119</span>    <span class="keywordflow">return</span> ss.str();</div>
+<div class="line"><a id="l00120" name="l00120"></a><span class="lineno">  120</span>}</div>
 </div>
-<div class="line"><a id="l00119" name="l00119"></a><span class="lineno">  119</span> </div>
-<div class="line"><a id="l00120" name="l00120"></a><span class="lineno">  120</span><span class="comment">//---</span></div>
 <div class="line"><a id="l00121" name="l00121"></a><span class="lineno">  121</span> </div>
-<div class="foldopen" id="foldopen00122" data-start="{" data-end="}">
-<div class="line"><a id="l00122" name="l00122"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">  122</a></span><span class="keywordtype">size_t</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">pesieve::ThreadScanner::analyzeStackFrames</a>(IN <span class="keyword">const</span> std::vector&lt;ULONGLONG&gt; stack_frame, IN OUT <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a>&amp; cDetails)</div>
-<div class="line"><a id="l00123" name="l00123"></a><span class="lineno">  123</span>{</div>
-<div class="line"><a id="l00124" name="l00124"></a><span class="lineno">  124</span>    <span class="keywordtype">size_t</span> processedCntr = 0;</div>
-<div class="line"><a id="l00125" name="l00125"></a><span class="lineno">  125</span>    <span class="keywordtype">bool</span> has_shellcode = <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00126" name="l00126"></a><span class="lineno">  126</span>    cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a8add5038bb0b71c10646482ba2bbcaaa">is_managed</a> = <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00127" name="l00127"></a><span class="lineno">  127</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00128" name="l00128"></a><span class="lineno">  128</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span> &lt;&lt; <span class="stringliteral">&quot;Stack frame Size: &quot;</span> &lt;&lt; std::dec &lt;&lt; stack_frame.size() &lt;&lt; <span class="stringliteral">&quot;\n===\n&quot;</span>;</div>
-<div class="line"><a id="l00129" name="l00129"></a><span class="lineno">  129</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00130" name="l00130"></a><span class="lineno">  130</span>    <span class="keywordflow">for</span> (<span class="keyword">auto</span> itr = stack_frame.rbegin();</div>
-<div class="line"><a id="l00131" name="l00131"></a><span class="lineno">  131</span>        itr != stack_frame.rend() </div>
-<div class="line"><a id="l00132" name="l00132"></a><span class="lineno">  132</span>        &amp;&amp; (!cDetails.is_managed &amp;&amp; !has_shellcode); <span class="comment">// break on first found shellcode, (for now) discontinue analysis if the module is .NET to avoid FP</span></div>
-<div class="line"><a id="l00133" name="l00133"></a><span class="lineno">  133</span>        ++itr, ++processedCntr)</div>
-<div class="line"><a id="l00134" name="l00134"></a><span class="lineno">  134</span>    {</div>
-<div class="line"><a id="l00135" name="l00135"></a><span class="lineno">  135</span>        <span class="keyword">const</span> ULONGLONG next_return = *itr;</div>
-<div class="line"><a id="l00136" name="l00136"></a><span class="lineno">  136</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00137" name="l00137"></a><span class="lineno">  137</span>        <span class="keywordflow">if</span> (symbols) {</div>
-<div class="line"><a id="l00138" name="l00138"></a><span class="lineno">  138</span>            symbols-&gt;dumpSymbolInfo(next_return);</div>
-<div class="line"><a id="l00139" name="l00139"></a><span class="lineno">  139</span>        }</div>
-<div class="line"><a id="l00140" name="l00140"></a><span class="lineno">  140</span>        std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span>;</div>
-<div class="line"><a id="l00141" name="l00141"></a><span class="lineno">  141</span>        printResolvedAddr(next_return);</div>
-<div class="line"><a id="l00142" name="l00142"></a><span class="lineno">  142</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00143" name="l00143"></a><span class="lineno">  143</span>        <span class="keywordtype">bool</span> is_curr_shc = <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00144" name="l00144"></a><span class="lineno">  144</span>        <span class="keyword">const</span> <a class="code hl_class" href="classpesieve_1_1_scanned_module.html">ScannedModule</a>* mod = modulesInfo.findModuleContaining(next_return);</div>
-<div class="line"><a id="l00145" name="l00145"></a><span class="lineno">  145</span>        <span class="keyword">const</span> std::string mod_name = mod ? mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>() : <span class="stringliteral">&quot;&quot;</span>;</div>
-<div class="line"><a id="l00146" name="l00146"></a><span class="lineno">  146</span>        <span class="keywordflow">if</span> (mod_name.length() == 0) {</div>
-<div class="line"><a id="l00147" name="l00147"></a><span class="lineno">  147</span>            <span class="keywordflow">if</span> (!cDetails.is_managed) {</div>
-<div class="line"><a id="l00148" name="l00148"></a><span class="lineno">  148</span>                has_shellcode = is_curr_shc = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00149" name="l00149"></a><span class="lineno">  149</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00150" name="l00150"></a><span class="lineno">  150</span>                std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span> &lt;&lt; std::hex &lt;&lt; next_return &lt;&lt; <span class="stringliteral">&quot; &lt;=== SHELLCODE\n&quot;</span>;</div>
-<div class="line"><a id="l00151" name="l00151"></a><span class="lineno">  151</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00152" name="l00152"></a><span class="lineno">  152</span>            } <span class="keywordflow">else</span> {</div>
-<div class="line"><a id="l00153" name="l00153"></a><span class="lineno">  153</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00154" name="l00154"></a><span class="lineno">  154</span>                std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span> &lt;&lt; std::hex &lt;&lt; next_return &lt;&lt; <span class="stringliteral">&quot; &lt;=== .NET JIT\n&quot;</span>;</div>
-<div class="line"><a id="l00155" name="l00155"></a><span class="lineno">  155</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00156" name="l00156"></a><span class="lineno">  156</span>            }</div>
-<div class="line"><a id="l00157" name="l00157"></a><span class="lineno">  157</span>        }</div>
-<div class="line"><a id="l00158" name="l00158"></a><span class="lineno">  158</span>        <span class="keywordflow">if</span> (!has_shellcode || is_curr_shc) {</div>
-<div class="line"><a id="l00159" name="l00159"></a><span class="lineno">  159</span>            <span class="comment">// store the last address, till the first called shellcode:</span></div>
-<div class="line"><a id="l00160" name="l00160"></a><span class="lineno">  160</span>            cDetails.ret_addr = next_return;</div>
-<div class="line"><a id="l00161" name="l00161"></a><span class="lineno">  161</span>        }</div>
-<div class="line"><a id="l00162" name="l00162"></a><span class="lineno">  162</span>        <span class="comment">// check if the found shellcode is a .NET JIT:</span></div>
-<div class="line"><a id="l00163" name="l00163"></a><span class="lineno">  163</span>        <span class="keywordflow">if</span> (mod_name == <span class="stringliteral">&quot;clr.dll&quot;</span>) {</div>
-<div class="line"><a id="l00164" name="l00164"></a><span class="lineno">  164</span>            cDetails.is_managed = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00165" name="l00165"></a><span class="lineno">  165</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00166" name="l00166"></a><span class="lineno">  166</span>            std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span> &lt;&lt; std::hex &lt;&lt; next_return &lt;&lt; <span class="stringliteral">&quot; &lt;--- .NET\n&quot;</span>;</div>
-<div class="line"><a id="l00167" name="l00167"></a><span class="lineno">  167</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00168" name="l00168"></a><span class="lineno">  168</span>        }</div>
-<div class="line"><a id="l00169" name="l00169"></a><span class="lineno">  169</span>    }</div>
-<div class="line"><a id="l00170" name="l00170"></a><span class="lineno">  170</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00171" name="l00171"></a><span class="lineno">  171</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n===\n&quot;</span>;</div>
-<div class="line"><a id="l00172" name="l00172"></a><span class="lineno">  172</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00173" name="l00173"></a><span class="lineno">  173</span>    <span class="keywordflow">return</span> processedCntr;</div>
-<div class="line"><a id="l00174" name="l00174"></a><span class="lineno">  174</span>}</div>
+<div class="line"><a id="l00122" name="l00122"></a><span class="lineno">  122</span><span class="comment">//---</span></div>
+<div class="line"><a id="l00123" name="l00123"></a><span class="lineno">  123</span> </div>
+<div class="foldopen" id="foldopen00124" data-start="{" data-end="}">
+<div class="line"><a id="l00124" name="l00124"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">  124</a></span><span class="keywordtype">size_t</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">pesieve::ThreadScanner::analyzeStackFrames</a>(IN <span class="keyword">const</span> std::vector&lt;ULONGLONG&gt; stack_frame, IN OUT <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a>&amp; cDetails)</div>
+<div class="line"><a id="l00125" name="l00125"></a><span class="lineno">  125</span>{</div>
+<div class="line"><a id="l00126" name="l00126"></a><span class="lineno">  126</span>    <span class="keywordtype">size_t</span> processedCntr = 0;</div>
+<div class="line"><a id="l00127" name="l00127"></a><span class="lineno">  127</span>    <span class="keywordtype">bool</span> has_shellcode = <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00128" name="l00128"></a><span class="lineno">  128</span>    cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a8add5038bb0b71c10646482ba2bbcaaa">is_managed</a> = <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00129" name="l00129"></a><span class="lineno">  129</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00130" name="l00130"></a><span class="lineno">  130</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span> &lt;&lt; <span class="stringliteral">&quot;Stack frame Size: &quot;</span> &lt;&lt; std::dec &lt;&lt; stack_frame.size() &lt;&lt; <span class="stringliteral">&quot;\n===\n&quot;</span>;</div>
+<div class="line"><a id="l00131" name="l00131"></a><span class="lineno">  131</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00132" name="l00132"></a><span class="lineno">  132</span>    <span class="keywordflow">for</span> (<span class="keyword">auto</span> itr = stack_frame.rbegin();</div>
+<div class="line"><a id="l00133" name="l00133"></a><span class="lineno">  133</span>        itr != stack_frame.rend() </div>
+<div class="line"><a id="l00134" name="l00134"></a><span class="lineno">  134</span>        &amp;&amp; (!cDetails.is_managed &amp;&amp; !has_shellcode) <span class="comment">// break on first found shellcode, (for now) discontinue analysis if the module is .NET to avoid FP</span></div>
+<div class="line"><a id="l00135" name="l00135"></a><span class="lineno">  135</span>        ;++itr, ++processedCntr)</div>
+<div class="line"><a id="l00136" name="l00136"></a><span class="lineno">  136</span>    {</div>
+<div class="line"><a id="l00137" name="l00137"></a><span class="lineno">  137</span>        <span class="keyword">const</span> ULONGLONG next_return = *itr;</div>
+<div class="line"><a id="l00138" name="l00138"></a><span class="lineno">  138</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00139" name="l00139"></a><span class="lineno">  139</span>        <span class="keywordflow">if</span> (symbols) {</div>
+<div class="line"><a id="l00140" name="l00140"></a><span class="lineno">  140</span>            symbols-&gt;dumpSymbolInfo(next_return);</div>
+<div class="line"><a id="l00141" name="l00141"></a><span class="lineno">  141</span>        }</div>
+<div class="line"><a id="l00142" name="l00142"></a><span class="lineno">  142</span>        std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span>;</div>
+<div class="line"><a id="l00143" name="l00143"></a><span class="lineno">  143</span>        printResolvedAddr(next_return);</div>
+<div class="line"><a id="l00144" name="l00144"></a><span class="lineno">  144</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00145" name="l00145"></a><span class="lineno">  145</span>        <span class="keywordtype">bool</span> is_curr_shc = <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00146" name="l00146"></a><span class="lineno">  146</span>        <span class="keyword">const</span> <a class="code hl_class" href="classpesieve_1_1_scanned_module.html">ScannedModule</a>* mod = modulesInfo.findModuleContaining(next_return);</div>
+<div class="line"><a id="l00147" name="l00147"></a><span class="lineno">  147</span>        <span class="keyword">const</span> std::string mod_name = mod ? mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>() : <span class="stringliteral">&quot;&quot;</span>;</div>
+<div class="line"><a id="l00148" name="l00148"></a><span class="lineno">  148</span>        <span class="keywordflow">if</span> (mod_name.length() == 0) {</div>
+<div class="line"><a id="l00149" name="l00149"></a><span class="lineno">  149</span>            <span class="keywordflow">if</span> (!cDetails.is_managed) {</div>
+<div class="line"><a id="l00150" name="l00150"></a><span class="lineno">  150</span>                has_shellcode = is_curr_shc = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00151" name="l00151"></a><span class="lineno">  151</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00152" name="l00152"></a><span class="lineno">  152</span>                std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span> &lt;&lt; std::hex &lt;&lt; next_return &lt;&lt; <span class="stringliteral">&quot; &lt;=== SHELLCODE\n&quot;</span>;</div>
+<div class="line"><a id="l00153" name="l00153"></a><span class="lineno">  153</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00154" name="l00154"></a><span class="lineno">  154</span>            } <span class="keywordflow">else</span> {</div>
+<div class="line"><a id="l00155" name="l00155"></a><span class="lineno">  155</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00156" name="l00156"></a><span class="lineno">  156</span>                std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span> &lt;&lt; std::hex &lt;&lt; next_return &lt;&lt; <span class="stringliteral">&quot; &lt;=== .NET JIT\n&quot;</span>;</div>
+<div class="line"><a id="l00157" name="l00157"></a><span class="lineno">  157</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00158" name="l00158"></a><span class="lineno">  158</span>            }</div>
+<div class="line"><a id="l00159" name="l00159"></a><span class="lineno">  159</span>        }</div>
+<div class="line"><a id="l00160" name="l00160"></a><span class="lineno">  160</span>        <span class="keywordflow">if</span> (!has_shellcode || is_curr_shc) {</div>
+<div class="line"><a id="l00161" name="l00161"></a><span class="lineno">  161</span>            <span class="comment">// store the last address, till the first called shellcode:</span></div>
+<div class="line"><a id="l00162" name="l00162"></a><span class="lineno">  162</span>            cDetails.ret_addr = next_return;</div>
+<div class="line"><a id="l00163" name="l00163"></a><span class="lineno">  163</span>        }</div>
+<div class="line"><a id="l00164" name="l00164"></a><span class="lineno">  164</span>        <span class="comment">// check if the found shellcode is a .NET JIT:</span></div>
+<div class="line"><a id="l00165" name="l00165"></a><span class="lineno">  165</span>        <span class="keywordflow">if</span> (mod_name == <span class="stringliteral">&quot;clr.dll&quot;</span>) {</div>
+<div class="line"><a id="l00166" name="l00166"></a><span class="lineno">  166</span>            cDetails.is_managed = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00167" name="l00167"></a><span class="lineno">  167</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00168" name="l00168"></a><span class="lineno">  168</span>            std::cout &lt;&lt; <span class="stringliteral">&quot;\t&quot;</span> &lt;&lt; std::hex &lt;&lt; next_return &lt;&lt; <span class="stringliteral">&quot; &lt;--- .NET\n&quot;</span>;</div>
+<div class="line"><a id="l00169" name="l00169"></a><span class="lineno">  169</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00170" name="l00170"></a><span class="lineno">  170</span>        }</div>
+<div class="line"><a id="l00171" name="l00171"></a><span class="lineno">  171</span>    }</div>
+<div class="line"><a id="l00172" name="l00172"></a><span class="lineno">  172</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00173" name="l00173"></a><span class="lineno">  173</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n===\n&quot;</span>;</div>
+<div class="line"><a id="l00174" name="l00174"></a><span class="lineno">  174</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00175" name="l00175"></a><span class="lineno">  175</span>    <span class="keywordflow">return</span> processedCntr;</div>
+<div class="line"><a id="l00176" name="l00176"></a><span class="lineno">  176</span>}</div>
 </div>
-<div class="line"><a id="l00175" name="l00175"></a><span class="lineno">  175</span> </div>
-<div class="foldopen" id="foldopen00176" data-start="{" data-end="}">
-<div class="line"><a id="l00176" name="l00176"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">  176</a></span><span class="keywordtype">size_t</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">pesieve::ThreadScanner::fillStackFrameInfo</a>(IN HANDLE hProcess, IN HANDLE hThread, IN LPVOID ctx, IN OUT <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a>&amp; cDetails)</div>
-<div class="line"><a id="l00177" name="l00177"></a><span class="lineno">  177</span>{</div>
-<div class="line"><a id="l00178" name="l00178"></a><span class="lineno">  178</span>    <span class="comment">// do it in a new thread to prevent stucking...</span></div>
-<div class="line"><a id="l00179" name="l00179"></a><span class="lineno">  179</span>    <a class="code hl_struct" href="struct__t__stack__enum__params.html">t_stack_enum_params</a> args(hProcess, hThread, ctx, &amp;cDetails);</div>
-<div class="line"><a id="l00180" name="l00180"></a><span class="lineno">  180</span> </div>
-<div class="line"><a id="l00181" name="l00181"></a><span class="lineno">  181</span>    <span class="keyword">const</span> <span class="keywordtype">size_t</span> max_wait = 1000;</div>
-<div class="line"><a id="l00182" name="l00182"></a><span class="lineno">  182</span>    {</div>
-<div class="line"><a id="l00183" name="l00183"></a><span class="lineno">  183</span>        HANDLE enumThread = CreateThread(</div>
-<div class="line"><a id="l00184" name="l00184"></a><span class="lineno">  184</span>            NULL,                   <span class="comment">// default security attributes</span></div>
-<div class="line"><a id="l00185" name="l00185"></a><span class="lineno">  185</span>            0,                      <span class="comment">// use default stack size  </span></div>
-<div class="line"><a id="l00186" name="l00186"></a><span class="lineno">  186</span>            <a class="code hl_function" href="thread__scanner_8cpp.html#aae9f172c5997c8651c566511823bb19e">enum_stack_thread</a>,       <span class="comment">// thread function name</span></div>
-<div class="line"><a id="l00187" name="l00187"></a><span class="lineno">  187</span>            &amp;args,          <span class="comment">// argument to thread function </span></div>
-<div class="line"><a id="l00188" name="l00188"></a><span class="lineno">  188</span>            0,                      <span class="comment">// use default creation flags </span></div>
-<div class="line"><a id="l00189" name="l00189"></a><span class="lineno">  189</span>            0);   <span class="comment">// returns the thread identifiee</span></div>
-<div class="line"><a id="l00190" name="l00190"></a><span class="lineno">  190</span> </div>
-<div class="line"><a id="l00191" name="l00191"></a><span class="lineno">  191</span>        <span class="keywordflow">if</span> (enumThread) {</div>
-<div class="line"><a id="l00192" name="l00192"></a><span class="lineno">  192</span>            DWORD wait_result = WaitForSingleObject(enumThread, max_wait);</div>
-<div class="line"><a id="l00193" name="l00193"></a><span class="lineno">  193</span>            <span class="keywordflow">if</span> (wait_result == WAIT_TIMEOUT) {</div>
-<div class="line"><a id="l00194" name="l00194"></a><span class="lineno">  194</span>                std::cerr &lt;&lt; <span class="stringliteral">&quot;[!] Cannot retrieve stack frame: timeout passed!\n&quot;</span>;</div>
-<div class="line"><a id="l00195" name="l00195"></a><span class="lineno">  195</span>                TerminateThread(enumThread, 0);</div>
-<div class="line"><a id="l00196" name="l00196"></a><span class="lineno">  196</span>                CloseHandle(enumThread);</div>
-<div class="line"><a id="l00197" name="l00197"></a><span class="lineno">  197</span>                <span class="keywordflow">return</span> 0;</div>
-<div class="line"><a id="l00198" name="l00198"></a><span class="lineno">  198</span>            }</div>
-<div class="line"><a id="l00199" name="l00199"></a><span class="lineno">  199</span>            CloseHandle(enumThread);</div>
-<div class="line"><a id="l00200" name="l00200"></a><span class="lineno">  200</span>        }</div>
-<div class="line"><a id="l00201" name="l00201"></a><span class="lineno">  201</span>    }</div>
-<div class="line"><a id="l00202" name="l00202"></a><span class="lineno">  202</span>    <span class="keywordflow">if</span> (!args.<a class="code hl_variable" href="struct__t__stack__enum__params.html#a61d74c02774139f2cccf850af389735c">is_ok</a>) {</div>
-<div class="line"><a id="l00203" name="l00203"></a><span class="lineno">  203</span>        <span class="keywordflow">return</span> 0;</div>
-<div class="line"><a id="l00204" name="l00204"></a><span class="lineno">  204</span>    }</div>
-<div class="line"><a id="l00205" name="l00205"></a><span class="lineno">  205</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00206" name="l00206"></a><span class="lineno">  206</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n=== TID &quot;</span> &lt;&lt; std::dec &lt;&lt; GetThreadId(hThread) &lt;&lt; <span class="stringliteral">&quot; ===\n&quot;</span>;</div>
-<div class="line"><a id="l00207" name="l00207"></a><span class="lineno">  207</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00208" name="l00208"></a><span class="lineno">  208</span>    <span class="keywordflow">return</span> analyzeStackFrames(args.<a class="code hl_variable" href="struct__t__stack__enum__params.html#afd374d69c557b225099cff673e6ab6d7">stack_frame</a>, cDetails);</div>
-<div class="line"><a id="l00209" name="l00209"></a><span class="lineno">  209</span>}</div>
+<div class="line"><a id="l00177" name="l00177"></a><span class="lineno">  177</span> </div>
+<div class="foldopen" id="foldopen00178" data-start="{" data-end="}">
+<div class="line"><a id="l00178" name="l00178"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">  178</a></span><span class="keywordtype">size_t</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">pesieve::ThreadScanner::fillStackFrameInfo</a>(IN HANDLE hProcess, IN HANDLE hThread, IN LPVOID ctx, IN OUT <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a>&amp; cDetails)</div>
+<div class="line"><a id="l00179" name="l00179"></a><span class="lineno">  179</span>{</div>
+<div class="line"><a id="l00180" name="l00180"></a><span class="lineno">  180</span>    <span class="comment">// do it in a new thread to prevent stucking...</span></div>
+<div class="line"><a id="l00181" name="l00181"></a><span class="lineno">  181</span>    <a class="code hl_struct" href="struct__t__stack__enum__params.html">t_stack_enum_params</a> args(hProcess, hThread, ctx, &amp;cDetails);</div>
+<div class="line"><a id="l00182" name="l00182"></a><span class="lineno">  182</span> </div>
+<div class="line"><a id="l00183" name="l00183"></a><span class="lineno">  183</span>    <span class="keyword">const</span> <span class="keywordtype">size_t</span> max_wait = 1000;</div>
+<div class="line"><a id="l00184" name="l00184"></a><span class="lineno">  184</span>    {</div>
+<div class="line"><a id="l00185" name="l00185"></a><span class="lineno">  185</span>        HANDLE enumThread = CreateThread(</div>
+<div class="line"><a id="l00186" name="l00186"></a><span class="lineno">  186</span>            NULL,                   <span class="comment">// default security attributes</span></div>
+<div class="line"><a id="l00187" name="l00187"></a><span class="lineno">  187</span>            0,                      <span class="comment">// use default stack size  </span></div>
+<div class="line"><a id="l00188" name="l00188"></a><span class="lineno">  188</span>            <a class="code hl_function" href="thread__scanner_8cpp.html#aae9f172c5997c8651c566511823bb19e">enum_stack_thread</a>,       <span class="comment">// thread function name</span></div>
+<div class="line"><a id="l00189" name="l00189"></a><span class="lineno">  189</span>            &amp;args,          <span class="comment">// argument to thread function </span></div>
+<div class="line"><a id="l00190" name="l00190"></a><span class="lineno">  190</span>            0,                      <span class="comment">// use default creation flags </span></div>
+<div class="line"><a id="l00191" name="l00191"></a><span class="lineno">  191</span>            0);   <span class="comment">// returns the thread identifiee</span></div>
+<div class="line"><a id="l00192" name="l00192"></a><span class="lineno">  192</span> </div>
+<div class="line"><a id="l00193" name="l00193"></a><span class="lineno">  193</span>        <span class="keywordflow">if</span> (enumThread) {</div>
+<div class="line"><a id="l00194" name="l00194"></a><span class="lineno">  194</span>            DWORD wait_result = WaitForSingleObject(enumThread, max_wait);</div>
+<div class="line"><a id="l00195" name="l00195"></a><span class="lineno">  195</span>            <span class="keywordflow">if</span> (wait_result == WAIT_TIMEOUT) {</div>
+<div class="line"><a id="l00196" name="l00196"></a><span class="lineno">  196</span>                std::cerr &lt;&lt; <span class="stringliteral">&quot;[!] Cannot retrieve stack frame: timeout passed!\n&quot;</span>;</div>
+<div class="line"><a id="l00197" name="l00197"></a><span class="lineno">  197</span>                TerminateThread(enumThread, 0);</div>
+<div class="line"><a id="l00198" name="l00198"></a><span class="lineno">  198</span>                CloseHandle(enumThread);</div>
+<div class="line"><a id="l00199" name="l00199"></a><span class="lineno">  199</span>                <span class="keywordflow">return</span> 0;</div>
+<div class="line"><a id="l00200" name="l00200"></a><span class="lineno">  200</span>            }</div>
+<div class="line"><a id="l00201" name="l00201"></a><span class="lineno">  201</span>            CloseHandle(enumThread);</div>
+<div class="line"><a id="l00202" name="l00202"></a><span class="lineno">  202</span>        }</div>
+<div class="line"><a id="l00203" name="l00203"></a><span class="lineno">  203</span>    }</div>
+<div class="line"><a id="l00204" name="l00204"></a><span class="lineno">  204</span>    <span class="keywordflow">if</span> (!args.<a class="code hl_variable" href="struct__t__stack__enum__params.html#a61d74c02774139f2cccf850af389735c">is_ok</a>) {</div>
+<div class="line"><a id="l00205" name="l00205"></a><span class="lineno">  205</span>        <span class="keywordflow">return</span> 0;</div>
+<div class="line"><a id="l00206" name="l00206"></a><span class="lineno">  206</span>    }</div>
+<div class="line"><a id="l00207" name="l00207"></a><span class="lineno">  207</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00208" name="l00208"></a><span class="lineno">  208</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n=== TID &quot;</span> &lt;&lt; std::dec &lt;&lt; GetThreadId(hThread) &lt;&lt; <span class="stringliteral">&quot; ===\n&quot;</span>;</div>
+<div class="line"><a id="l00209" name="l00209"></a><span class="lineno">  209</span><span class="preprocessor">#endif </span><span class="comment">//_SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00210" name="l00210"></a><span class="lineno">  210</span>    <span class="keywordflow">return</span> analyzeStackFrames(args.<a class="code hl_variable" href="struct__t__stack__enum__params.html#afd374d69c557b225099cff673e6ab6d7">stack_frame</a>, cDetails);</div>
+<div class="line"><a id="l00211" name="l00211"></a><span class="lineno">  211</span>}</div>
 </div>
-<div class="line"><a id="l00210" name="l00210"></a><span class="lineno">  210</span> </div>
-<div class="foldopen" id="foldopen00211" data-start="{" data-end="}">
-<div class="line"><a id="l00211" name="l00211"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">  211</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">pesieve::ThreadScanner::fetchThreadCtxDetails</a>(IN HANDLE hProcess, IN HANDLE hThread, OUT <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a>&amp; cDetails)</div>
-<div class="line"><a id="l00212" name="l00212"></a><span class="lineno">  212</span>{</div>
-<div class="line"><a id="l00213" name="l00213"></a><span class="lineno">  213</span>    <span class="keywordtype">bool</span> is_ok = <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00214" name="l00214"></a><span class="lineno">  214</span>    BOOL is_wow64 = FALSE;</div>
-<div class="line"><a id="l00215" name="l00215"></a><span class="lineno">  215</span><span class="preprocessor">#ifdef _WIN64</span></div>
-<div class="line"><a id="l00216" name="l00216"></a><span class="lineno">  216</span>    <a class="code hl_function" href="namespacepesieve_1_1util.html#a43b6faf00b6a97279f2d67f4a3fd2513">pesieve::util::is_process_wow64</a>(hProcess, &amp;is_wow64);</div>
-<div class="line"><a id="l00217" name="l00217"></a><span class="lineno">  217</span> </div>
-<div class="line"><a id="l00218" name="l00218"></a><span class="lineno">  218</span>    <span class="keywordflow">if</span> (is_wow64) {</div>
-<div class="line"><a id="l00219" name="l00219"></a><span class="lineno">  219</span>        WOW64_CONTEXT ctx = { 0 };</div>
-<div class="line"><a id="l00220" name="l00220"></a><span class="lineno">  220</span>        ctx.ContextFlags = CONTEXT_INTEGER | CONTEXT_CONTROL;</div>
-<div class="line"><a id="l00221" name="l00221"></a><span class="lineno">  221</span>        <span class="keywordflow">if</span> (<a class="code hl_function" href="namespacepesieve_1_1util.html#adafdd61439fc2750cec84fb15d59ecf8">pesieve::util::wow64_get_thread_context</a>(hThread, &amp;ctx)) {</div>
-<div class="line"><a id="l00222" name="l00222"></a><span class="lineno">  222</span>            is_ok = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00223" name="l00223"></a><span class="lineno">  223</span>            cDetails.init(<span class="keyword">false</span>, ctx.Eip, ctx.Esp, ctx.Ebp);</div>
-<div class="line"><a id="l00224" name="l00224"></a><span class="lineno">  224</span>            fillStackFrameInfo(hProcess, hThread, &amp;ctx, cDetails);</div>
-<div class="line"><a id="l00225" name="l00225"></a><span class="lineno">  225</span>        }</div>
-<div class="line"><a id="l00226" name="l00226"></a><span class="lineno">  226</span>    }</div>
-<div class="line"><a id="l00227" name="l00227"></a><span class="lineno">  227</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00228" name="l00228"></a><span class="lineno">  228</span>    <span class="keywordflow">if</span> (!is_ok) {</div>
-<div class="line"><a id="l00229" name="l00229"></a><span class="lineno">  229</span> </div>
-<div class="line"><a id="l00230" name="l00230"></a><span class="lineno">  230</span>        CONTEXT ctx = { 0 };</div>
-<div class="line"><a id="l00231" name="l00231"></a><span class="lineno">  231</span>        ctx.ContextFlags = CONTEXT_INTEGER | CONTEXT_CONTROL;</div>
-<div class="line"><a id="l00232" name="l00232"></a><span class="lineno">  232</span>        <span class="keywordflow">if</span> (GetThreadContext(hThread, &amp;ctx)) {</div>
-<div class="line"><a id="l00233" name="l00233"></a><span class="lineno">  233</span>            is_ok = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00234" name="l00234"></a><span class="lineno">  234</span><span class="preprocessor">#ifdef _WIN64</span></div>
-<div class="line"><a id="l00235" name="l00235"></a><span class="lineno">  235</span>            cDetails.init(<span class="keyword">true</span>, ctx.Rip, ctx.Rsp, ctx.Rbp);</div>
-<div class="line"><a id="l00236" name="l00236"></a><span class="lineno">  236</span><span class="preprocessor">#else</span></div>
-<div class="line"><a id="l00237" name="l00237"></a><span class="lineno">  237</span>            cDetails.init(<span class="keyword">false</span>, ctx.Eip, ctx.Esp, ctx.Ebp);</div>
-<div class="line"><a id="l00238" name="l00238"></a><span class="lineno">  238</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00239" name="l00239"></a><span class="lineno">  239</span>            fillStackFrameInfo(hProcess, hThread, &amp;ctx, cDetails);</div>
-<div class="line"><a id="l00240" name="l00240"></a><span class="lineno">  240</span>        }</div>
-<div class="line"><a id="l00241" name="l00241"></a><span class="lineno">  241</span>    }</div>
-<div class="line"><a id="l00242" name="l00242"></a><span class="lineno">  242</span>    <span class="keywordflow">return</span> is_ok;</div>
-<div class="line"><a id="l00243" name="l00243"></a><span class="lineno">  243</span>}</div>
+<div class="line"><a id="l00212" name="l00212"></a><span class="lineno">  212</span> </div>
+<div class="foldopen" id="foldopen00213" data-start="{" data-end="}">
+<div class="line"><a id="l00213" name="l00213"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">  213</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">pesieve::ThreadScanner::fetchThreadCtxDetails</a>(IN HANDLE hProcess, IN HANDLE hThread, OUT <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a>&amp; cDetails)</div>
+<div class="line"><a id="l00214" name="l00214"></a><span class="lineno">  214</span>{</div>
+<div class="line"><a id="l00215" name="l00215"></a><span class="lineno">  215</span>    <span class="keywordtype">bool</span> is_ok = <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00216" name="l00216"></a><span class="lineno">  216</span>    BOOL is_wow64 = FALSE;</div>
+<div class="line"><a id="l00217" name="l00217"></a><span class="lineno">  217</span><span class="preprocessor">#ifdef _WIN64</span></div>
+<div class="line"><a id="l00218" name="l00218"></a><span class="lineno">  218</span>    <a class="code hl_function" href="namespacepesieve_1_1util.html#a43b6faf00b6a97279f2d67f4a3fd2513">pesieve::util::is_process_wow64</a>(hProcess, &amp;is_wow64);</div>
+<div class="line"><a id="l00219" name="l00219"></a><span class="lineno">  219</span> </div>
+<div class="line"><a id="l00220" name="l00220"></a><span class="lineno">  220</span>    <span class="keywordflow">if</span> (is_wow64) {</div>
+<div class="line"><a id="l00221" name="l00221"></a><span class="lineno">  221</span>        WOW64_CONTEXT ctx = { 0 };</div>
+<div class="line"><a id="l00222" name="l00222"></a><span class="lineno">  222</span>        ctx.ContextFlags = CONTEXT_INTEGER | CONTEXT_CONTROL;</div>
+<div class="line"><a id="l00223" name="l00223"></a><span class="lineno">  223</span>        <span class="keywordflow">if</span> (<a class="code hl_function" href="namespacepesieve_1_1util.html#adafdd61439fc2750cec84fb15d59ecf8">pesieve::util::wow64_get_thread_context</a>(hThread, &amp;ctx)) {</div>
+<div class="line"><a id="l00224" name="l00224"></a><span class="lineno">  224</span>            is_ok = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00225" name="l00225"></a><span class="lineno">  225</span>            cDetails.init(<span class="keyword">false</span>, ctx.Eip, ctx.Esp, ctx.Ebp);</div>
+<div class="line"><a id="l00226" name="l00226"></a><span class="lineno">  226</span>            fillStackFrameInfo(hProcess, hThread, &amp;ctx, cDetails);</div>
+<div class="line"><a id="l00227" name="l00227"></a><span class="lineno">  227</span>        }</div>
+<div class="line"><a id="l00228" name="l00228"></a><span class="lineno">  228</span>    }</div>
+<div class="line"><a id="l00229" name="l00229"></a><span class="lineno">  229</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00230" name="l00230"></a><span class="lineno">  230</span>    <span class="keywordflow">if</span> (!is_ok) {</div>
+<div class="line"><a id="l00231" name="l00231"></a><span class="lineno">  231</span> </div>
+<div class="line"><a id="l00232" name="l00232"></a><span class="lineno">  232</span>        CONTEXT ctx = { 0 };</div>
+<div class="line"><a id="l00233" name="l00233"></a><span class="lineno">  233</span>        ctx.ContextFlags = CONTEXT_INTEGER | CONTEXT_CONTROL;</div>
+<div class="line"><a id="l00234" name="l00234"></a><span class="lineno">  234</span>        <span class="keywordflow">if</span> (GetThreadContext(hThread, &amp;ctx)) {</div>
+<div class="line"><a id="l00235" name="l00235"></a><span class="lineno">  235</span>            is_ok = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00236" name="l00236"></a><span class="lineno">  236</span><span class="preprocessor">#ifdef _WIN64</span></div>
+<div class="line"><a id="l00237" name="l00237"></a><span class="lineno">  237</span>            cDetails.init(<span class="keyword">true</span>, ctx.Rip, ctx.Rsp, ctx.Rbp);</div>
+<div class="line"><a id="l00238" name="l00238"></a><span class="lineno">  238</span><span class="preprocessor">#else</span></div>
+<div class="line"><a id="l00239" name="l00239"></a><span class="lineno">  239</span>            cDetails.init(<span class="keyword">false</span>, ctx.Eip, ctx.Esp, ctx.Ebp);</div>
+<div class="line"><a id="l00240" name="l00240"></a><span class="lineno">  240</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00241" name="l00241"></a><span class="lineno">  241</span>            fillStackFrameInfo(hProcess, hThread, &amp;ctx, cDetails);</div>
+<div class="line"><a id="l00242" name="l00242"></a><span class="lineno">  242</span>        }</div>
+<div class="line"><a id="l00243" name="l00243"></a><span class="lineno">  243</span>    }</div>
+<div class="line"><a id="l00244" name="l00244"></a><span class="lineno">  244</span>    <span class="keywordflow">return</span> is_ok;</div>
+<div class="line"><a id="l00245" name="l00245"></a><span class="lineno">  245</span>}</div>
 </div>
-<div class="line"><a id="l00244" name="l00244"></a><span class="lineno">  244</span> </div>
-<div class="foldopen" id="foldopen00245" data-start="{" data-end="}">
-<div class="line"><a id="l00245" name="l00245"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">  245</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">pesieve::ThreadScanner::isAddrInShellcode</a>(<span class="keyword">const</span> ULONGLONG addr)</div>
-<div class="line"><a id="l00246" name="l00246"></a><span class="lineno">  246</span>{</div>
-<div class="line"><a id="l00247" name="l00247"></a><span class="lineno">  247</span>    <a class="code hl_class" href="classpesieve_1_1_scanned_module.html">ScannedModule</a>* mod = modulesInfo.findModuleContaining(addr);</div>
-<div class="line"><a id="l00248" name="l00248"></a><span class="lineno">  248</span>    <span class="keywordflow">if</span> (!mod) <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00249" name="l00249"></a><span class="lineno">  249</span> </div>
-<div class="line"><a id="l00250" name="l00250"></a><span class="lineno">  250</span>    <span class="comment">//the module is named</span></div>
-<div class="line"><a id="l00251" name="l00251"></a><span class="lineno">  251</span>    <span class="keywordflow">if</span> (mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>().length() &gt; 0) {</div>
-<div class="line"><a id="l00252" name="l00252"></a><span class="lineno">  252</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00253" name="l00253"></a><span class="lineno">  253</span>    }</div>
-<div class="line"><a id="l00254" name="l00254"></a><span class="lineno">  254</span>    <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00255" name="l00255"></a><span class="lineno">  255</span>}</div>
+<div class="line"><a id="l00246" name="l00246"></a><span class="lineno">  246</span> </div>
+<div class="foldopen" id="foldopen00247" data-start="{" data-end="}">
+<div class="line"><a id="l00247" name="l00247"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">  247</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">pesieve::ThreadScanner::isAddrInShellcode</a>(<span class="keyword">const</span> ULONGLONG addr)</div>
+<div class="line"><a id="l00248" name="l00248"></a><span class="lineno">  248</span>{</div>
+<div class="line"><a id="l00249" name="l00249"></a><span class="lineno">  249</span>    <a class="code hl_class" href="classpesieve_1_1_scanned_module.html">ScannedModule</a>* mod = modulesInfo.findModuleContaining(addr);</div>
+<div class="line"><a id="l00250" name="l00250"></a><span class="lineno">  250</span>    <span class="keywordflow">if</span> (!mod) <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00251" name="l00251"></a><span class="lineno">  251</span> </div>
+<div class="line"><a id="l00252" name="l00252"></a><span class="lineno">  252</span>    <span class="comment">//the module is named</span></div>
+<div class="line"><a id="l00253" name="l00253"></a><span class="lineno">  253</span>    <span class="keywordflow">if</span> (mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>().length() &gt; 0) {</div>
+<div class="line"><a id="l00254" name="l00254"></a><span class="lineno">  254</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00255" name="l00255"></a><span class="lineno">  255</span>    }</div>
+<div class="line"><a id="l00256" name="l00256"></a><span class="lineno">  256</span>    <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00257" name="l00257"></a><span class="lineno">  257</span>}</div>
 </div>
-<div class="line"><a id="l00256" name="l00256"></a><span class="lineno">  256</span> </div>
-<div class="foldopen" id="foldopen00257" data-start="{" data-end="}">
-<div class="line"><a id="l00257" name="l00257"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">  257</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">pesieve::ThreadScanner::printResolvedAddr</a>(<span class="keyword">const</span> ULONGLONG addr)</div>
-<div class="line"><a id="l00258" name="l00258"></a><span class="lineno">  258</span>{</div>
-<div class="line"><a id="l00259" name="l00259"></a><span class="lineno">  259</span>    <span class="keywordtype">bool</span> is_resolved = <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00260" name="l00260"></a><span class="lineno">  260</span>    std::cout &lt;&lt; std::hex &lt;&lt; addr;</div>
-<div class="line"><a id="l00261" name="l00261"></a><span class="lineno">  261</span>    <a class="code hl_class" href="classpesieve_1_1_scanned_module.html">ScannedModule</a>* mod = modulesInfo.findModuleContaining(addr);</div>
-<div class="line"><a id="l00262" name="l00262"></a><span class="lineno">  262</span>    <span class="keywordflow">if</span> (mod) {</div>
-<div class="line"><a id="l00263" name="l00263"></a><span class="lineno">  263</span>        std::cout &lt;&lt; <span class="stringliteral">&quot; : &quot;</span> &lt;&lt; mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>();</div>
-<div class="line"><a id="l00264" name="l00264"></a><span class="lineno">  264</span>        is_resolved = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00265" name="l00265"></a><span class="lineno">  265</span>    }</div>
-<div class="line"><a id="l00266" name="l00266"></a><span class="lineno">  266</span>    <span class="keywordflow">if</span> (exportsMap &amp;&amp; is_resolved) {</div>
-<div class="line"><a id="l00267" name="l00267"></a><span class="lineno">  267</span>        <span class="keywordtype">bool</span> search_name = <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00268" name="l00268"></a><span class="lineno">  268</span>        <span class="keywordflow">if</span> (mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>() == <span class="stringliteral">&quot;ntdll.dll&quot;</span> || mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>() == <span class="stringliteral">&quot;win32u.dll&quot;</span>) {</div>
-<div class="line"><a id="l00269" name="l00269"></a><span class="lineno">  269</span>            search_name = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00270" name="l00270"></a><span class="lineno">  270</span>        }</div>
-<div class="line"><a id="l00271" name="l00271"></a><span class="lineno">  271</span>        <span class="keywordflow">for</span> (<span class="keywordtype">size_t</span> i = 0; i &lt; 25; i++) {</div>
-<div class="line"><a id="l00272" name="l00272"></a><span class="lineno">  272</span>            <span class="keyword">const</span> peconv::ExportedFunc* exp = exportsMap-&gt;find_export_by_va(addr - i);</div>
-<div class="line"><a id="l00273" name="l00273"></a><span class="lineno">  273</span>            <span class="keywordflow">if</span> (exp) {</div>
-<div class="line"><a id="l00274" name="l00274"></a><span class="lineno">  274</span>                std::cout &lt;&lt; <span class="stringliteral">&quot; : &quot;</span> &lt;&lt; exp-&gt;toString();</div>
-<div class="line"><a id="l00275" name="l00275"></a><span class="lineno">  275</span>                is_resolved = <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00276" name="l00276"></a><span class="lineno">  276</span>                <span class="keywordflow">break</span>;</div>
-<div class="line"><a id="l00277" name="l00277"></a><span class="lineno">  277</span>            }</div>
-<div class="line"><a id="l00278" name="l00278"></a><span class="lineno">  278</span>            <span class="keywordflow">if</span> (!search_name) {</div>
-<div class="line"><a id="l00279" name="l00279"></a><span class="lineno">  279</span>                <span class="keywordflow">break</span>;</div>
-<div class="line"><a id="l00280" name="l00280"></a><span class="lineno">  280</span>            }</div>
-<div class="line"><a id="l00281" name="l00281"></a><span class="lineno">  281</span>        }</div>
-<div class="line"><a id="l00282" name="l00282"></a><span class="lineno">  282</span>    }</div>
-<div class="line"><a id="l00283" name="l00283"></a><span class="lineno">  283</span>    std::cout &lt;&lt; std::endl;</div>
-<div class="line"><a id="l00284" name="l00284"></a><span class="lineno">  284</span>    <span class="keywordflow">return</span> is_resolved;</div>
-<div class="line"><a id="l00285" name="l00285"></a><span class="lineno">  285</span>}</div>
+<div class="line"><a id="l00258" name="l00258"></a><span class="lineno">  258</span> </div>
+<div class="foldopen" id="foldopen00259" data-start="{" data-end="}">
+<div class="line"><a id="l00259" name="l00259"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">  259</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">pesieve::ThreadScanner::printResolvedAddr</a>(<span class="keyword">const</span> ULONGLONG addr)</div>
+<div class="line"><a id="l00260" name="l00260"></a><span class="lineno">  260</span>{</div>
+<div class="line"><a id="l00261" name="l00261"></a><span class="lineno">  261</span>    <span class="keywordtype">bool</span> is_resolved = <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00262" name="l00262"></a><span class="lineno">  262</span>    std::cout &lt;&lt; std::hex &lt;&lt; addr;</div>
+<div class="line"><a id="l00263" name="l00263"></a><span class="lineno">  263</span>    <a class="code hl_class" href="classpesieve_1_1_scanned_module.html">ScannedModule</a>* mod = modulesInfo.findModuleContaining(addr);</div>
+<div class="line"><a id="l00264" name="l00264"></a><span class="lineno">  264</span>    <span class="keywordflow">if</span> (mod) {</div>
+<div class="line"><a id="l00265" name="l00265"></a><span class="lineno">  265</span>        std::cout &lt;&lt; <span class="stringliteral">&quot; : &quot;</span> &lt;&lt; mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>();</div>
+<div class="line"><a id="l00266" name="l00266"></a><span class="lineno">  266</span>        is_resolved = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00267" name="l00267"></a><span class="lineno">  267</span>    }</div>
+<div class="line"><a id="l00268" name="l00268"></a><span class="lineno">  268</span>    <span class="keywordflow">if</span> (exportsMap &amp;&amp; is_resolved) {</div>
+<div class="line"><a id="l00269" name="l00269"></a><span class="lineno">  269</span>        <span class="keywordtype">bool</span> search_name = <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00270" name="l00270"></a><span class="lineno">  270</span>        <span class="keywordflow">if</span> (mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>() == <span class="stringliteral">&quot;ntdll.dll&quot;</span> || mod-&gt;<a class="code hl_function" href="classpesieve_1_1_scanned_module.html#a032f8ad62f6bd513835a020fa8f55abb">getModName</a>() == <span class="stringliteral">&quot;win32u.dll&quot;</span>) {</div>
+<div class="line"><a id="l00271" name="l00271"></a><span class="lineno">  271</span>            search_name = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00272" name="l00272"></a><span class="lineno">  272</span>        }</div>
+<div class="line"><a id="l00273" name="l00273"></a><span class="lineno">  273</span>        <span class="keywordflow">for</span> (<span class="keywordtype">size_t</span> i = 0; i &lt; 25; i++) {</div>
+<div class="line"><a id="l00274" name="l00274"></a><span class="lineno">  274</span>            <span class="keyword">const</span> peconv::ExportedFunc* exp = exportsMap-&gt;find_export_by_va(addr - i);</div>
+<div class="line"><a id="l00275" name="l00275"></a><span class="lineno">  275</span>            <span class="keywordflow">if</span> (exp) {</div>
+<div class="line"><a id="l00276" name="l00276"></a><span class="lineno">  276</span>                std::cout &lt;&lt; <span class="stringliteral">&quot; : &quot;</span> &lt;&lt; exp-&gt;toString();</div>
+<div class="line"><a id="l00277" name="l00277"></a><span class="lineno">  277</span>                is_resolved = <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00278" name="l00278"></a><span class="lineno">  278</span>                <span class="keywordflow">break</span>;</div>
+<div class="line"><a id="l00279" name="l00279"></a><span class="lineno">  279</span>            }</div>
+<div class="line"><a id="l00280" name="l00280"></a><span class="lineno">  280</span>            <span class="keywordflow">if</span> (!search_name) {</div>
+<div class="line"><a id="l00281" name="l00281"></a><span class="lineno">  281</span>                <span class="keywordflow">break</span>;</div>
+<div class="line"><a id="l00282" name="l00282"></a><span class="lineno">  282</span>            }</div>
+<div class="line"><a id="l00283" name="l00283"></a><span class="lineno">  283</span>        }</div>
+<div class="line"><a id="l00284" name="l00284"></a><span class="lineno">  284</span>    }</div>
+<div class="line"><a id="l00285" name="l00285"></a><span class="lineno">  285</span>    std::cout &lt;&lt; std::endl;</div>
+<div class="line"><a id="l00286" name="l00286"></a><span class="lineno">  286</span>    <span class="keywordflow">return</span> is_resolved;</div>
+<div class="line"><a id="l00287" name="l00287"></a><span class="lineno">  287</span>}</div>
 </div>
-<div class="line"><a id="l00286" name="l00286"></a><span class="lineno">  286</span> </div>
-<div class="foldopen" id="foldopen00287" data-start="{" data-end="}">
-<div class="line"><a id="l00287" name="l00287"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">  287</a></span><span class="keywordtype">void</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">pesieve::ThreadScanner::printThreadInfo</a>(<span class="keyword">const</span> <a class="code hl_struct" href="structpesieve_1_1util_1_1__thread__info.html">pesieve::util::thread_info</a>&amp; threadi)</div>
-<div class="line"><a id="l00288" name="l00288"></a><span class="lineno">  288</span>{</div>
-<div class="line"><a id="l00289" name="l00289"></a><span class="lineno">  289</span>    std::cout &lt;&lt; std::dec &lt;&lt; <span class="stringliteral">&quot;TID: &quot;</span> &lt;&lt; threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#a390c3d14815d2aaaf625f9fc16f6f01b">tid</a> &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
-<div class="line"><a id="l00290" name="l00290"></a><span class="lineno">  290</span>    std::cout &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot;\tStart   : &quot;</span>;</div>
-<div class="line"><a id="l00291" name="l00291"></a><span class="lineno">  291</span>    printResolvedAddr(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#a2d408cca43d2e48530d63c394755e96b">start_addr</a>);</div>
-<div class="line"><a id="l00292" name="l00292"></a><span class="lineno">  292</span> </div>
-<div class="line"><a id="l00293" name="l00293"></a><span class="lineno">  293</span>    <span class="keywordflow">if</span> (threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#a8ec77c6fa5aa1dc71802d52afdc37386">is_extended</a>) {</div>
-<div class="line"><a id="l00294" name="l00294"></a><span class="lineno">  294</span>        std::cout &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot;\tSysStart: &quot;</span>;</div>
-<div class="line"><a id="l00295" name="l00295"></a><span class="lineno">  295</span>        printResolvedAddr(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a015d9ec862bebffabeeea74cc94c6c03">sys_start_addr</a>);</div>
-<div class="line"><a id="l00296" name="l00296"></a><span class="lineno">  296</span>        std::cout &lt;&lt; <span class="stringliteral">&quot;\tState: [&quot;</span> &lt;&lt; <a class="code hl_function" href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">ThreadScanReport::translate_thread_state</a>(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a64f10518106ade775aecd7f5c2caaf65">state</a>) &lt;&lt; <span class="stringliteral">&quot;]&quot;</span>;</div>
-<div class="line"><a id="l00297" name="l00297"></a><span class="lineno">  297</span>        <span class="keywordflow">if</span> (threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a64f10518106ade775aecd7f5c2caaf65">state</a> == Waiting) {</div>
-<div class="line"><a id="l00298" name="l00298"></a><span class="lineno">  298</span>            std::cout &lt;&lt; <span class="stringliteral">&quot; Reason: [&quot;</span> &lt;&lt; <a class="code hl_function" href="classpesieve_1_1_thread_scan_report.html#a6d190b1f19a3a9fe2c81cd18abb6a72f">ThreadScanReport::translate_wait_reason</a>(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a389b5fb210ec491e9a7db99db5544928">wait_reason</a>) &lt;&lt; <span class="stringliteral">&quot;] Time: &quot;</span> &lt;&lt; threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#adfe41a5fa3df04475f55ae54bf615e58">wait_time</a>;</div>
-<div class="line"><a id="l00299" name="l00299"></a><span class="lineno">  299</span>        }</div>
-<div class="line"><a id="l00300" name="l00300"></a><span class="lineno">  300</span>        std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
-<div class="line"><a id="l00301" name="l00301"></a><span class="lineno">  301</span>    }</div>
-<div class="line"><a id="l00302" name="l00302"></a><span class="lineno">  302</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
-<div class="line"><a id="l00303" name="l00303"></a><span class="lineno">  303</span>}</div>
+<div class="line"><a id="l00288" name="l00288"></a><span class="lineno">  288</span> </div>
+<div class="foldopen" id="foldopen00289" data-start="{" data-end="}">
+<div class="line"><a id="l00289" name="l00289"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">  289</a></span><span class="keywordtype">void</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">pesieve::ThreadScanner::printThreadInfo</a>(<span class="keyword">const</span> <a class="code hl_struct" href="structpesieve_1_1util_1_1__thread__info.html">pesieve::util::thread_info</a>&amp; threadi)</div>
+<div class="line"><a id="l00290" name="l00290"></a><span class="lineno">  290</span>{</div>
+<div class="line"><a id="l00291" name="l00291"></a><span class="lineno">  291</span>    std::cout &lt;&lt; std::dec &lt;&lt; <span class="stringliteral">&quot;TID: &quot;</span> &lt;&lt; threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#a390c3d14815d2aaaf625f9fc16f6f01b">tid</a> &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
+<div class="line"><a id="l00292" name="l00292"></a><span class="lineno">  292</span>    std::cout &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot;\tStart   : &quot;</span>;</div>
+<div class="line"><a id="l00293" name="l00293"></a><span class="lineno">  293</span>    printResolvedAddr(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#a2d408cca43d2e48530d63c394755e96b">start_addr</a>);</div>
+<div class="line"><a id="l00294" name="l00294"></a><span class="lineno">  294</span> </div>
+<div class="line"><a id="l00295" name="l00295"></a><span class="lineno">  295</span>    <span class="keywordflow">if</span> (threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#a8ec77c6fa5aa1dc71802d52afdc37386">is_extended</a>) {</div>
+<div class="line"><a id="l00296" name="l00296"></a><span class="lineno">  296</span>        std::cout &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot;\tSysStart: &quot;</span>;</div>
+<div class="line"><a id="l00297" name="l00297"></a><span class="lineno">  297</span>        printResolvedAddr(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a015d9ec862bebffabeeea74cc94c6c03">sys_start_addr</a>);</div>
+<div class="line"><a id="l00298" name="l00298"></a><span class="lineno">  298</span>        std::cout &lt;&lt; <span class="stringliteral">&quot;\tState: [&quot;</span> &lt;&lt; <a class="code hl_function" href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">ThreadScanReport::translate_thread_state</a>(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a64f10518106ade775aecd7f5c2caaf65">state</a>) &lt;&lt; <span class="stringliteral">&quot;]&quot;</span>;</div>
+<div class="line"><a id="l00299" name="l00299"></a><span class="lineno">  299</span>        <span class="keywordflow">if</span> (threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a64f10518106ade775aecd7f5c2caaf65">state</a> == Waiting) {</div>
+<div class="line"><a id="l00300" name="l00300"></a><span class="lineno">  300</span>            std::cout &lt;&lt; <span class="stringliteral">&quot; Reason: [&quot;</span> &lt;&lt; <a class="code hl_function" href="classpesieve_1_1_thread_scan_report.html#a6d190b1f19a3a9fe2c81cd18abb6a72f">ThreadScanReport::translate_wait_reason</a>(threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#a389b5fb210ec491e9a7db99db5544928">wait_reason</a>) &lt;&lt; <span class="stringliteral">&quot;] Time: &quot;</span> &lt;&lt; threadi.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">ext</a>.<a class="code hl_variable" href="structpesieve_1_1util_1_1__thread__info__ext.html#adfe41a5fa3df04475f55ae54bf615e58">wait_time</a>;</div>
+<div class="line"><a id="l00301" name="l00301"></a><span class="lineno">  301</span>        }</div>
+<div class="line"><a id="l00302" name="l00302"></a><span class="lineno">  302</span>        std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
+<div class="line"><a id="l00303" name="l00303"></a><span class="lineno">  303</span>    }</div>
+<div class="line"><a id="l00304" name="l00304"></a><span class="lineno">  304</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
+<div class="line"><a id="l00305" name="l00305"></a><span class="lineno">  305</span>}</div>
 </div>
-<div class="line"><a id="l00304" name="l00304"></a><span class="lineno">  304</span> </div>
-<div class="foldopen" id="foldopen00305" data-start="{" data-end="}">
-<div class="line"><a id="l00305" name="l00305"></a><span class="lineno"><a class="line" href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">  305</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">get_page_details</a>(HANDLE processHandle, LPVOID start_va, MEMORY_BASIC_INFORMATION &amp;page_info)</div>
-<div class="line"><a id="l00306" name="l00306"></a><span class="lineno">  306</span>{</div>
-<div class="line"><a id="l00307" name="l00307"></a><span class="lineno">  307</span>    <span class="keywordtype">size_t</span> page_info_size = <span class="keyword">sizeof</span>(MEMORY_BASIC_INFORMATION);</div>
-<div class="line"><a id="l00308" name="l00308"></a><span class="lineno">  308</span>    <span class="keyword">const</span> SIZE_T out = VirtualQueryEx(processHandle, (LPCVOID)start_va, &amp;page_info, page_info_size);</div>
-<div class="line"><a id="l00309" name="l00309"></a><span class="lineno">  309</span>    <span class="keyword">const</span> <span class="keywordtype">bool</span> is_read = (out == page_info_size) ? <span class="keyword">true</span> : <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00310" name="l00310"></a><span class="lineno">  310</span>    <span class="keyword">const</span> DWORD error = is_read ? ERROR_SUCCESS : GetLastError();</div>
-<div class="line"><a id="l00311" name="l00311"></a><span class="lineno">  311</span>    <span class="keywordflow">if</span> (error != ERROR_SUCCESS) {</div>
-<div class="line"><a id="l00312" name="l00312"></a><span class="lineno">  312</span>        <span class="comment">//nothing to read</span></div>
-<div class="line"><a id="l00313" name="l00313"></a><span class="lineno">  313</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00314" name="l00314"></a><span class="lineno">  314</span>    }</div>
-<div class="line"><a id="l00315" name="l00315"></a><span class="lineno">  315</span>    <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00316" name="l00316"></a><span class="lineno">  316</span>}</div>
+<div class="line"><a id="l00306" name="l00306"></a><span class="lineno">  306</span> </div>
+<div class="foldopen" id="foldopen00307" data-start="{" data-end="}">
+<div class="line"><a id="l00307" name="l00307"></a><span class="lineno"><a class="line" href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">  307</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">get_page_details</a>(HANDLE processHandle, LPVOID start_va, MEMORY_BASIC_INFORMATION &amp;page_info)</div>
+<div class="line"><a id="l00308" name="l00308"></a><span class="lineno">  308</span>{</div>
+<div class="line"><a id="l00309" name="l00309"></a><span class="lineno">  309</span>    <span class="keywordtype">size_t</span> page_info_size = <span class="keyword">sizeof</span>(MEMORY_BASIC_INFORMATION);</div>
+<div class="line"><a id="l00310" name="l00310"></a><span class="lineno">  310</span>    <span class="keyword">const</span> SIZE_T out = VirtualQueryEx(processHandle, (LPCVOID)start_va, &amp;page_info, page_info_size);</div>
+<div class="line"><a id="l00311" name="l00311"></a><span class="lineno">  311</span>    <span class="keyword">const</span> <span class="keywordtype">bool</span> is_read = (out == page_info_size) ? <span class="keyword">true</span> : <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00312" name="l00312"></a><span class="lineno">  312</span>    <span class="keyword">const</span> DWORD error = is_read ? ERROR_SUCCESS : GetLastError();</div>
+<div class="line"><a id="l00313" name="l00313"></a><span class="lineno">  313</span>    <span class="keywordflow">if</span> (error != ERROR_SUCCESS) {</div>
+<div class="line"><a id="l00314" name="l00314"></a><span class="lineno">  314</span>        <span class="comment">//nothing to read</span></div>
+<div class="line"><a id="l00315" name="l00315"></a><span class="lineno">  315</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00316" name="l00316"></a><span class="lineno">  316</span>    }</div>
+<div class="line"><a id="l00317" name="l00317"></a><span class="lineno">  317</span>    <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00318" name="l00318"></a><span class="lineno">  318</span>}</div>
 </div>
-<div class="line"><a id="l00317" name="l00317"></a><span class="lineno">  317</span> </div>
-<div class="foldopen" id="foldopen00318" data-start="{" data-end="}">
-<div class="line"><a id="l00318" name="l00318"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">  318</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">pesieve::ThreadScanner::fillAreaStats</a>(<a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* my_report)</div>
-<div class="line"><a id="l00319" name="l00319"></a><span class="lineno">  319</span>{</div>
-<div class="line"><a id="l00320" name="l00320"></a><span class="lineno">  320</span>    <span class="keywordflow">if</span> (!my_report) <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00321" name="l00321"></a><span class="lineno">  321</span> </div>
-<div class="line"><a id="l00322" name="l00322"></a><span class="lineno">  322</span>    ULONG_PTR end_va = (ULONG_PTR)my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a49bdf7d9e08c3b7ea427ccf1df2a15df">module</a> + my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a274ffb4b7c29b04c7b09852858540fac">moduleSize</a>;</div>
-<div class="line"><a id="l00323" name="l00323"></a><span class="lineno">  323</span>    <a class="code hl_class" href="classpesieve_1_1_mem_page_data.html">MemPageData</a> mem(this-&gt;processHandle, this-&gt;isReflection, (ULONG_PTR)my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a49bdf7d9e08c3b7ea427ccf1df2a15df">module</a>, end_va);</div>
-<div class="line"><a id="l00324" name="l00324"></a><span class="lineno">  324</span>    <span class="keywordflow">if</span> (!mem.<a class="code hl_function" href="classpesieve_1_1_mem_page_data.html#a59ed1087d268c1742139c7240ab5854f">fillInfo</a>() || !mem.<a class="code hl_function" href="classpesieve_1_1_mem_page_data.html#a01d3a9dc59b2965fa6defbc4dfda8524">load</a>()) {</div>
-<div class="line"><a id="l00325" name="l00325"></a><span class="lineno">  325</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00326" name="l00326"></a><span class="lineno">  326</span>    }</div>
-<div class="line"><a id="l00327" name="l00327"></a><span class="lineno">  327</span>    <a class="code hl_class" href="classpesieve_1_1_area_stats_calculator.html">AreaStatsCalculator</a> calc(mem.<a class="code hl_variable" href="classpesieve_1_1_mem_page_data.html#a1a846ed452227d685a50a72ea516d0f9">loadedData</a>);</div>
-<div class="line"><a id="l00328" name="l00328"></a><span class="lineno">  328</span>    <span class="keywordflow">return</span> calc.<a class="code hl_function" href="classpesieve_1_1_area_stats_calculator.html#a5f85d093b7ddc31bb358a19917f6b4c2">fill</a>(my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a00f0b36826c124dc6be154f0cdeb7f83">stats</a>, <span class="keyword">nullptr</span>);</div>
-<div class="line"><a id="l00329" name="l00329"></a><span class="lineno">  329</span>}</div>
+<div class="line"><a id="l00319" name="l00319"></a><span class="lineno">  319</span> </div>
+<div class="foldopen" id="foldopen00320" data-start="{" data-end="}">
+<div class="line"><a id="l00320" name="l00320"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">  320</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">pesieve::ThreadScanner::fillAreaStats</a>(<a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* my_report)</div>
+<div class="line"><a id="l00321" name="l00321"></a><span class="lineno">  321</span>{</div>
+<div class="line"><a id="l00322" name="l00322"></a><span class="lineno">  322</span>    <span class="keywordflow">if</span> (!my_report) <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00323" name="l00323"></a><span class="lineno">  323</span> </div>
+<div class="line"><a id="l00324" name="l00324"></a><span class="lineno">  324</span>    ULONG_PTR end_va = (ULONG_PTR)my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a49bdf7d9e08c3b7ea427ccf1df2a15df">module</a> + my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a274ffb4b7c29b04c7b09852858540fac">moduleSize</a>;</div>
+<div class="line"><a id="l00325" name="l00325"></a><span class="lineno">  325</span>    <a class="code hl_class" href="classpesieve_1_1_mem_page_data.html">MemPageData</a> mem(this-&gt;processHandle, this-&gt;isReflection, (ULONG_PTR)my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a49bdf7d9e08c3b7ea427ccf1df2a15df">module</a>, end_va);</div>
+<div class="line"><a id="l00326" name="l00326"></a><span class="lineno">  326</span>    <span class="keywordflow">if</span> (!mem.<a class="code hl_function" href="classpesieve_1_1_mem_page_data.html#a59ed1087d268c1742139c7240ab5854f">fillInfo</a>() || !mem.<a class="code hl_function" href="classpesieve_1_1_mem_page_data.html#a01d3a9dc59b2965fa6defbc4dfda8524">load</a>()) {</div>
+<div class="line"><a id="l00327" name="l00327"></a><span class="lineno">  327</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00328" name="l00328"></a><span class="lineno">  328</span>    }</div>
+<div class="line"><a id="l00329" name="l00329"></a><span class="lineno">  329</span>    <a class="code hl_class" href="classpesieve_1_1_area_stats_calculator.html">AreaStatsCalculator</a> calc(mem.<a class="code hl_variable" href="classpesieve_1_1_mem_page_data.html#a1a846ed452227d685a50a72ea516d0f9">loadedData</a>);</div>
+<div class="line"><a id="l00330" name="l00330"></a><span class="lineno">  330</span>    <span class="keywordflow">return</span> calc.<a class="code hl_function" href="classpesieve_1_1_area_stats_calculator.html#a5f85d093b7ddc31bb358a19917f6b4c2">fill</a>(my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a00f0b36826c124dc6be154f0cdeb7f83">stats</a>, <span class="keyword">nullptr</span>);</div>
+<div class="line"><a id="l00331" name="l00331"></a><span class="lineno">  331</span>}</div>
 </div>
-<div class="line"><a id="l00330" name="l00330"></a><span class="lineno">  330</span> </div>
-<div class="foldopen" id="foldopen00331" data-start="{" data-end="}">
-<div class="line"><a id="l00331" name="l00331"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">  331</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">pesieve::ThreadScanner::reportSuspiciousAddr</a>(<a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* my_report, ULONGLONG susp_addr)</div>
-<div class="line"><a id="l00332" name="l00332"></a><span class="lineno">  332</span>{</div>
-<div class="line"><a id="l00333" name="l00333"></a><span class="lineno">  333</span>    MEMORY_BASIC_INFORMATION page_info = { 0 };</div>
-<div class="line"><a id="l00334" name="l00334"></a><span class="lineno">  334</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">get_page_details</a>(processHandle, (LPVOID)susp_addr, page_info)) {</div>
-<div class="line"><a id="l00335" name="l00335"></a><span class="lineno">  335</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00336" name="l00336"></a><span class="lineno">  336</span>    }</div>
-<div class="line"><a id="l00337" name="l00337"></a><span class="lineno">  337</span>    <span class="keywordflow">if</span> (page_info.State &amp; MEM_FREE) {</div>
-<div class="line"><a id="l00338" name="l00338"></a><span class="lineno">  338</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00339" name="l00339"></a><span class="lineno">  339</span>    }</div>
-<div class="line"><a id="l00340" name="l00340"></a><span class="lineno">  340</span>    ULONGLONG base = (ULONGLONG)page_info.BaseAddress;</div>
-<div class="line"><a id="l00341" name="l00341"></a><span class="lineno">  341</span>    <span class="keywordflow">if</span> (this-&gt;<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.is_extended) {</div>
-<div class="line"><a id="l00342" name="l00342"></a><span class="lineno">  342</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">thread_state</a> = <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.state;</div>
-<div class="line"><a id="l00343" name="l00343"></a><span class="lineno">  343</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#acfe24bd84475b4de990f163e131a99e4">thread_wait_reason</a> = <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason;</div>
-<div class="line"><a id="l00344" name="l00344"></a><span class="lineno">  344</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a426ff44e71530e3f96236540d62d21e4">thread_wait_time</a> = <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_time;</div>
-<div class="line"><a id="l00345" name="l00345"></a><span class="lineno">  345</span>    }</div>
-<div class="line"><a id="l00346" name="l00346"></a><span class="lineno">  346</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a49bdf7d9e08c3b7ea427ccf1df2a15df">module</a> = (HMODULE)base;</div>
-<div class="line"><a id="l00347" name="l00347"></a><span class="lineno">  347</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a274ffb4b7c29b04c7b09852858540fac">moduleSize</a> = page_info.RegionSize;</div>
-<div class="line"><a id="l00348" name="l00348"></a><span class="lineno">  348</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a5419a44653c87acb8b8b49a53a2e67eb">protection</a> = page_info.AllocationProtect;</div>
-<div class="line"><a id="l00349" name="l00349"></a><span class="lineno">  349</span> </div>
-<div class="line"><a id="l00350" name="l00350"></a><span class="lineno">  350</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a5a930aaa32e9de46d95b25018a373cbc">susp_addr</a> = susp_addr;</div>
-<div class="line"><a id="l00351" name="l00351"></a><span class="lineno">  351</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883aa8e008219c2ccce11f9d85b511f9b5a6">SCAN_SUSPICIOUS</a>;</div>
-<div class="line"><a id="l00352" name="l00352"></a><span class="lineno">  352</span>    <span class="keyword">const</span> <span class="keywordtype">bool</span> isStatFilled = fillAreaStats(my_report);</div>
-<div class="line"><a id="l00353" name="l00353"></a><span class="lineno">  353</span><span class="preprocessor">#ifndef NO_ENTROPY_CHECK</span></div>
-<div class="line"><a id="l00354" name="l00354"></a><span class="lineno">  354</span>    <span class="keywordflow">if</span> (isStatFilled &amp;&amp; (my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a00f0b36826c124dc6be154f0cdeb7f83">stats</a>.<a class="code hl_variable" href="classpesieve_1_1_area_entropy_stats.html#a82df077a940d6870308d72ba39cbeec2">entropy</a> &lt; <a class="code hl_define" href="thread__scanner_8cpp.html#acaf6cb2ff8299b9b3c55905f936d38a9">ENTROPY_TRESHOLD</a>)) {</div>
-<div class="line"><a id="l00355" name="l00355"></a><span class="lineno">  355</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
-<div class="line"><a id="l00356" name="l00356"></a><span class="lineno">  356</span>    }</div>
-<div class="line"><a id="l00357" name="l00357"></a><span class="lineno">  357</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00358" name="l00358"></a><span class="lineno">  358</span>    <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00359" name="l00359"></a><span class="lineno">  359</span>}</div>
+<div class="line"><a id="l00332" name="l00332"></a><span class="lineno">  332</span> </div>
+<div class="foldopen" id="foldopen00333" data-start="{" data-end="}">
+<div class="line"><a id="l00333" name="l00333"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">  333</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">pesieve::ThreadScanner::reportSuspiciousAddr</a>(<a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* my_report, ULONGLONG susp_addr)</div>
+<div class="line"><a id="l00334" name="l00334"></a><span class="lineno">  334</span>{</div>
+<div class="line"><a id="l00335" name="l00335"></a><span class="lineno">  335</span>    MEMORY_BASIC_INFORMATION page_info = { 0 };</div>
+<div class="line"><a id="l00336" name="l00336"></a><span class="lineno">  336</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">get_page_details</a>(processHandle, (LPVOID)susp_addr, page_info)) {</div>
+<div class="line"><a id="l00337" name="l00337"></a><span class="lineno">  337</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00338" name="l00338"></a><span class="lineno">  338</span>    }</div>
+<div class="line"><a id="l00339" name="l00339"></a><span class="lineno">  339</span>    <span class="keywordflow">if</span> (page_info.State &amp; MEM_FREE) {</div>
+<div class="line"><a id="l00340" name="l00340"></a><span class="lineno">  340</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00341" name="l00341"></a><span class="lineno">  341</span>    }</div>
+<div class="line"><a id="l00342" name="l00342"></a><span class="lineno">  342</span>    ULONGLONG base = (ULONGLONG)page_info.BaseAddress;</div>
+<div class="line"><a id="l00343" name="l00343"></a><span class="lineno">  343</span>    <span class="keywordflow">if</span> (this-&gt;<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.is_extended) {</div>
+<div class="line"><a id="l00344" name="l00344"></a><span class="lineno">  344</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">thread_state</a> = <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.state;</div>
+<div class="line"><a id="l00345" name="l00345"></a><span class="lineno">  345</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#acfe24bd84475b4de990f163e131a99e4">thread_wait_reason</a> = <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason;</div>
+<div class="line"><a id="l00346" name="l00346"></a><span class="lineno">  346</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a426ff44e71530e3f96236540d62d21e4">thread_wait_time</a> = <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_time;</div>
+<div class="line"><a id="l00347" name="l00347"></a><span class="lineno">  347</span>    }</div>
+<div class="line"><a id="l00348" name="l00348"></a><span class="lineno">  348</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a49bdf7d9e08c3b7ea427ccf1df2a15df">module</a> = (HMODULE)base;</div>
+<div class="line"><a id="l00349" name="l00349"></a><span class="lineno">  349</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a274ffb4b7c29b04c7b09852858540fac">moduleSize</a> = page_info.RegionSize;</div>
+<div class="line"><a id="l00350" name="l00350"></a><span class="lineno">  350</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a5419a44653c87acb8b8b49a53a2e67eb">protection</a> = page_info.AllocationProtect;</div>
+<div class="line"><a id="l00351" name="l00351"></a><span class="lineno">  351</span> </div>
+<div class="line"><a id="l00352" name="l00352"></a><span class="lineno">  352</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a5a930aaa32e9de46d95b25018a373cbc">susp_addr</a> = susp_addr;</div>
+<div class="line"><a id="l00353" name="l00353"></a><span class="lineno">  353</span>    my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883aa8e008219c2ccce11f9d85b511f9b5a6">SCAN_SUSPICIOUS</a>;</div>
+<div class="line"><a id="l00354" name="l00354"></a><span class="lineno">  354</span>    <span class="keyword">const</span> <span class="keywordtype">bool</span> isStatFilled = fillAreaStats(my_report);</div>
+<div class="line"><a id="l00355" name="l00355"></a><span class="lineno">  355</span><span class="preprocessor">#ifndef NO_ENTROPY_CHECK</span></div>
+<div class="line"><a id="l00356" name="l00356"></a><span class="lineno">  356</span>    <span class="keywordflow">if</span> (isStatFilled &amp;&amp; (my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_thread_scan_report.html#a00f0b36826c124dc6be154f0cdeb7f83">stats</a>.<a class="code hl_variable" href="classpesieve_1_1_area_entropy_stats.html#a82df077a940d6870308d72ba39cbeec2">entropy</a> &lt; <a class="code hl_define" href="thread__scanner_8cpp.html#acaf6cb2ff8299b9b3c55905f936d38a9">ENTROPY_TRESHOLD</a>)) {</div>
+<div class="line"><a id="l00357" name="l00357"></a><span class="lineno">  357</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
+<div class="line"><a id="l00358" name="l00358"></a><span class="lineno">  358</span>    }</div>
+<div class="line"><a id="l00359" name="l00359"></a><span class="lineno">  359</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00360" name="l00360"></a><span class="lineno">  360</span>    <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00361" name="l00361"></a><span class="lineno">  361</span>}</div>
 </div>
-<div class="line"><a id="l00360" name="l00360"></a><span class="lineno">  360</span> </div>
-<div class="line"><a id="l00361" name="l00361"></a><span class="lineno">  361</span><span class="comment">// if extended info given, allow to filter out from the scan basing on the thread state and conditions</span></div>
-<div class="foldopen" id="foldopen00362" data-start="{" data-end="}">
-<div class="line"><a id="l00362" name="l00362"></a><span class="lineno"><a class="line" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">  362</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a>(<span class="keyword">const</span> <a class="code hl_struct" href="structpesieve_1_1util_1_1__thread__info.html">util::thread_info</a>&amp; <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>)</div>
-<div class="line"><a id="l00363" name="l00363"></a><span class="lineno">  363</span>{</div>
-<div class="line"><a id="l00364" name="l00364"></a><span class="lineno">  364</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.is_extended) {</div>
-<div class="line"><a id="l00365" name="l00365"></a><span class="lineno">  365</span>        <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00366" name="l00366"></a><span class="lineno">  366</span>    }</div>
-<div class="line"><a id="l00367" name="l00367"></a><span class="lineno">  367</span>    <span class="keyword">const</span> KTHREAD_STATE state = (KTHREAD_STATE)<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.state;</div>
-<div class="line"><a id="l00368" name="l00368"></a><span class="lineno">  368</span>    <span class="keywordflow">if</span> (state == Ready) {</div>
-<div class="line"><a id="l00369" name="l00369"></a><span class="lineno">  369</span>        <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00370" name="l00370"></a><span class="lineno">  370</span>    }</div>
-<div class="line"><a id="l00371" name="l00371"></a><span class="lineno">  371</span>    <span class="keywordflow">if</span> (state == Terminated) {</div>
-<div class="line"><a id="l00372" name="l00372"></a><span class="lineno">  372</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00373" name="l00373"></a><span class="lineno">  373</span>    }</div>
-<div class="line"><a id="l00374" name="l00374"></a><span class="lineno">  374</span>    <span class="keywordflow">if</span> (state == Waiting) {</div>
-<div class="line"><a id="l00375" name="l00375"></a><span class="lineno">  375</span>        <span class="keywordflow">if</span> (<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.sys_start_addr == 0) {</div>
-<div class="line"><a id="l00376" name="l00376"></a><span class="lineno">  376</span>            <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00377" name="l00377"></a><span class="lineno">  377</span>        }</div>
-<div class="line"><a id="l00378" name="l00378"></a><span class="lineno">  378</span>        <span class="keywordflow">if</span> (<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason == DelayExecution</div>
-<div class="line"><a id="l00379" name="l00379"></a><span class="lineno">  379</span>            || <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason == Suspended</div>
-<div class="line"><a id="l00380" name="l00380"></a><span class="lineno">  380</span>            || <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason == Executive <span class="comment">// the thread is waiting got the scheduler</span></div>
-<div class="line"><a id="l00381" name="l00381"></a><span class="lineno">  381</span>            || <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason == UserRequest <span class="comment">// i.e. WaitForSingleObject/WaitForMultipleObjects</span></div>
-<div class="line"><a id="l00382" name="l00382"></a><span class="lineno">  382</span>            || <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.wait_reason == WrUserRequest <span class="comment">// i.e. when the thread calls GetMessage</span></div>
-<div class="line"><a id="l00383" name="l00383"></a><span class="lineno">  383</span>            )</div>
-<div class="line"><a id="l00384" name="l00384"></a><span class="lineno">  384</span>        {</div>
-<div class="line"><a id="l00385" name="l00385"></a><span class="lineno">  385</span>            <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
-<div class="line"><a id="l00386" name="l00386"></a><span class="lineno">  386</span>        }</div>
-<div class="line"><a id="l00387" name="l00387"></a><span class="lineno">  387</span>    }</div>
-<div class="line"><a id="l00388" name="l00388"></a><span class="lineno">  388</span>    <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
-<div class="line"><a id="l00389" name="l00389"></a><span class="lineno">  389</span>}</div>
+<div class="line"><a id="l00362" name="l00362"></a><span class="lineno">  362</span> </div>
+<div class="line"><a id="l00363" name="l00363"></a><span class="lineno">  363</span><span class="comment">// if extended info given, allow to filter out from the scan basing on the thread state and conditions</span></div>
+<div class="foldopen" id="foldopen00364" data-start="{" data-end="}">
+<div class="line"><a id="l00364" name="l00364"></a><span class="lineno"><a class="line" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">  364</a></span><span class="keywordtype">bool</span> <a class="code hl_function" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a>(<span class="keyword">const</span> <a class="code hl_struct" href="structpesieve_1_1util_1_1__thread__info.html">util::thread_info</a>&amp; <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>)</div>
+<div class="line"><a id="l00365" name="l00365"></a><span class="lineno">  365</span>{</div>
+<div class="line"><a id="l00366" name="l00366"></a><span class="lineno">  366</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.is_extended) {</div>
+<div class="line"><a id="l00367" name="l00367"></a><span class="lineno">  367</span>        <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00368" name="l00368"></a><span class="lineno">  368</span>    }</div>
+<div class="line"><a id="l00369" name="l00369"></a><span class="lineno">  369</span>    <span class="keyword">const</span> KTHREAD_STATE state = (KTHREAD_STATE)<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.ext.state;</div>
+<div class="line"><a id="l00370" name="l00370"></a><span class="lineno">  370</span>    <span class="keywordflow">if</span> (state == Ready) {</div>
+<div class="line"><a id="l00371" name="l00371"></a><span class="lineno">  371</span>        <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00372" name="l00372"></a><span class="lineno">  372</span>    }</div>
+<div class="line"><a id="l00373" name="l00373"></a><span class="lineno">  373</span>    <span class="keywordflow">if</span> (state == Terminated) {</div>
+<div class="line"><a id="l00374" name="l00374"></a><span class="lineno">  374</span>        <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00375" name="l00375"></a><span class="lineno">  375</span>    }</div>
+<div class="line"><a id="l00376" name="l00376"></a><span class="lineno">  376</span>    <span class="keywordflow">if</span> (state == Waiting) {</div>
+<div class="line"><a id="l00377" name="l00377"></a><span class="lineno">  377</span>        <span class="keywordflow">return</span> <span class="keyword">true</span>;</div>
+<div class="line"><a id="l00378" name="l00378"></a><span class="lineno">  378</span>    }</div>
+<div class="line"><a id="l00379" name="l00379"></a><span class="lineno">  379</span>    <span class="keywordflow">return</span> <span class="keyword">false</span>;</div>
+<div class="line"><a id="l00380" name="l00380"></a><span class="lineno">  380</span>}</div>
 </div>
-<div class="line"><a id="l00390" name="l00390"></a><span class="lineno">  390</span> </div>
-<div class="foldopen" id="foldopen00391" data-start="{" data-end="}">
-<div class="line"><a id="l00391" name="l00391"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">  391</a></span><a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a>()</div>
-<div class="line"><a id="l00392" name="l00392"></a><span class="lineno">  392</span>{</div>
-<div class="line"><a id="l00393" name="l00393"></a><span class="lineno">  393</span>    <a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* my_report = <span class="keyword">new</span> <a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.tid);</div>
-<div class="line"><a id="l00394" name="l00394"></a><span class="lineno">  394</span>    <span class="keywordflow">if</span> (!my_report) <span class="keywordflow">return</span> <span class="keyword">nullptr</span>;</div>
-<div class="line"><a id="l00395" name="l00395"></a><span class="lineno">  395</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00396" name="l00396"></a><span class="lineno">  396</span>    printThreadInfo(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>);</div>
-<div class="line"><a id="l00397" name="l00397"></a><span class="lineno">  397</span><span class="preprocessor">#endif </span><span class="comment">// _SHOW_THREAD_INFO</span></div>
-<div class="line"><a id="l00398" name="l00398"></a><span class="lineno">  398</span>    <span class="keywordtype">bool</span> is_shc = isAddrInShellcode(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.start_addr);</div>
-<div class="line"><a id="l00399" name="l00399"></a><span class="lineno">  399</span>    <span class="keywordflow">if</span> (is_shc) {</div>
-<div class="line"><a id="l00400" name="l00400"></a><span class="lineno">  400</span>        <span class="keywordflow">if</span> (reportSuspiciousAddr(my_report, <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.start_addr)) {</div>
-<div class="line"><a id="l00401" name="l00401"></a><span class="lineno">  401</span>            <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00402" name="l00402"></a><span class="lineno">  402</span>        }</div>
-<div class="line"><a id="l00403" name="l00403"></a><span class="lineno">  403</span>    }</div>
-<div class="line"><a id="l00404" name="l00404"></a><span class="lineno">  404</span><span class="preprocessor">#ifndef _DEBUG</span></div>
-<div class="line"><a id="l00405" name="l00405"></a><span class="lineno">  405</span>    <span class="comment">// if NOT compiled in a debug mode, make this check BEFORE scan</span></div>
-<div class="line"><a id="l00406" name="l00406"></a><span class="lineno">  406</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a>(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>)) {</div>
-<div class="line"><a id="l00407" name="l00407"></a><span class="lineno">  407</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
-<div class="line"><a id="l00408" name="l00408"></a><span class="lineno">  408</span>        <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00409" name="l00409"></a><span class="lineno">  409</span>    }</div>
-<div class="line"><a id="l00410" name="l00410"></a><span class="lineno">  410</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00411" name="l00411"></a><span class="lineno">  411</span>    <span class="comment">// proceed with detailed checks:</span></div>
-<div class="line"><a id="l00412" name="l00412"></a><span class="lineno">  412</span>    HANDLE hThread = OpenThread(</div>
-<div class="line"><a id="l00413" name="l00413"></a><span class="lineno">  413</span>        THREAD_GET_CONTEXT | THREAD_QUERY_INFORMATION | SYNCHRONIZE,</div>
-<div class="line"><a id="l00414" name="l00414"></a><span class="lineno">  414</span>        FALSE,</div>
-<div class="line"><a id="l00415" name="l00415"></a><span class="lineno">  415</span>        <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.tid</div>
-<div class="line"><a id="l00416" name="l00416"></a><span class="lineno">  416</span>    );</div>
-<div class="line"><a id="l00417" name="l00417"></a><span class="lineno">  417</span>    <span class="keywordflow">if</span> (!hThread) {</div>
-<div class="line"><a id="l00418" name="l00418"></a><span class="lineno">  418</span><span class="preprocessor">#ifdef _DEBUG</span></div>
-<div class="line"><a id="l00419" name="l00419"></a><span class="lineno">  419</span>        std::cerr &lt;&lt; <span class="stringliteral">&quot;[-] Could not OpenThread. Error: &quot;</span> &lt;&lt; GetLastError() &lt;&lt; std::endl;</div>
-<div class="line"><a id="l00420" name="l00420"></a><span class="lineno">  420</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00421" name="l00421"></a><span class="lineno">  421</span>        <span class="keywordflow">return</span> <span class="keyword">nullptr</span>;</div>
-<div class="line"><a id="l00422" name="l00422"></a><span class="lineno">  422</span>    }</div>
-<div class="line"><a id="l00423" name="l00423"></a><span class="lineno">  423</span> </div>
-<div class="line"><a id="l00424" name="l00424"></a><span class="lineno">  424</span>    <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a> cDetails = { 0 };</div>
-<div class="line"><a id="l00425" name="l00425"></a><span class="lineno">  425</span>    <span class="keyword">const</span> <span class="keywordtype">bool</span> is_ok = fetchThreadCtxDetails(processHandle, hThread, cDetails);</div>
-<div class="line"><a id="l00426" name="l00426"></a><span class="lineno">  426</span> </div>
-<div class="line"><a id="l00427" name="l00427"></a><span class="lineno">  427</span>    DWORD exit_code = 0;</div>
-<div class="line"><a id="l00428" name="l00428"></a><span class="lineno">  428</span>    GetExitCodeThread(hThread, &amp;exit_code);</div>
-<div class="line"><a id="l00429" name="l00429"></a><span class="lineno">  429</span>    CloseHandle(hThread);</div>
-<div class="line"><a id="l00430" name="l00430"></a><span class="lineno">  430</span> </div>
-<div class="line"><a id="l00431" name="l00431"></a><span class="lineno">  431</span>    <span class="keywordflow">if</span> (!is_ok) {</div>
-<div class="line"><a id="l00432" name="l00432"></a><span class="lineno">  432</span>        <span class="comment">// could not fetch the thread context and information</span></div>
-<div class="line"><a id="l00433" name="l00433"></a><span class="lineno">  433</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883ab619b7720957ba16403f9eb619bba747">SCAN_ERROR</a>;</div>
-<div class="line"><a id="l00434" name="l00434"></a><span class="lineno">  434</span>        <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00381" name="l00381"></a><span class="lineno">  381</span> </div>
+<div class="foldopen" id="foldopen00382" data-start="{" data-end="}">
+<div class="line"><a id="l00382" name="l00382"></a><span class="lineno"><a class="line" href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">  382</a></span><a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* <a class="code hl_function" href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a>()</div>
+<div class="line"><a id="l00383" name="l00383"></a><span class="lineno">  383</span>{</div>
+<div class="line"><a id="l00384" name="l00384"></a><span class="lineno">  384</span>    <a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>* my_report = <span class="keyword">new</span> <a class="code hl_class" href="classpesieve_1_1_thread_scan_report.html">ThreadScanReport</a>(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.tid);</div>
+<div class="line"><a id="l00385" name="l00385"></a><span class="lineno">  385</span>    <span class="keywordflow">if</span> (!my_report) <span class="keywordflow">return</span> <span class="keyword">nullptr</span>;</div>
+<div class="line"><a id="l00386" name="l00386"></a><span class="lineno">  386</span><span class="preprocessor">#ifdef _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00387" name="l00387"></a><span class="lineno">  387</span>    printThreadInfo(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>);</div>
+<div class="line"><a id="l00388" name="l00388"></a><span class="lineno">  388</span><span class="preprocessor">#endif </span><span class="comment">// _SHOW_THREAD_INFO</span></div>
+<div class="line"><a id="l00389" name="l00389"></a><span class="lineno">  389</span>    <span class="keywordtype">bool</span> is_shc = isAddrInShellcode(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.start_addr);</div>
+<div class="line"><a id="l00390" name="l00390"></a><span class="lineno">  390</span>    <span class="keywordflow">if</span> (is_shc) {</div>
+<div class="line"><a id="l00391" name="l00391"></a><span class="lineno">  391</span>        <span class="keywordflow">if</span> (reportSuspiciousAddr(my_report, <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.start_addr)) {</div>
+<div class="line"><a id="l00392" name="l00392"></a><span class="lineno">  392</span>            <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00393" name="l00393"></a><span class="lineno">  393</span>        }</div>
+<div class="line"><a id="l00394" name="l00394"></a><span class="lineno">  394</span>    }</div>
+<div class="line"><a id="l00395" name="l00395"></a><span class="lineno">  395</span><span class="preprocessor">#ifndef _DEBUG</span></div>
+<div class="line"><a id="l00396" name="l00396"></a><span class="lineno">  396</span>    <span class="comment">// if NOT compiled in a debug mode, make this check BEFORE scan</span></div>
+<div class="line"><a id="l00397" name="l00397"></a><span class="lineno">  397</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a>(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>)) {</div>
+<div class="line"><a id="l00398" name="l00398"></a><span class="lineno">  398</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
+<div class="line"><a id="l00399" name="l00399"></a><span class="lineno">  399</span>        <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00400" name="l00400"></a><span class="lineno">  400</span>    }</div>
+<div class="line"><a id="l00401" name="l00401"></a><span class="lineno">  401</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00402" name="l00402"></a><span class="lineno">  402</span>    <span class="comment">// proceed with detailed checks:</span></div>
+<div class="line"><a id="l00403" name="l00403"></a><span class="lineno">  403</span>    HANDLE hThread = OpenThread(</div>
+<div class="line"><a id="l00404" name="l00404"></a><span class="lineno">  404</span>        THREAD_GET_CONTEXT | THREAD_QUERY_INFORMATION | SYNCHRONIZE,</div>
+<div class="line"><a id="l00405" name="l00405"></a><span class="lineno">  405</span>        FALSE,</div>
+<div class="line"><a id="l00406" name="l00406"></a><span class="lineno">  406</span>        <a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>.tid</div>
+<div class="line"><a id="l00407" name="l00407"></a><span class="lineno">  407</span>    );</div>
+<div class="line"><a id="l00408" name="l00408"></a><span class="lineno">  408</span>    <span class="keywordflow">if</span> (!hThread) {</div>
+<div class="line"><a id="l00409" name="l00409"></a><span class="lineno">  409</span><span class="preprocessor">#ifdef _DEBUG</span></div>
+<div class="line"><a id="l00410" name="l00410"></a><span class="lineno">  410</span>        std::cerr &lt;&lt; <span class="stringliteral">&quot;[-] Could not OpenThread. Error: &quot;</span> &lt;&lt; GetLastError() &lt;&lt; std::endl;</div>
+<div class="line"><a id="l00411" name="l00411"></a><span class="lineno">  411</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00412" name="l00412"></a><span class="lineno">  412</span>        <span class="keywordflow">return</span> <span class="keyword">nullptr</span>;</div>
+<div class="line"><a id="l00413" name="l00413"></a><span class="lineno">  413</span>    }</div>
+<div class="line"><a id="l00414" name="l00414"></a><span class="lineno">  414</span> </div>
+<div class="line"><a id="l00415" name="l00415"></a><span class="lineno">  415</span>    <a class="code hl_struct" href="structpesieve_1_1__ctx__details.html">ctx_details</a> cDetails = { 0 };</div>
+<div class="line"><a id="l00416" name="l00416"></a><span class="lineno">  416</span>    <span class="keyword">const</span> <span class="keywordtype">bool</span> is_ok = fetchThreadCtxDetails(processHandle, hThread, cDetails);</div>
+<div class="line"><a id="l00417" name="l00417"></a><span class="lineno">  417</span> </div>
+<div class="line"><a id="l00418" name="l00418"></a><span class="lineno">  418</span>    DWORD exit_code = 0;</div>
+<div class="line"><a id="l00419" name="l00419"></a><span class="lineno">  419</span>    GetExitCodeThread(hThread, &amp;exit_code);</div>
+<div class="line"><a id="l00420" name="l00420"></a><span class="lineno">  420</span>    CloseHandle(hThread);</div>
+<div class="line"><a id="l00421" name="l00421"></a><span class="lineno">  421</span> </div>
+<div class="line"><a id="l00422" name="l00422"></a><span class="lineno">  422</span>    <span class="keywordflow">if</span> (!is_ok) {</div>
+<div class="line"><a id="l00423" name="l00423"></a><span class="lineno">  423</span>        <span class="comment">// could not fetch the thread context and information</span></div>
+<div class="line"><a id="l00424" name="l00424"></a><span class="lineno">  424</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883ab619b7720957ba16403f9eb619bba747">SCAN_ERROR</a>;</div>
+<div class="line"><a id="l00425" name="l00425"></a><span class="lineno">  425</span>        <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00426" name="l00426"></a><span class="lineno">  426</span>    }</div>
+<div class="line"><a id="l00427" name="l00427"></a><span class="lineno">  427</span><span class="preprocessor">#ifdef _DEBUG</span></div>
+<div class="line"><a id="l00428" name="l00428"></a><span class="lineno">  428</span>    std::string bits = cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#ad0c5e14eb1bb6d1bef2421752eb5e298">is64b</a> ? <span class="stringliteral">&quot;64&quot;</span> : <span class="stringliteral">&quot;32&quot;</span>;</div>
+<div class="line"><a id="l00429" name="l00429"></a><span class="lineno">  429</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;[&quot;</span> &lt;&lt; bits &lt;&lt; <span class="stringliteral">&quot;-bit] &quot;</span> &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot; Rip: &quot;</span> &lt;&lt; cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a6dc0bc061045467c3d71b6644adf68b4">rip</a> &lt;&lt; <span class="stringliteral">&quot; Rsp: &quot;</span> &lt;&lt; cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#ab19759b888e6034d29dcaf6cedeed9bd">rsp</a>;</div>
+<div class="line"><a id="l00430" name="l00430"></a><span class="lineno">  430</span>    <span class="keywordflow">if</span> (exit_code != STILL_ACTIVE) </div>
+<div class="line"><a id="l00431" name="l00431"></a><span class="lineno">  431</span>        std::cout &lt;&lt; <span class="stringliteral">&quot; ExitCode: &quot;</span> &lt;&lt; exit_code;</div>
+<div class="line"><a id="l00432" name="l00432"></a><span class="lineno">  432</span> </div>
+<div class="line"><a id="l00433" name="l00433"></a><span class="lineno">  433</span>    <span class="keywordflow">if</span> (cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a> != 0) {</div>
+<div class="line"><a id="l00434" name="l00434"></a><span class="lineno">  434</span>        std::cout &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot; Ret: &quot;</span> &lt;&lt; cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a>;</div>
 <div class="line"><a id="l00435" name="l00435"></a><span class="lineno">  435</span>    }</div>
-<div class="line"><a id="l00436" name="l00436"></a><span class="lineno">  436</span><span class="preprocessor">#ifdef _DEBUG</span></div>
-<div class="line"><a id="l00437" name="l00437"></a><span class="lineno">  437</span>    std::string bits = cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#ad0c5e14eb1bb6d1bef2421752eb5e298">is64b</a> ? <span class="stringliteral">&quot;64&quot;</span> : <span class="stringliteral">&quot;32&quot;</span>;</div>
-<div class="line"><a id="l00438" name="l00438"></a><span class="lineno">  438</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;[&quot;</span> &lt;&lt; bits &lt;&lt; <span class="stringliteral">&quot;-bit] &quot;</span> &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot; Rip: &quot;</span> &lt;&lt; cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a6dc0bc061045467c3d71b6644adf68b4">rip</a> &lt;&lt; <span class="stringliteral">&quot; Rsp: &quot;</span> &lt;&lt; cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#ab19759b888e6034d29dcaf6cedeed9bd">rsp</a>;</div>
-<div class="line"><a id="l00439" name="l00439"></a><span class="lineno">  439</span>    <span class="keywordflow">if</span> (exit_code != STILL_ACTIVE) </div>
-<div class="line"><a id="l00440" name="l00440"></a><span class="lineno">  440</span>        std::cout &lt;&lt; <span class="stringliteral">&quot; ExitCode: &quot;</span> &lt;&lt; exit_code;</div>
-<div class="line"><a id="l00441" name="l00441"></a><span class="lineno">  441</span> </div>
-<div class="line"><a id="l00442" name="l00442"></a><span class="lineno">  442</span>    <span class="keywordflow">if</span> (cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a> != 0) {</div>
-<div class="line"><a id="l00443" name="l00443"></a><span class="lineno">  443</span>        std::cout &lt;&lt; std::hex &lt;&lt; <span class="stringliteral">&quot; Ret: &quot;</span> &lt;&lt; cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a>;</div>
-<div class="line"><a id="l00444" name="l00444"></a><span class="lineno">  444</span>    }</div>
-<div class="line"><a id="l00445" name="l00445"></a><span class="lineno">  445</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
-<div class="line"><a id="l00446" name="l00446"></a><span class="lineno">  446</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00447" name="l00447"></a><span class="lineno">  447</span> </div>
-<div class="line"><a id="l00448" name="l00448"></a><span class="lineno">  448</span>    <span class="keywordflow">if</span> (exit_code != STILL_ACTIVE) {</div>
-<div class="line"><a id="l00449" name="l00449"></a><span class="lineno">  449</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
-<div class="line"><a id="l00450" name="l00450"></a><span class="lineno">  450</span>        <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00451" name="l00451"></a><span class="lineno">  451</span>    }</div>
-<div class="line"><a id="l00452" name="l00452"></a><span class="lineno">  452</span><span class="preprocessor">#ifdef _DEBUG</span></div>
-<div class="line"><a id="l00453" name="l00453"></a><span class="lineno">  453</span>    <span class="comment">// if compiled in a debug mode, make this check AFTER scan</span></div>
-<div class="line"><a id="l00454" name="l00454"></a><span class="lineno">  454</span>    <span class="comment">// (so that we can see first what was skipped)</span></div>
-<div class="line"><a id="l00455" name="l00455"></a><span class="lineno">  455</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a>(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>)) {</div>
-<div class="line"><a id="l00456" name="l00456"></a><span class="lineno">  456</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
-<div class="line"><a id="l00457" name="l00457"></a><span class="lineno">  457</span>        <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00458" name="l00458"></a><span class="lineno">  458</span>    }</div>
-<div class="line"><a id="l00459" name="l00459"></a><span class="lineno">  459</span><span class="preprocessor">#endif</span></div>
-<div class="line"><a id="l00460" name="l00460"></a><span class="lineno">  460</span> </div>
-<div class="line"><a id="l00461" name="l00461"></a><span class="lineno">  461</span>    is_shc = isAddrInShellcode(cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a6dc0bc061045467c3d71b6644adf68b4">rip</a>);</div>
-<div class="line"><a id="l00462" name="l00462"></a><span class="lineno">  462</span>    <span class="keywordflow">if</span> (is_shc) {</div>
-<div class="line"><a id="l00463" name="l00463"></a><span class="lineno">  463</span>        <span class="keywordflow">if</span> (reportSuspiciousAddr(my_report, cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a6dc0bc061045467c3d71b6644adf68b4">rip</a>)) {</div>
-<div class="line"><a id="l00464" name="l00464"></a><span class="lineno">  464</span>            <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00465" name="l00465"></a><span class="lineno">  465</span>        }</div>
-<div class="line"><a id="l00466" name="l00466"></a><span class="lineno">  466</span>    }</div>
-<div class="line"><a id="l00467" name="l00467"></a><span class="lineno">  467</span>    <span class="keywordflow">if</span> ((cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a> != 0) &amp;&amp; (cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a8add5038bb0b71c10646482ba2bbcaaa">is_managed</a> == <span class="keyword">false</span>)) {</div>
-<div class="line"><a id="l00468" name="l00468"></a><span class="lineno">  468</span>        is_shc = isAddrInShellcode(cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a>);</div>
-<div class="line"><a id="l00469" name="l00469"></a><span class="lineno">  469</span>        <span class="keywordflow">if</span> (is_shc) {</div>
-<div class="line"><a id="l00470" name="l00470"></a><span class="lineno">  470</span>            <span class="keywordflow">if</span> (reportSuspiciousAddr(my_report, cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a>)) {</div>
-<div class="line"><a id="l00471" name="l00471"></a><span class="lineno">  471</span>                <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00472" name="l00472"></a><span class="lineno">  472</span>            }</div>
-<div class="line"><a id="l00473" name="l00473"></a><span class="lineno">  473</span>        }</div>
-<div class="line"><a id="l00474" name="l00474"></a><span class="lineno">  474</span>    }</div>
-<div class="line"><a id="l00475" name="l00475"></a><span class="lineno">  475</span>    <span class="keywordflow">return</span> my_report;</div>
-<div class="line"><a id="l00476" name="l00476"></a><span class="lineno">  476</span>}</div>
+<div class="line"><a id="l00436" name="l00436"></a><span class="lineno">  436</span>    std::cout &lt;&lt; <span class="stringliteral">&quot;\n&quot;</span>;</div>
+<div class="line"><a id="l00437" name="l00437"></a><span class="lineno">  437</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00438" name="l00438"></a><span class="lineno">  438</span> </div>
+<div class="line"><a id="l00439" name="l00439"></a><span class="lineno">  439</span>    <span class="keywordflow">if</span> (exit_code != STILL_ACTIVE) {</div>
+<div class="line"><a id="l00440" name="l00440"></a><span class="lineno">  440</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
+<div class="line"><a id="l00441" name="l00441"></a><span class="lineno">  441</span>        <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00442" name="l00442"></a><span class="lineno">  442</span>    }</div>
+<div class="line"><a id="l00443" name="l00443"></a><span class="lineno">  443</span><span class="preprocessor">#ifdef _DEBUG</span></div>
+<div class="line"><a id="l00444" name="l00444"></a><span class="lineno">  444</span>    <span class="comment">// if compiled in a debug mode, make this check AFTER scan</span></div>
+<div class="line"><a id="l00445" name="l00445"></a><span class="lineno">  445</span>    <span class="comment">// (so that we can see first what was skipped)</span></div>
+<div class="line"><a id="l00446" name="l00446"></a><span class="lineno">  446</span>    <span class="keywordflow">if</span> (!<a class="code hl_function" href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a>(<a class="code hl_function" href="namespacepesieve.html#ac299ba917fb6598dc9de71516cf71c84">info</a>)) {</div>
+<div class="line"><a id="l00447" name="l00447"></a><span class="lineno">  447</span>        my_report-&gt;<a class="code hl_variable" href="classpesieve_1_1_module_scan_report.html#a10b0bdf16cb9e7af32e1ab9b35532f68">status</a> = <a class="code hl_enumvalue" href="namespacepesieve.html#a458a4723ce4aa55fd1033f3e36381883a898214572c7aff1aca29db4a3ec9856d">SCAN_NOT_SUSPICIOUS</a>;</div>
+<div class="line"><a id="l00448" name="l00448"></a><span class="lineno">  448</span>        <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00449" name="l00449"></a><span class="lineno">  449</span>    }</div>
+<div class="line"><a id="l00450" name="l00450"></a><span class="lineno">  450</span><span class="preprocessor">#endif</span></div>
+<div class="line"><a id="l00451" name="l00451"></a><span class="lineno">  451</span> </div>
+<div class="line"><a id="l00452" name="l00452"></a><span class="lineno">  452</span>    is_shc = isAddrInShellcode(cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a6dc0bc061045467c3d71b6644adf68b4">rip</a>);</div>
+<div class="line"><a id="l00453" name="l00453"></a><span class="lineno">  453</span>    <span class="keywordflow">if</span> (is_shc) {</div>
+<div class="line"><a id="l00454" name="l00454"></a><span class="lineno">  454</span>        <span class="keywordflow">if</span> (reportSuspiciousAddr(my_report, cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a6dc0bc061045467c3d71b6644adf68b4">rip</a>)) {</div>
+<div class="line"><a id="l00455" name="l00455"></a><span class="lineno">  455</span>            <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00456" name="l00456"></a><span class="lineno">  456</span>        }</div>
+<div class="line"><a id="l00457" name="l00457"></a><span class="lineno">  457</span>    }</div>
+<div class="line"><a id="l00458" name="l00458"></a><span class="lineno">  458</span>    <span class="keywordflow">if</span> ((cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a> != 0) &amp;&amp; (cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a8add5038bb0b71c10646482ba2bbcaaa">is_managed</a> == <span class="keyword">false</span>)) {</div>
+<div class="line"><a id="l00459" name="l00459"></a><span class="lineno">  459</span>        is_shc = isAddrInShellcode(cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a>);</div>
+<div class="line"><a id="l00460" name="l00460"></a><span class="lineno">  460</span>        <span class="keywordflow">if</span> (is_shc) {</div>
+<div class="line"><a id="l00461" name="l00461"></a><span class="lineno">  461</span>            <span class="keywordflow">if</span> (reportSuspiciousAddr(my_report, cDetails.<a class="code hl_variable" href="structpesieve_1_1__ctx__details.html#a4b5f5a030c362877e2772ab3493e0d6f">ret_addr</a>)) {</div>
+<div class="line"><a id="l00462" name="l00462"></a><span class="lineno">  462</span>                <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00463" name="l00463"></a><span class="lineno">  463</span>            }</div>
+<div class="line"><a id="l00464" name="l00464"></a><span class="lineno">  464</span>        }</div>
+<div class="line"><a id="l00465" name="l00465"></a><span class="lineno">  465</span>    }</div>
+<div class="line"><a id="l00466" name="l00466"></a><span class="lineno">  466</span>    <span class="keywordflow">return</span> my_report;</div>
+<div class="line"><a id="l00467" name="l00467"></a><span class="lineno">  467</span>}</div>
 </div>
 <div class="ttc" id="aclasspesieve_1_1_area_entropy_stats_html_a82df077a940d6870308d72ba39cbeec2"><div class="ttname"><a href="classpesieve_1_1_area_entropy_stats.html#a82df077a940d6870308d72ba39cbeec2">pesieve::AreaEntropyStats::entropy</a></div><div class="ttdeci">double entropy</div><div class="ttdef"><b>Definition</b> <a href="entropy__stats_8h_source.html#l00036">entropy_stats.h:36</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_area_stats_calculator_html"><div class="ttname"><a href="classpesieve_1_1_area_stats_calculator.html">pesieve::AreaStatsCalculator</a></div><div class="ttdoc">A class responsible for filling in the statistics with the data from the particular buffer.</div><div class="ttdef"><b>Definition</b> <a href="stats_8h_source.html#l00073">stats.h:73</a></div></div>
@@ -621,16 +612,16 @@
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_a6d190b1f19a3a9fe2c81cd18abb6a72f"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#a6d190b1f19a3a9fe2c81cd18abb6a72f">pesieve::ThreadScanReport::translate_wait_reason</a></div><div class="ttdeci">static std::string translate_wait_reason(DWORD thread_wait_reason)</div><div class="ttdef"><b>Definition</b> <a href="#l00087">thread_scanner.cpp:87</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_aa4cc4cdcfd7be649a00dd57d46b70317"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">pesieve::ThreadScanReport::thread_state</a></div><div class="ttdeci">DWORD thread_state</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8h_source.html#l00075">thread_scanner.h:75</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_acfe24bd84475b4de990f163e131a99e4"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#acfe24bd84475b4de990f163e131a99e4">pesieve::ThreadScanReport::thread_wait_reason</a></div><div class="ttdeci">DWORD thread_wait_reason</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8h_source.html#l00076">thread_scanner.h:76</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_af30839203957e838bc299232e05ab735"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">pesieve::ThreadScanReport::translate_thread_state</a></div><div class="ttdeci">static std::string translate_thread_state(DWORD thread_state)</div><div class="ttdef"><b>Definition</b> <a href="#l00101">thread_scanner.cpp:101</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a23839353374eedcda7c92b0c7ce6b3bf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a></div><div class="ttdeci">virtual ThreadScanReport * scanRemote()</div><div class="ttdef"><b>Definition</b> <a href="#l00391">thread_scanner.cpp:391</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a36850edb808d4be733631fa2bcd3b7b4"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">pesieve::ThreadScanner::reportSuspiciousAddr</a></div><div class="ttdeci">bool reportSuspiciousAddr(ThreadScanReport *my_report, ULONGLONG susp_addr)</div><div class="ttdef"><b>Definition</b> <a href="#l00331">thread_scanner.cpp:331</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a69820b7fd6f60e4f136b6d71e03cb28d"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">pesieve::ThreadScanner::fillStackFrameInfo</a></div><div class="ttdeci">size_t fillStackFrameInfo(IN HANDLE hProcess, IN HANDLE hThread, IN LPVOID ctx, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="#l00176">thread_scanner.cpp:176</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a75c0be0ec6ea82b700f3ca5e846a0675"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">pesieve::ThreadScanner::printThreadInfo</a></div><div class="ttdeci">void printThreadInfo(const util::thread_info &amp;threadi)</div><div class="ttdef"><b>Definition</b> <a href="#l00287">thread_scanner.cpp:287</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a79df00ed9c178f7eab47cbb8ee43dd42"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">pesieve::ThreadScanner::fillAreaStats</a></div><div class="ttdeci">bool fillAreaStats(ThreadScanReport *my_report)</div><div class="ttdef"><b>Definition</b> <a href="#l00318">thread_scanner.cpp:318</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a912120f6549a8b27c3e8166ccd2511cf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">pesieve::ThreadScanner::isAddrInShellcode</a></div><div class="ttdeci">bool isAddrInShellcode(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="#l00245">thread_scanner.cpp:245</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ab1cc74daf162025643c225c29cd8225b"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">pesieve::ThreadScanner::fetchThreadCtxDetails</a></div><div class="ttdeci">bool fetchThreadCtxDetails(IN HANDLE hProcess, IN HANDLE hThread, OUT ctx_details &amp;c)</div><div class="ttdef"><b>Definition</b> <a href="#l00211">thread_scanner.cpp:211</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ac35db3f1ec2765f9dda550b04f0cb9ee"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">pesieve::ThreadScanner::printResolvedAddr</a></div><div class="ttdeci">bool printResolvedAddr(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="#l00257">thread_scanner.cpp:257</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ae67285f50239657076a865f1b2d82ed7"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">pesieve::ThreadScanner::analyzeStackFrames</a></div><div class="ttdeci">size_t analyzeStackFrames(IN const std::vector&lt; ULONGLONG &gt; stack_frame, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="#l00122">thread_scanner.cpp:122</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_af30839203957e838bc299232e05ab735"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">pesieve::ThreadScanReport::translate_thread_state</a></div><div class="ttdeci">static std::string translate_thread_state(DWORD thread_state)</div><div class="ttdef"><b>Definition</b> <a href="#l00103">thread_scanner.cpp:103</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a23839353374eedcda7c92b0c7ce6b3bf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a></div><div class="ttdeci">virtual ThreadScanReport * scanRemote()</div><div class="ttdef"><b>Definition</b> <a href="#l00382">thread_scanner.cpp:382</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a36850edb808d4be733631fa2bcd3b7b4"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">pesieve::ThreadScanner::reportSuspiciousAddr</a></div><div class="ttdeci">bool reportSuspiciousAddr(ThreadScanReport *my_report, ULONGLONG susp_addr)</div><div class="ttdef"><b>Definition</b> <a href="#l00333">thread_scanner.cpp:333</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a69820b7fd6f60e4f136b6d71e03cb28d"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">pesieve::ThreadScanner::fillStackFrameInfo</a></div><div class="ttdeci">size_t fillStackFrameInfo(IN HANDLE hProcess, IN HANDLE hThread, IN LPVOID ctx, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="#l00178">thread_scanner.cpp:178</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a75c0be0ec6ea82b700f3ca5e846a0675"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">pesieve::ThreadScanner::printThreadInfo</a></div><div class="ttdeci">void printThreadInfo(const util::thread_info &amp;threadi)</div><div class="ttdef"><b>Definition</b> <a href="#l00289">thread_scanner.cpp:289</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a79df00ed9c178f7eab47cbb8ee43dd42"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">pesieve::ThreadScanner::fillAreaStats</a></div><div class="ttdeci">bool fillAreaStats(ThreadScanReport *my_report)</div><div class="ttdef"><b>Definition</b> <a href="#l00320">thread_scanner.cpp:320</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a912120f6549a8b27c3e8166ccd2511cf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">pesieve::ThreadScanner::isAddrInShellcode</a></div><div class="ttdeci">bool isAddrInShellcode(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="#l00247">thread_scanner.cpp:247</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ab1cc74daf162025643c225c29cd8225b"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">pesieve::ThreadScanner::fetchThreadCtxDetails</a></div><div class="ttdeci">bool fetchThreadCtxDetails(IN HANDLE hProcess, IN HANDLE hThread, OUT ctx_details &amp;c)</div><div class="ttdef"><b>Definition</b> <a href="#l00213">thread_scanner.cpp:213</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ac35db3f1ec2765f9dda550b04f0cb9ee"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">pesieve::ThreadScanner::printResolvedAddr</a></div><div class="ttdeci">bool printResolvedAddr(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="#l00259">thread_scanner.cpp:259</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ae67285f50239657076a865f1b2d82ed7"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">pesieve::ThreadScanner::analyzeStackFrames</a></div><div class="ttdeci">size_t analyzeStackFrames(IN const std::vector&lt; ULONGLONG &gt; stack_frame, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="#l00124">thread_scanner.cpp:124</a></div></div>
 <div class="ttc" id="amempage__data_8h_html"><div class="ttname"><a href="mempage__data_8h.html">mempage_data.h</a></div></div>
 <div class="ttc" id="anamespacepesieve_1_1util_html_a43b6faf00b6a97279f2d67f4a3fd2513"><div class="ttname"><a href="namespacepesieve_1_1util.html#a43b6faf00b6a97279f2d67f4a3fd2513">pesieve::util::is_process_wow64</a></div><div class="ttdeci">BOOL is_process_wow64(IN HANDLE processHandle, OUT BOOL *isProcWow64)</div><div class="ttdef"><b>Definition</b> <a href="process__util_8cpp_source.html#l00027">process_util.cpp:27</a></div></div>
 <div class="ttc" id="anamespacepesieve_1_1util_html_adafdd61439fc2750cec84fb15d59ecf8"><div class="ttname"><a href="namespacepesieve_1_1util.html#adafdd61439fc2750cec84fb15d59ecf8">pesieve::util::wow64_get_thread_context</a></div><div class="ttdeci">BOOL wow64_get_thread_context(IN HANDLE hThread, IN OUT PWOW64_CONTEXT lpContext)</div><div class="ttdef"><b>Definition</b> <a href="process__util_8cpp_source.html#l00073">process_util.cpp:73</a></div></div>
@@ -667,10 +658,10 @@
 <div class="ttc" id="astructpesieve_1_1util_1_1__thread__info_html_a8ec77c6fa5aa1dc71802d52afdc37386"><div class="ttname"><a href="structpesieve_1_1util_1_1__thread__info.html#a8ec77c6fa5aa1dc71802d52afdc37386">pesieve::util::_thread_info::is_extended</a></div><div class="ttdeci">bool is_extended</div><div class="ttdef"><b>Definition</b> <a href="threads__util_8h_source.html#l00038">threads_util.h:38</a></div></div>
 <div class="ttc" id="astructpesieve_1_1util_1_1__thread__info_html_aa8f037bcc48e97319145006c5ceef188"><div class="ttname"><a href="structpesieve_1_1util_1_1__thread__info.html#aa8f037bcc48e97319145006c5ceef188">pesieve::util::_thread_info::ext</a></div><div class="ttdeci">thread_info_ext ext</div><div class="ttdef"><b>Definition</b> <a href="threads__util_8h_source.html#l00039">threads_util.h:39</a></div></div>
 <div class="ttc" id="athread__scanner_8cpp_html_a5fd1bfb68319bb2bf608046d60a2e7a0"><div class="ttname"><a href="thread__scanner_8cpp.html#a5fd1bfb68319bb2bf608046d60a2e7a0">t_stack_enum_params</a></div><div class="ttdeci">struct _t_stack_enum_params t_stack_enum_params</div></div>
-<div class="ttc" id="athread__scanner_8cpp_html_a7b9ade21d4de016d2a048bf6cc42dbc0"><div class="ttname"><a href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">get_page_details</a></div><div class="ttdeci">bool get_page_details(HANDLE processHandle, LPVOID start_va, MEMORY_BASIC_INFORMATION &amp;page_info)</div><div class="ttdef"><b>Definition</b> <a href="#l00305">thread_scanner.cpp:305</a></div></div>
+<div class="ttc" id="athread__scanner_8cpp_html_a7b9ade21d4de016d2a048bf6cc42dbc0"><div class="ttname"><a href="thread__scanner_8cpp.html#a7b9ade21d4de016d2a048bf6cc42dbc0">get_page_details</a></div><div class="ttdeci">bool get_page_details(HANDLE processHandle, LPVOID start_va, MEMORY_BASIC_INFORMATION &amp;page_info)</div><div class="ttdef"><b>Definition</b> <a href="#l00307">thread_scanner.cpp:307</a></div></div>
 <div class="ttc" id="athread__scanner_8cpp_html_aae9f172c5997c8651c566511823bb19e"><div class="ttname"><a href="thread__scanner_8cpp.html#aae9f172c5997c8651c566511823bb19e">enum_stack_thread</a></div><div class="ttdeci">DWORD WINAPI enum_stack_thread(LPVOID lpParam)</div><div class="ttdef"><b>Definition</b> <a href="#l00036">thread_scanner.cpp:36</a></div></div>
 <div class="ttc" id="athread__scanner_8cpp_html_acaf6cb2ff8299b9b3c55905f936d38a9"><div class="ttname"><a href="thread__scanner_8cpp.html#acaf6cb2ff8299b9b3c55905f936d38a9">ENTROPY_TRESHOLD</a></div><div class="ttdeci">#define ENTROPY_TRESHOLD</div><div class="ttdef"><b>Definition</b> <a href="#l00009">thread_scanner.cpp:9</a></div></div>
-<div class="ttc" id="athread__scanner_8cpp_html_acde231c42b9527dcc026402dcb8b9d87"><div class="ttname"><a href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a></div><div class="ttdeci">bool should_scan_context(const util::thread_info &amp;info)</div><div class="ttdef"><b>Definition</b> <a href="#l00362">thread_scanner.cpp:362</a></div></div>
+<div class="ttc" id="athread__scanner_8cpp_html_acde231c42b9527dcc026402dcb8b9d87"><div class="ttname"><a href="thread__scanner_8cpp.html#acde231c42b9527dcc026402dcb8b9d87">should_scan_context</a></div><div class="ttdeci">bool should_scan_context(const util::thread_info &amp;info)</div><div class="ttdef"><b>Definition</b> <a href="#l00364">thread_scanner.cpp:364</a></div></div>
 <div class="ttc" id="athread__scanner_8h_html"><div class="ttname"><a href="thread__scanner_8h.html">thread_scanner.h</a></div></div>
 </div><!-- fragment --></div><!-- contents -->
 <!-- start footer part -->
diff --git a/thread__scanner_8h_source.html b/thread__scanner_8h_source.html
index d88524d2d..0e555e688 100644
--- a/thread__scanner_8h_source.html
+++ b/thread__scanner_8h_source.html
@@ -266,23 +266,23 @@
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_aa4cc4cdcfd7be649a00dd57d46b70317"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#aa4cc4cdcfd7be649a00dd57d46b70317">pesieve::ThreadScanReport::thread_state</a></div><div class="ttdeci">DWORD thread_state</div><div class="ttdef"><b>Definition</b> <a href="#l00075">thread_scanner.h:75</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_acfe24bd84475b4de990f163e131a99e4"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#acfe24bd84475b4de990f163e131a99e4">pesieve::ThreadScanReport::thread_wait_reason</a></div><div class="ttdeci">DWORD thread_wait_reason</div><div class="ttdef"><b>Definition</b> <a href="#l00076">thread_scanner.h:76</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_af00f4e4ed6eb563a6e55c651e1bb552f"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#af00f4e4ed6eb563a6e55c651e1bb552f">pesieve::ThreadScanReport::toJSON</a></div><div class="ttdeci">virtual const bool toJSON(std::stringstream &amp;outs, size_t level, const pesieve::t_json_level &amp;jdetails)</div><div class="ttdef"><b>Definition</b> <a href="#l00063">thread_scanner.h:63</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_af30839203957e838bc299232e05ab735"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">pesieve::ThreadScanReport::translate_thread_state</a></div><div class="ttdeci">static std::string translate_thread_state(DWORD thread_state)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00101">thread_scanner.cpp:101</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scan_report_html_af30839203957e838bc299232e05ab735"><div class="ttname"><a href="classpesieve_1_1_thread_scan_report.html#af30839203957e838bc299232e05ab735">pesieve::ThreadScanReport::translate_thread_state</a></div><div class="ttdeci">static std::string translate_thread_state(DWORD thread_state)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00103">thread_scanner.cpp:103</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html">pesieve::ThreadScanner</a></div><div class="ttdef"><b>Definition</b> <a href="#l00109">thread_scanner.h:109</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a0b863bc69b85ae721666a1e3c6116937"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a0b863bc69b85ae721666a1e3c6116937">pesieve::ThreadScanner::ThreadScanner</a></div><div class="ttdeci">ThreadScanner(HANDLE hProc, bool _isReflection, const util::thread_info &amp;_info, ModulesInfo &amp;_modulesInfo, peconv::ExportsMapper *_exportsMap, ProcessSymbolsManager *_symbols)</div><div class="ttdef"><b>Definition</b> <a href="#l00111">thread_scanner.h:111</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a121637d2eb96737a16a8bd43d5017d2a"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a121637d2eb96737a16a8bd43d5017d2a">pesieve::ThreadScanner::isReflection</a></div><div class="ttdeci">bool isReflection</div><div class="ttdef"><b>Definition</b> <a href="#l00130">thread_scanner.h:130</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a23839353374eedcda7c92b0c7ce6b3bf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a></div><div class="ttdeci">virtual ThreadScanReport * scanRemote()</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00391">thread_scanner.cpp:391</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a36850edb808d4be733631fa2bcd3b7b4"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">pesieve::ThreadScanner::reportSuspiciousAddr</a></div><div class="ttdeci">bool reportSuspiciousAddr(ThreadScanReport *my_report, ULONGLONG susp_addr)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00331">thread_scanner.cpp:331</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a69820b7fd6f60e4f136b6d71e03cb28d"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">pesieve::ThreadScanner::fillStackFrameInfo</a></div><div class="ttdeci">size_t fillStackFrameInfo(IN HANDLE hProcess, IN HANDLE hThread, IN LPVOID ctx, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00176">thread_scanner.cpp:176</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a75c0be0ec6ea82b700f3ca5e846a0675"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">pesieve::ThreadScanner::printThreadInfo</a></div><div class="ttdeci">void printThreadInfo(const util::thread_info &amp;threadi)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00287">thread_scanner.cpp:287</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a79df00ed9c178f7eab47cbb8ee43dd42"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">pesieve::ThreadScanner::fillAreaStats</a></div><div class="ttdeci">bool fillAreaStats(ThreadScanReport *my_report)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00318">thread_scanner.cpp:318</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a912120f6549a8b27c3e8166ccd2511cf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">pesieve::ThreadScanner::isAddrInShellcode</a></div><div class="ttdeci">bool isAddrInShellcode(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00245">thread_scanner.cpp:245</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a23839353374eedcda7c92b0c7ce6b3bf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a23839353374eedcda7c92b0c7ce6b3bf">pesieve::ThreadScanner::scanRemote</a></div><div class="ttdeci">virtual ThreadScanReport * scanRemote()</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00382">thread_scanner.cpp:382</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a36850edb808d4be733631fa2bcd3b7b4"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a36850edb808d4be733631fa2bcd3b7b4">pesieve::ThreadScanner::reportSuspiciousAddr</a></div><div class="ttdeci">bool reportSuspiciousAddr(ThreadScanReport *my_report, ULONGLONG susp_addr)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00333">thread_scanner.cpp:333</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a69820b7fd6f60e4f136b6d71e03cb28d"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a69820b7fd6f60e4f136b6d71e03cb28d">pesieve::ThreadScanner::fillStackFrameInfo</a></div><div class="ttdeci">size_t fillStackFrameInfo(IN HANDLE hProcess, IN HANDLE hThread, IN LPVOID ctx, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00178">thread_scanner.cpp:178</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a75c0be0ec6ea82b700f3ca5e846a0675"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a75c0be0ec6ea82b700f3ca5e846a0675">pesieve::ThreadScanner::printThreadInfo</a></div><div class="ttdeci">void printThreadInfo(const util::thread_info &amp;threadi)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00289">thread_scanner.cpp:289</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a79df00ed9c178f7eab47cbb8ee43dd42"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a79df00ed9c178f7eab47cbb8ee43dd42">pesieve::ThreadScanner::fillAreaStats</a></div><div class="ttdeci">bool fillAreaStats(ThreadScanReport *my_report)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00320">thread_scanner.cpp:320</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_a912120f6549a8b27c3e8166ccd2511cf"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#a912120f6549a8b27c3e8166ccd2511cf">pesieve::ThreadScanner::isAddrInShellcode</a></div><div class="ttdeci">bool isAddrInShellcode(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00247">thread_scanner.cpp:247</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_aa32fde697d92f5f545c9d2faa5ade268"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#aa32fde697d92f5f545c9d2faa5ade268">pesieve::ThreadScanner::exportsMap</a></div><div class="ttdeci">peconv::ExportsMapper * exportsMap</div><div class="ttdef"><b>Definition</b> <a href="#l00133">thread_scanner.h:133</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_aa4261219925db9cf54c61714dc5234b9"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#aa4261219925db9cf54c61714dc5234b9">pesieve::ThreadScanner::info</a></div><div class="ttdeci">const util::thread_info &amp; info</div><div class="ttdef"><b>Definition</b> <a href="#l00131">thread_scanner.h:131</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ab1cc74daf162025643c225c29cd8225b"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">pesieve::ThreadScanner::fetchThreadCtxDetails</a></div><div class="ttdeci">bool fetchThreadCtxDetails(IN HANDLE hProcess, IN HANDLE hThread, OUT ctx_details &amp;c)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00211">thread_scanner.cpp:211</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ac35db3f1ec2765f9dda550b04f0cb9ee"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">pesieve::ThreadScanner::printResolvedAddr</a></div><div class="ttdeci">bool printResolvedAddr(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00257">thread_scanner.cpp:257</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ab1cc74daf162025643c225c29cd8225b"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ab1cc74daf162025643c225c29cd8225b">pesieve::ThreadScanner::fetchThreadCtxDetails</a></div><div class="ttdeci">bool fetchThreadCtxDetails(IN HANDLE hProcess, IN HANDLE hThread, OUT ctx_details &amp;c)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00213">thread_scanner.cpp:213</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ac35db3f1ec2765f9dda550b04f0cb9ee"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ac35db3f1ec2765f9dda550b04f0cb9ee">pesieve::ThreadScanner::printResolvedAddr</a></div><div class="ttdeci">bool printResolvedAddr(ULONGLONG addr)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00259">thread_scanner.cpp:259</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ad455f81b20ec49dc2968d6f2db67ae13"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ad455f81b20ec49dc2968d6f2db67ae13">pesieve::ThreadScanner::symbols</a></div><div class="ttdeci">ProcessSymbolsManager * symbols</div><div class="ttdef"><b>Definition</b> <a href="#l00134">thread_scanner.h:134</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ae52ae17b09541a02b7be5c288eb220fd"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ae52ae17b09541a02b7be5c288eb220fd">pesieve::ThreadScanner::modulesInfo</a></div><div class="ttdeci">ModulesInfo &amp; modulesInfo</div><div class="ttdef"><b>Definition</b> <a href="#l00132">thread_scanner.h:132</a></div></div>
-<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ae67285f50239657076a865f1b2d82ed7"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">pesieve::ThreadScanner::analyzeStackFrames</a></div><div class="ttdeci">size_t analyzeStackFrames(IN const std::vector&lt; ULONGLONG &gt; stack_frame, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00122">thread_scanner.cpp:122</a></div></div>
+<div class="ttc" id="aclasspesieve_1_1_thread_scanner_html_ae67285f50239657076a865f1b2d82ed7"><div class="ttname"><a href="classpesieve_1_1_thread_scanner.html#ae67285f50239657076a865f1b2d82ed7">pesieve::ThreadScanner::analyzeStackFrames</a></div><div class="ttdeci">size_t analyzeStackFrames(IN const std::vector&lt; ULONGLONG &gt; stack_frame, IN OUT ctx_details &amp;cDetails)</div><div class="ttdef"><b>Definition</b> <a href="thread__scanner_8cpp_source.html#l00124">thread_scanner.cpp:124</a></div></div>
 <div class="ttc" id="aclasspesieve_1_1t__json__level_html"><div class="ttname"><a href="classpesieve_1_1t__json__level.html">pesieve.t_json_level</a></div><div class="ttdef"><b>Definition</b> <a href="pesieve_8py_source.html#l00082">pesieve.py:82</a></div></div>
 <div class="ttc" id="aentropy__stats_8h_html"><div class="ttname"><a href="entropy__stats_8h.html">entropy_stats.h</a></div></div>
 <div class="ttc" id="aformat__util_8h_html_af8c1dc1f3ee7d070821c2490bba01a84"><div class="ttname"><a href="format__util_8h.html#af8c1dc1f3ee7d070821c2490bba01a84">OUT_PADDED</a></div><div class="ttdeci">#define OUT_PADDED(stream, field_size, str)</div><div class="ttdef"><b>Definition</b> <a href="format__util_8h_source.html#l00012">format_util.h:12</a></div></div>