Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ClickShare-Extension-Pack-01.01.02.0007.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: ClickShare Extension Pack, Author: Barco N.V., Keywords: Installer, Comments: Windows Installer Package,
Template: Intel;1033, Revision Number: {A1C10D50-773A-4B79-B97F-11DA2C6B622E}, Create Time/Date: Mon Jul 15 15:43:38 2019,
Last Saved Time/Date: Mon Jul 15 15:43:38 2019, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows
Installer XML Toolset (3.11.1.2318), Security: 2
|
initial sample
|
||
|
C:\Config.Msi\3f0638.rbs
|
data
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\MirrorOpDisplay.inf
|
Windows setup INFormation
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\MirrorOpSetup32.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\MirrorOpSetup64.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\amd64\MirrorOpVirtualDisplay1_0.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\amd64\MirrorOpVirtualDisplay1_2.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\mirroropdisplay.cat
|
data
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\x86\MirrorOpVirtualDisplay1_0.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\x86\MirrorOpVirtualDisplay1_2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Launcher\clicksharelauncher.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
dropped
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Launcher\eula.txt
|
Unicode text, UTF-8 (with BOM) text, with very long lines (2531), with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barco\ClickShare Launcher\ClickShare Launcher.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Icon number=0, Archive, ctime=Mon Dec 10 13:48:28 2018, mtime=Thu Apr 18 07:08:25 2024, atime=Mon Dec 10 13:48:28
2018, length=4887168, window=hide
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\ClickShare Launcher.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working
directory, Icon number=0, Archive, ctime=Mon Dec 10 13:48:28 2018, mtime=Thu Apr 18 07:08:32 2024, atime=Mon Dec 10 13:48:28
2018, length=4887168, window=hide
|
dropped
|
||
|
C:\Users\Public\MirrorOpDisplaySetup.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\MirrorOpDisplay.inf (copy)
|
Windows setup INFormation
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\SET1368.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\SET1379.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\SET1389.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\amd64\MirrorOpVirtualDisplay1_0.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\amd64\MirrorOpVirtualDisplay1_2.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\amd64\SET11D0.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\amd64\SET1338.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\mirroropdisplay.cat (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\mirroropdisplay.inf (copy)
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\INF\c_display.PNF
|
Windows Precompiled iNF, version 3.3 (Windows 10), flags 0x1000083, unicoded, has strings, at 0x15b8 "Signature", at 0x68
WinDirPath, LanguageID 809, at 0x80 language en-GB
|
dropped
|
||
|
C:\Windows\INF\oem4.inf
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\INF\setupapi.dev.log
|
Generic INItialization configuration [BeginLog]
|
dropped
|
||
|
C:\Windows\Installer\3f0637.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: ClickShare Extension Pack, Author: Barco N.V., Keywords: Installer, Comments: Windows Installer Package,
Template: Intel;1033, Revision Number: {A1C10D50-773A-4B79-B97F-11DA2C6B622E}, Create Time/Date: Mon Jul 15 15:43:38 2019,
Last Saved Time/Date: Mon Jul 15 15:43:38 2019, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows
Installer XML Toolset (3.11.1.2318), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\3f0639.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: ClickShare Extension Pack, Author: Barco N.V., Keywords: Installer, Comments: Windows Installer Package,
Template: Intel;1033, Revision Number: {A1C10D50-773A-4B79-B97F-11DA2C6B622E}, Create Time/Date: Mon Jul 15 15:43:38 2019,
Last Saved Time/Date: Mon Jul 15 15:43:38 2019, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows
Installer XML Toolset (3.11.1.2318), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI3067.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
modified
|
||
|
C:\Windows\Installer\MSI8A8.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIB49.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSIB79.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}\icon.ico
|
MS Windows icon resource - 12 icons, 32x32, 16 colors, 4 bits/pixel, 24x24, 16 colors, 4 bits/pixel
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\MirrorOpDisplay.inf (copy)
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\SET15C9.tmp
|
data
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\SET15DA.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\amd64\MirrorOpVirtualDisplay1_0.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\amd64\MirrorOpVirtualDisplay1_2.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\amd64\SET1589.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\amd64\SET15A9.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\DriverStore\Temp\{3266e6e3-1dae-6a44-ae19-9eb3e91a1693}\mirroropdisplay.cat (copy)
|
data
|
dropped
|
||
|
C:\Windows\System32\catroot2\dberr.txt
|
ASCII text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\System32\drivers\UMDF\MirrorOpVirtualDisplay1_2.dll (copy)
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\System32\drivers\UMDF\SET2037.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Windows\Temp\OLD1385.tmp
|
Windows setup INFormation
|
dropped
|
||
|
C:\Windows\Temp\~DF08AF466AEAFFBC07.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF21BE1F1C4D225319.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF26FF837C867FF7CB.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF36111E347B1C4CFF.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF47AF7CDC4C892ABB.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF4C187777D30217DE.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF6A4101373F233987.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFA1094AAB77BE8A5A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFB07B93CBC711E9BF.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFBCDDB9DEE7E8C601.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD4D8D4C41B47BCFF.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFDF1B04CD2A8092BB.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 52 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\ClickShare-Extension-Pack-01.01.02.0007.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding E6B16BCC263E80D188A4984C7B267598
|
||
|
C:\Windows\SysWOW64\taskkill.exe
|
"C:\Windows\SysWOW64\taskkill.exe" /F /IM clicksharelauncher.exe
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\System32\MsiExec.exe -Embedding F4B6C0AC556B4BDBCA932BA88603FA42
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\MirrorOpSetup64.exe
|
"C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\MirrorOpSetup64.exe" install
|
||
|
C:\Windows\System32\drvinst.exe
|
DrvInst.exe "4" "0" "C:\Users\user\AppData\Local\Temp\{6d6f95e9-2155-cb49-8d2b-437f70f9d0f7}\MirrorOpDisplay.inf" "9" "4208fae43"
"0000000000000154" "WinSta0\Default" "000000000000016C" "208" "C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended
Desktop Driver\IDDCx"
|
||
|
C:\Windows\System32\drvinst.exe
|
DrvInst.exe "2" "1" "ROOT\DISPLAY\0000" "C:\Windows\System32\DriverStore\FileRepository\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\mirroropdisplay.inf"
"oem4.inf:*:*:1.1.174.61:Root\VID_MIRROROP_VIRTUAL_DISPLAY_0001," "4208fae43" "0000000000000168"
|
||
|
C:\Windows\System32\drivers\WUDFRd.sys
|
|||
|
C:\Windows\System32\drivers\IndirectKmd.sys
|
|||
|
C:\Windows\System32\WUDFHost.exe
|
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-35dc3092-997a-462b-8ee0-c4c46c580d41
-SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2348cb75-16eb-4e88-aea2-36cde2ec3571 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-8f9a7ac6-e24f-4275-b4e5-c5e16ce5d6a7
-NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-34c938a5-6219-4a04-8fb5-f0a5c593a835 -LifetimeId:f1058ddd-615d-4a9e-a592-7cb571a1dced
-DeviceGroupId:v3DDKIndirectGroup -HostArg:0
|
||
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Launcher\clicksharelauncher.exe
|
"C:\Program Files (x86)\Barco\ClickShare Extension Pack\Launcher\clicksharelauncher.exe"
|
There are 3 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://doc.qt.io/qt-5/lgpl.html
|
unknown
|
||
|
http://www.phreedom.org/md5)08:27
|
unknown
|
||
|
https://github.com/certnanny/sscep/blob/master/COPYRIGHT
|
unknown
|
||
|
http://perldoc.perl.org/perlartistic.html
|
unknown
|
||
|
https://opensource.org/licenses/MIT
|
unknown
|
||
|
http://www.gnu.org/licenses/old-licenses/gpl-1.0.html
|
unknown
|
||
|
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
unknown
|
||
|
https://wiki.gnome.org/FoundationBoard/Resources/LicensingAgreement
|
unknown
|
||
|
http://opensource.org/licenses/BSD-3-Clause
|
unknown
|
||
|
https://osdn.jp/cvs/view/efont/sazanami/README
|
unknown
|
||
|
http://ftp.gnu.org/non-gnu/chinese-fonts-truetype/LICENSE
|
unknown
|
||
|
https://www.gnu.org/licenses/gpl.html
|
unknown
|
||
|
http://bugreports.qt.io/
|
unknown
|
||
|
http://www.openssl.org/support/faq.html
|
unknown
|
||
|
http://www.openssl.org/source/license.html
|
unknown
|
||
|
https://github.com/ablanco/jquery.pwstrength.bootstrap/commit/19480555e8c7c2f417d78a78dac63056fa221f
|
unknown
|
||
|
http://dejavu-fonts.org/wiki/License
|
unknown
|
||
|
https://opensource.org/licenses/BSD-3-Clause
|
unknown
|
||
|
https://github.com/nnnick/Chart.js/blob/master/LICENSE.md
|
unknown
|
||
|
http://metadata.ftp-master.debian.org/changelogs//main/t/ttf-sazanami/ttf-sazanami_20040629-8_copyri
|
unknown
|
||
|
https://github.com/EvanHahn/HumanizeDuration.js
|
unknown
|
||
|
http://www.denx.de/wiki/U-Boot/Licensing
|
unknown
|
||
|
https://github.com/ablanco/jquery.pwstrength.bootstrap/blob/master/GPL-LICENSE.txt
|
unknown
|
||
|
https://github.com/twbs/bootstrap/blob/master/LICENSE
|
unknown
|
||
|
http://www.phreedom.org/md5)
|
unknown
|
||
|
https://github.com/hayageek/jquery-upload-file
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
https://raw.github.com/joyent/node/v0.10.26/LICENSE
|
unknown
|
||
|
http://opensource.org/licenses/mit-license.php
|
unknown
|
||
|
https://github.com/scottjehl/Respond/blob/master/LICENSE-MIT
|
unknown
|
||
|
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
|
unknown
|
||
|
http://bugreports.qt.io/finishedMicrosoft-IIS/4.Microsoft-IIS/5.Netscape-Enterprise/3.WebLogicRocket
|
unknown
|
||
|
https://jquery.org/license/
|
unknown
|
||
|
http://freetype.sourceforge.net/FTL.TXT
|
unknown
|
||
|
http://www.gnu.org/copyleft/fdl.html
|
unknown
|
||
|
http://opensource.org/licenses/MIT
|
unknown
|
||
|
http://www.cryptopp.com/License.txt
|
unknown
|
||
|
http://creativecommons.org/licenses/by-sa/3.0/
|
unknown
|
||
|
http://opensource.org/licenses/GPL-2.0
|
unknown
|
||
|
http://www.libpng.org/pub/png/src/libpng-LICENSE.txt
|
unknown
|
||
|
http://www.gnu.org/licenses/lgpl.html
|
unknown
|
||
|
http://www.php.net/license/3_01.txt
|
unknown
|
||
|
http://metadata.ftp-master.debian.org/changelogs//main/libs/libsm/libsm_1.2.2-1_copyright
|
unknown
|
||
|
http://changelogs.ubuntu.com/changelogs/pool/main/p/pixman/pixman_0.10.0-0ubuntu1/libpixman-1-0.copy
|
unknown
|
||
|
http://www.gnu.org/licenses/gpl.txt
|
unknown
|
||
|
http://opensource.org/licenses/bsd-license.php
|
unknown
|
||
|
https://github.com/moment/moment/
|
unknown
|
||
|
https://github.com/malsup/form#copyright-and-license
|
unknown
|
||
|
http://www.gnu.org/licenses/gpl.html
|
unknown
|
||
|
http://opensource.org/licenses/ISC
|
unknown
|
||
|
http://srp.stanford.edu/license.txt
|
unknown
|
||
|
http://github.com/aFarkas/html5shiv/blob/master/MIT%20and%20GPL2%20licenses.md
|
unknown
|
There are 42 hidden URLs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
GlobalAssocChangedCounter
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\3f0638.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\3f0638.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8B4A6250193FDD4488BEE2D6F965DF3A
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56A6030887D736543889BC20C840D640
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69DD56A507DE6974FB89AB689A99822F
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B5D668D94862824EB2DC0BC42513A36
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B3B6554D889F0E44A89149AFB2772EB6
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2D15DB8DA1A7154FBF89C974BB149B3
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Launcher\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\amd64\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Barco\ClickShare Extension Pack\Extended Desktop Driver\IDDCx\x86\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Windows\Installer\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barco\ClickShare Launcher\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barco\
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Barco\ClickShare Launcher
|
installed
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Barco\ClickShare Launcher
|
shortcut
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A704887F813C5424D9080415C0173160
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA1F9CF3-F74D-4EBD-82DA-12D07064FA5C}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\3FC9F1AAD47FDBE428AD210D0746AFC5
|
ExtendedDesktopDriverFeature.IDDCx
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\Features
|
ExtendedDesktopDriverFeature.IDDCx
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\3FC9F1AAD47FDBE428AD210D0746AFC5
|
LauncherFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\Features
|
LauncherFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\3FC9F1AAD47FDBE428AD210D0746AFC5
|
ExtendedDesktopDriverFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\Features
|
ExtendedDesktopDriverFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
ProductName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
PackageCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
Assignment
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
AdvertiseFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
ProductIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
InstanceType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
AuthorizedLUAApp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
DeploymentFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A704887F813C5424D9080415C0173160
|
3FC9F1AAD47FDBE428AD210D0746AFC5
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\SourceList
|
PackageName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\SourceList\Net
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\SourceList\Media
|
1
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5
|
Clients
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3FC9F1AAD47FDBE428AD210D0746AFC5\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
|
StringCacheGeneration
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SetupapiLogStatus
|
setupapi.dev.log
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay
|
HwPointerEnabled
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpResources\Registry\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay\HwPointerEnabled
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay
|
InsiderPreviewPatch01
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpResources\Registry\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay\InsiderPreviewPatch01
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay
|
ImagePath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpResources\Registry\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay\ImagePath
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay
|
WdfExtensions
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpResources\Registry\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay\WdfExtensions
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay
|
WdfMajorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay
|
WdfMinorVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpResources\Registry\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\MirrorOpVirtualDisplay\WdfMinorVersion
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/UMDF/MirrorOpVirtualDisplay1_2.dll
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Descriptors\Root\VID_MIRROROP_VIRTUAL_DISPLAY_0001
|
Configuration
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Descriptors\Root\VID_MIRROROP_VIRTUAL_DISPLAY_0001
|
Manufacturer
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Descriptors\Root\VID_MIRROROP_VIRTUAL_DISPLAY_0001
|
Description
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT
|
Service
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT
|
UpperFilters
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT
|
ConfigScope
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Device\WUDF
|
DeviceGroupId
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Device
|
WUDF
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Device\WUDF
|
DriverList
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Device\WUDF
|
MethodNeitherAction
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Device\WUDF
|
KernelModeClientPolicy
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Device\WUDF
|
FileObjectPolicy
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Driver
|
FeatureScore
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\000E
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\001D
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0019
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Configurations\v3DDKIndirect_1.2.X_Install.NT
|
ConfigFlags
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Strings
|
devicename
|
||
|
HKEY_LOCAL_MACHINE\DRIVERS\DriverDatabase\DriverPackages\mirroropdisplay.inf_amd64_81a2ef4ec907e6ad\Strings
|
manufacturername
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/UMDF/MirrorOpVirtualDisplay1_2.dll
|
Class
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles\%SystemRoot%/System32/drivers/UMDF/MirrorOpVirtualDisplay1_2.dll
|
Source
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFRd
|
Owners
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFRd\Parameters\Wdf
|
WdfMajorVersion
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFRd\Parameters\Wdf
|
WdfMinorVersion
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\DISPLAY\0000\Device Parameters\WUDFDiagnosticInfo
|
RetrievalMode
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\DISPLAY\0000\Device Parameters\WUDFDiagnosticInfo
|
RwTransferMode
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ROOT\DISPLAY\0000\Device Parameters\WUDFDiagnosticInfo
|
IoctlTransferMode
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{1ca05181-a699-450a-9a0c-de4fbe3ddd89}\##?#ROOT#DISPLAY#0000#{1ca05181-a699-450a-9a0c-de4fbe3ddd89}
|
DeviceInstance
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\DeviceClasses\{1ca05181-a699-450a-9a0c-de4fbe3ddd89}\##?#ROOT#DISPLAY#0000#{1ca05181-a699-450a-9a0c-de4fbe3ddd89}\#\Properties\{c50a3f10-aa5c-4247-b830-d6a6f8eaa310}\0002
|
NULL
|
There are 131 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
262BEE75000
|
heap
|
page read and write
|
||
|
D42000
|
unkown
|
page execute and read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8617F000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
7FF642E38000
|
unkown
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
2BD86196000
|
heap
|
page read and write
|
||
|
2BD861F0000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8CE7000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86203000
|
heap
|
page read and write
|
||
|
262BEEF9000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8615B000
|
heap
|
page read and write
|
||
|
142A0800000
|
unkown
|
page read and write
|
||
|
262BEEFA000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D34000
|
heap
|
page read and write
|
||
|
2BD86149000
|
heap
|
page read and write
|
||
|
2BD8617D000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
F821CFE000
|
stack
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
2BD86179000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
262BEEEF000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD8615F000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8616A000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D2F000
|
heap
|
page read and write
|
||
|
2CBC000
|
stack
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD86203000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
142A0690000
|
heap
|
page read and write
|
||
|
262BEEE0000
|
heap
|
page read and write
|
||
|
4474FFE000
|
stack
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1303000
|
heap
|
page read and write
|
||
|
211E8D2A000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8617B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEE0000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
D4A000
|
unkown
|
page execute and read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
142A06C7000
|
heap
|
page read and write
|
||
|
44751FE000
|
stack
|
page read and write
|
||
|
2B1000
|
unkown
|
page execute and read and write
|
||
|
262BEEC0000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
D4C000
|
unkown
|
page execute and read and write
|
||
|
2BD86179000
|
heap
|
page read and write
|
||
|
211E8D28000
|
heap
|
page read and write
|
||
|
211E8D30000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
2BD86485000
|
heap
|
page read and write
|
||
|
211E8D31000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
262BEF20000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D4A000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D29000
|
heap
|
page read and write
|
||
|
2BD861E6000
|
heap
|
page read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
211E8D5C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD861DF000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
2BD86203000
|
heap
|
page read and write
|
||
|
138767E000
|
stack
|
page read and write
|
||
|
2E9F000
|
stack
|
page read and write
|
||
|
36BD000
|
stack
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD861FC000
|
heap
|
page read and write
|
||
|
2BD8617F000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
2BD861E3000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1275000
|
heap
|
page read and write
|
||
|
2BD8621C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D36000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
211E8D0F000
|
heap
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
262BEF39000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
B857EFE000
|
stack
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
262BEEF3000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEF03000
|
heap
|
page read and write
|
||
|
2BD861E9000
|
heap
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
2BD861E3000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEF3000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D07000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D88000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D88000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86175000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
7FF642E3A000
|
unkown
|
page readonly
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
B857F7E000
|
stack
|
page read and write
|
||
|
211E8D27000
|
heap
|
page read and write
|
||
|
211E8D8A000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D34000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
262BEF20000
|
heap
|
page read and write
|
||
|
4474EF4000
|
stack
|
page read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8618D000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86153000
|
heap
|
page read and write
|
||
|
262BEF39000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
2BD86148000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
138747D000
|
stack
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
2BD861E0000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D94000
|
heap
|
page read and write
|
||
|
211E8D1A000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
2BD86161000
|
heap
|
page read and write
|
||
|
2BD8615D000
|
heap
|
page read and write
|
||
|
211E8D94000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
262BEF2C000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
211E8D22000
|
heap
|
page read and write
|
||
|
7FF8B90B5000
|
unkown
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD861FC000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D8A000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
211E8D8C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEF3000
|
heap
|
page read and write
|
||
|
211E8D8D000
|
heap
|
page read and write
|
||
|
2BD8615B000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
7FF642E3A000
|
unkown
|
page readonly
|
||
|
2BD86170000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
262BEF3B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
142A1040000
|
unkown
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD861F0000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEDD000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
2E9E000
|
unkown
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEFB000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
2BD8614F000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
2BD8618A000
|
heap
|
page read and write
|
||
|
211E8D36000
|
heap
|
page read and write
|
||
|
262BEED8000
|
heap
|
page read and write
|
||
|
2BD86153000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D32000
|
heap
|
page read and write
|
||
|
211E8D08000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2F43000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D90000
|
heap
|
page read and write
|
||
|
2E10000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D0D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
142A06D1000
|
heap
|
page read and write
|
||
|
262BEED2000
|
heap
|
page read and write
|
||
|
12DB000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
2BD86168000
|
heap
|
page read and write
|
||
|
2BD8616B000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8CB0000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD861EC000
|
heap
|
page read and write
|
||
|
CC6000
|
unkown
|
page execute and read and write
|
||
|
262BEEE1000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1322000
|
heap
|
page read and write
|
||
|
262BEF14000
|
heap
|
page read and write
|
||
|
2F38000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
2BD8617F000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
262BEED9000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
B857E7D000
|
stack
|
page read and write
|
||
|
2C7C000
|
stack
|
page read and write
|
||
|
2BD86167000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
262BEF35000
|
heap
|
page read and write
|
||
|
7FF8B90A1000
|
unkown
|
page execute read
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
131A000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8B70000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D18000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D32000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
2BD86165000
|
heap
|
page read and write
|
||
|
262BEED8000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D4A000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD8617B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
DB0000
|
unkown
|
page execute and read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
44752FF000
|
stack
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D93000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86168000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
12E2000
|
heap
|
page read and write
|
||
|
262BEEEF000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
262BEF15000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8615E000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D88000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
11E0000
|
heap
|
page read and write
|
||
|
211E8D8D000
|
heap
|
page read and write
|
||
|
211E8D20000
|
heap
|
page read and write
|
||
|
2BD8621C000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
262BEF0A000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D93000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEDE000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
211E8D8A000
|
heap
|
page read and write
|
||
|
211E8D91000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
1270000
|
heap
|
page read and write
|
||
|
2BD861E3000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
262BEF2C000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
262BEF01000
|
heap
|
page read and write
|
||
|
211E8D91000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
262BEE80000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
211E8D03000
|
heap
|
page read and write
|
||
|
2BD8615B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
262BEF0F000
|
heap
|
page read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
142A05B0000
|
heap
|
page read and write
|
||
|
211E8CE0000
|
heap
|
page read and write
|
||
|
94D000
|
unkown
|
page execute and write copy
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
118C000
|
stack
|
page read and write
|
||
|
211E8D20000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
262BEEE8000
|
heap
|
page read and write
|
||
|
211E8D2F000
|
heap
|
page read and write
|
||
|
2F67000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
13876FC000
|
stack
|
page read and write
|
||
|
211E8D90000
|
heap
|
page read and write
|
||
|
2BD861E9000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
D44000
|
unkown
|
page execute and read and write
|
||
|
2BD8615D000
|
heap
|
page read and write
|
||
|
2BD8615E000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
142A0890000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
2BD8618A000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8615F000
|
heap
|
page read and write
|
||
|
2BD86220000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
2BD8618A000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
211E8C80000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
2BD861F0000
|
heap
|
page read and write
|
||
|
2BD86161000
|
heap
|
page read and write
|
||
|
262BEEFA000
|
heap
|
page read and write
|
||
|
2BD8619E000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
262BEF14000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
2BD8614D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
211E8D0B000
|
heap
|
page read and write
|
||
|
211E8D28000
|
heap
|
page read and write
|
||
|
35BD000
|
stack
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8C50000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D8A000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD861FC000
|
heap
|
page read and write
|
||
|
4DAF000
|
stack
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
262BEEDE000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD86187000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
2BD86153000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8618A000
|
heap
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D8A000
|
heap
|
page read and write
|
||
|
2BD86153000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
2BD86320000
|
heap
|
page read and write
|
||
|
211E8D5C000
|
heap
|
page read and write
|
||
|
2BD8615F000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8617B000
|
heap
|
page read and write
|
||
|
2BD86203000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD861E0000
|
heap
|
page read and write
|
||
|
2BD861E1000
|
heap
|
page read and write
|
||
|
262BEF38000
|
heap
|
page read and write
|
||
|
2BD8617F000
|
heap
|
page read and write
|
||
|
2BD86161000
|
heap
|
page read and write
|
||
|
211E8D1B000
|
heap
|
page read and write
|
||
|
2BD861FC000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
262BEEE8000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD8615F000
|
heap
|
page read and write
|
||
|
2BD86240000
|
heap
|
page read and write
|
||
|
262BEEEF000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD861E3000
|
heap
|
page read and write
|
||
|
2BD8614F000
|
heap
|
page read and write
|
||
|
13874FF000
|
stack
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8615D000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
142A06C0000
|
heap
|
page read and write
|
||
|
1322000
|
heap
|
page read and write
|
||
|
262BEF24000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D2F000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
108B000
|
stack
|
page read and write
|
||
|
2F1C000
|
stack
|
page read and write
|
||
|
211E8D25000
|
heap
|
page read and write
|
||
|
2E5D000
|
unkown
|
page read and write
|
||
|
2BD861D9000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8615E000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
262BEF54000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
211E8D28000
|
heap
|
page read and write
|
||
|
211E8D2F000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
D1A000
|
unkown
|
page execute and read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8621C000
|
heap
|
page read and write
|
||
|
7FF642E10000
|
unkown
|
page readonly
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D05000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
7FF642E2A000
|
unkown
|
page readonly
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
262BEEDA000
|
heap
|
page read and write
|
||
|
211E8D0E000
|
heap
|
page read and write
|
||
|
2BD861E3000
|
heap
|
page read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEF0F000
|
heap
|
page read and write
|
||
|
211E8D01000
|
heap
|
page read and write
|
||
|
DD8000
|
unkown
|
page write copy
|
||
|
132C000
|
heap
|
page read and write
|
||
|
D4E000
|
unkown
|
page execute and read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD8616E000
|
heap
|
page read and write
|
||
|
14B0000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D20000
|
heap
|
page read and write
|
||
|
2BD861E1000
|
heap
|
page read and write
|
||
|
211E8D36000
|
heap
|
page read and write
|
||
|
12BD000
|
stack
|
page read and write
|
||
|
2BD86179000
|
heap
|
page read and write
|
||
|
2BD86161000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86175000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
2BD861E6000
|
heap
|
page read and write
|
||
|
211E8D97000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
2BD86480000
|
heap
|
page read and write
|
||
|
211E8D19000
|
heap
|
page read and write
|
||
|
211E8D8D000
|
heap
|
page read and write
|
||
|
12D0000
|
heap
|
page read and write
|
||
|
2BD861E0000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
2BD8616B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D07000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8614A000
|
heap
|
page read and write
|
||
|
211E8D93000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
262BEEC7000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
F821D7F000
|
stack
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D22000
|
heap
|
page read and write
|
||
|
262BEEEF000
|
heap
|
page read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
262BEF24000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D5C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1322000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
D47000
|
unkown
|
page execute and read and write
|
||
|
2BD8618A000
|
heap
|
page read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8CFD000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
262BEEED000
|
heap
|
page read and write
|
||
|
2BD861DB000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
262BEF14000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
F821984000
|
stack
|
page read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D15000
|
heap
|
page read and write
|
||
|
2BD867D0000
|
heap
|
page read and write
|
||
|
2BD8616B000
|
heap
|
page read and write
|
||
|
211E8D0F000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
CC3000
|
unkown
|
page execute and read and write
|
||
|
211E8D2F000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
142A07C0000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8616E000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
2F4B000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
2BD86153000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D2A000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
1321000
|
heap
|
page read and write
|
||
|
211E8D02000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
7FF642E11000
|
unkown
|
page execute read
|
||
|
211E8D93000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D20000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
2BD8617F000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
262BEEFA000
|
heap
|
page read and write
|
||
|
262BEED4000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D21000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8618D000
|
heap
|
page read and write
|
||
|
2BD867D1000
|
heap
|
page read and write
|
||
|
2BD8615C000
|
heap
|
page read and write
|
||
|
211E8CE9000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
211E8D96000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
7FF642E11000
|
unkown
|
page execute read
|
||
|
131A000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
2BD8618D000
|
heap
|
page read and write
|
||
|
2BD861E6000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
142A1050000
|
unkown
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
DD8000
|
unkown
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8CB5000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D2F000
|
heap
|
page read and write
|
||
|
211E8D07000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
2BD8617B000
|
heap
|
page read and write
|
||
|
262BEEE5000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD8614E000
|
heap
|
page read and write
|
||
|
211E8D01000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
7FF8B90B0000
|
unkown
|
page readonly
|
||
|
262BEE50000
|
heap
|
page read and write
|
||
|
262BEF1A000
|
heap
|
page read and write
|
||
|
211E8D46000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8617B000
|
heap
|
page read and write
|
||
|
211E8D26000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86146000
|
heap
|
page read and write
|
||
|
262BEF0F000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8615B000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
2BD8615F000
|
heap
|
page read and write
|
||
|
211E8D0D000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
2EDD000
|
stack
|
page read and write
|
||
|
C9D000
|
unkown
|
page execute and read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D2D000
|
heap
|
page read and write
|
||
|
DD6000
|
unkown
|
page execute and write copy
|
||
|
131A000
|
heap
|
page read and write
|
||
|
211E8D69000
|
heap
|
page read and write
|
||
|
2BD86175000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
2BD861E0000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
138777E000
|
stack
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
211E8D1A000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
7FF642E2A000
|
unkown
|
page readonly
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD861E1000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D4D000
|
heap
|
page read and write
|
||
|
1322000
|
heap
|
page read and write
|
||
|
211E8D28000
|
heap
|
page read and write
|
||
|
2BD86206000
|
heap
|
page read and write
|
||
|
262BEED8000
|
heap
|
page read and write
|
||
|
2BD867D1000
|
heap
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
262BEEEA000
|
heap
|
page read and write
|
||
|
44750FD000
|
stack
|
page read and write
|
||
|
211E8D1A000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D56000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D88000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8615B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
F821DFF000
|
stack
|
page read and write
|
||
|
211E8D19000
|
heap
|
page read and write
|
||
|
262BEE70000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD8618E000
|
heap
|
page read and write
|
||
|
2BD86178000
|
heap
|
page read and write
|
||
|
262BEF0A000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
2BD8615F000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
13877FF000
|
stack
|
page read and write
|
||
|
2BD8618D000
|
heap
|
page read and write
|
||
|
7FF642E38000
|
unkown
|
page write copy
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86165000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
2BD861C7000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
262BEEEF000
|
heap
|
page read and write
|
||
|
F821C7E000
|
stack
|
page read and write
|
||
|
262BEF0C000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D62000
|
heap
|
page read and write
|
||
|
142A0895000
|
heap
|
page read and write
|
||
|
2E00000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD861FB000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD861C1000
|
heap
|
page read and write
|
||
|
2BD86191000
|
heap
|
page read and write
|
||
|
262BEF1A000
|
heap
|
page read and write
|
||
|
2BD86166000
|
heap
|
page read and write
|
||
|
2BD8619C000
|
heap
|
page read and write
|
||
|
262BEEE8000
|
heap
|
page read and write
|
||
|
7FF8B90B6000
|
unkown
|
page readonly
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD8616A000
|
heap
|
page read and write
|
||
|
2BD861ED000
|
heap
|
page read and write
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
211E8D19000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
262BEF35000
|
heap
|
page read and write
|
||
|
211E8D86000
|
heap
|
page read and write
|
||
|
2EDB000
|
stack
|
page read and write
|
||
|
2BD86165000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
2BD86175000
|
heap
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
262BEF0C000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86130000
|
heap
|
page read and write
|
||
|
211E8D53000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D88000
|
heap
|
page read and write
|
||
|
211E8D8A000
|
heap
|
page read and write
|
||
|
2BD8616C000
|
heap
|
page read and write
|
||
|
2BD8613B000
|
heap
|
page read and write
|
||
|
2BD86168000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
13875FC000
|
stack
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D2C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
2BD861E9000
|
heap
|
page read and write
|
||
|
2BD861EF000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D0C000
|
heap
|
page read and write
|
||
|
2BD8618A000
|
heap
|
page read and write
|
||
|
2BD86149000
|
heap
|
page read and write
|
||
|
4DEE000
|
stack
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
211E8D42000
|
heap
|
page read and write
|
||
|
262BED70000
|
heap
|
page read and write
|
||
|
2BD86175000
|
heap
|
page read and write
|
||
|
2BD8615B000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86182000
|
heap
|
page read and write
|
||
|
211E8D08000
|
heap
|
page read and write
|
||
|
211E8D5F000
|
heap
|
page read and write
|
||
|
132B000
|
heap
|
page read and write
|
||
|
211E8D38000
|
heap
|
page read and write
|
||
|
7FF642E10000
|
unkown
|
page readonly
|
||
|
211E8D28000
|
heap
|
page read and write
|
||
|
1345000
|
heap
|
page read and write
|
||
|
7FF8B90A0000
|
unkown
|
page readonly
|
||
|
2BD86163000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
211E8D8C000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2BD86340000
|
heap
|
page read and write
|
||
|
1335000
|
heap
|
page read and write
|
||
|
262BEF03000
|
heap
|
page read and write
|
||
|
211E8D88000
|
heap
|
page read and write
|
There are 912 hidden memdumps, click here to show them.