Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
15dasx.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
initial sample
|
 |
|
|
C:\Config.Msi\61e623.rbs
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Installer\61e622.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\61e624.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSIE8E1.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF0BFC98B297E831EB.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF1942D938D9238C10.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF1EBAA0DF6957A59B.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF26625000C3DFA716.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF515B98A092999243.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF5DCD941B825AFF81.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFC281F47278832CCC.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD46BF27CA9C44E38.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFD92D1524EDDCFC25.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFEAFD4A49B5364FC1.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFF6F31659CEE207E5.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFFD8F8C1867A8E867.TMP
|
data
|
dropped
|
||
|
C:\Config.Msi\6bb81c.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF4899FDBF77CB7EDE.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFA9753353B6A77A75.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFC65A62CAF401C2CF.TMP
|
data
|
dropped
|
||
|
C:\Windows\Installer\6bb81a.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\6bb81b.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\6bb81d.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {6ECD3C06-98A2-44A1-A41E-271C903F257F}, Create Time/Date: Tue May
30 15:19:58 2023, Last Saved Time/Date: Tue May 30 15:19:58 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI8ED9.tmp
|
data
|
dropped
|
There are 20 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\15dasx.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\System32\wscript.exe
|
wscript.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://streams.videolan.org/upload/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
2.82.8.80
|
unknown
|
Portugal
|
|
|
|
70.160.67.203
|
unknown
|
United States
|
|
|
|
75.143.236.149
|
unknown
|
United States
|
|
|
|
83.110.223.61
|
unknown
|
United Arab Emirates
|
|
|
|
86.195.14.72
|
unknown
|
France
|
|
|
|
84.215.202.8
|
unknown
|
Norway
|
|
|
|
184.182.66.109
|
unknown
|
United States
|
|
|
|
92.186.69.229
|
unknown
|
France
|
|
|
|
174.4.89.3
|
unknown
|
Canada
|
|
|
|
161.142.103.187
|
unknown
|
Malaysia
|
|
|
|
114.143.176.236
|
unknown
|
India
|
|
|
|
14.192.241.76
|
unknown
|
Malaysia
|
|
|
|
173.88.135.179
|
unknown
|
United States
|
|
|
|
84.108.200.161
|
unknown
|
Israel
|
|
|
|
47.34.30.133
|
unknown
|
United States
|
|
|
|
183.87.163.165
|
unknown
|
India
|
|
|
|
184.181.75.148
|
unknown
|
United States
|
|
|
|
124.149.143.189
|
unknown
|
Australia
|
|
|
|
84.35.26.14
|
unknown
|
Netherlands
|
|
|
|
73.29.92.128
|
unknown
|
United States
|
|
|
|
68.203.69.96
|
unknown
|
United States
|
|
|
|
82.131.141.209
|
unknown
|
Hungary
|
|
|
|
64.121.161.102
|
unknown
|
United States
|
|
|
|
178.175.187.254
|
unknown
|
Moldova Republic of
|
|
|
|
96.56.197.26
|
unknown
|
United States
|
|
|
|
186.64.67.30
|
unknown
|
Argentina
|
|
|
|
188.28.19.84
|
unknown
|
United Kingdom
|
|
|
|
125.99.76.102
|
unknown
|
India
|
|
|
|
81.101.185.146
|
unknown
|
United Kingdom
|
|
|
|
59.28.84.65
|
unknown
|
Korea Republic of
|
|
|
|
105.186.128.181
|
unknown
|
South Africa
|
|
|
|
76.86.31.59
|
unknown
|
United States
|
|
|
|
147.147.30.126
|
unknown
|
United Kingdom
|
|
|
|
96.87.28.170
|
unknown
|
United States
|
|
|
|
75.109.111.89
|
unknown
|
United States
|
|
|
|
78.92.133.215
|
unknown
|
Hungary
|
|
|
|
124.122.47.148
|
unknown
|
Thailand
|
|
|
|
88.126.94.4
|
unknown
|
France
|
|
|
|
51.14.29.227
|
unknown
|
United Kingdom
|
|
|
|
85.57.212.13
|
unknown
|
Spain
|
|
|
|
47.205.25.170
|
unknown
|
United States
|
|
|
|
95.45.50.93
|
unknown
|
Ireland
|
|
|
|
80.12.88.148
|
unknown
|
France
|
|
|
|
69.133.162.35
|
unknown
|
United States
|
|
|
|
86.132.236.117
|
unknown
|
United Kingdom
|
|
|
|
151.62.238.176
|
unknown
|
Italy
|
|
|
|
70.112.206.5
|
unknown
|
United States
|
|
|
|
205.237.67.69
|
unknown
|
Canada
|
|
|
|
102.159.188.125
|
unknown
|
Tunisia
|
|
|
|
151.65.167.77
|
unknown
|
Italy
|
|
|
|
76.178.148.107
|
unknown
|
United States
|
|
|
|
89.36.206.69
|
unknown
|
Italy
|
|
|
|
69.242.31.249
|
unknown
|
United States
|
|
|
|
193.253.100.236
|
unknown
|
France
|
|
|
|
76.16.49.134
|
unknown
|
United States
|
|
|
|
94.207.104.225
|
unknown
|
United Arab Emirates
|
|
|
|
201.244.108.183
|
unknown
|
Colombia
|
|
|
|
103.42.86.42
|
unknown
|
India
|
|
|
|
78.18.105.11
|
unknown
|
Ireland
|
|
|
|
80.6.50.34
|
unknown
|
United Kingdom
|
|
|
|
103.144.201.56
|
unknown
|
unknown
|
|
|
|
27.0.48.233
|
unknown
|
India
|
|
|
|
70.28.50.223
|
unknown
|
Canada
|
|
|
|
98.145.23.67
|
unknown
|
United States
|
|
|
|
47.149.134.231
|
unknown
|
United States
|
|
|
|
82.125.44.236
|
unknown
|
France
|
|
|
|
81.229.117.95
|
unknown
|
Sweden
|
|
|
|
89.129.109.27
|
unknown
|
Spain
|
|
|
|
122.186.210.254
|
unknown
|
India
|
|
|
|
79.77.142.22
|
unknown
|
United Kingdom
|
|
|
|
90.78.147.141
|
unknown
|
France
|
|
|
|
122.184.143.86
|
unknown
|
India
|
|
|
|
186.75.95.6
|
unknown
|
Panama
|
|
|
|
50.68.186.195
|
unknown
|
Canada
|
|
|
|
12.172.173.82
|
unknown
|
United States
|
|
|
|
213.64.33.61
|
unknown
|
Sweden
|
|
|
|
79.168.224.165
|
unknown
|
Portugal
|
|
|
|
86.97.55.89
|
unknown
|
United Arab Emirates
|
|
|
|
176.142.207.63
|
unknown
|
France
|
|
|
|
92.154.17.149
|
unknown
|
France
|
|
|
|
174.58.146.57
|
unknown
|
United States
|
|
|
|
78.160.146.127
|
unknown
|
Turkey
|
|
|
|
58.186.75.42
|
unknown
|
Viet Nam
|
|
|
|
223.166.13.95
|
unknown
|
China
|
|
|
|
65.95.141.84
|
unknown
|
Canada
|
|
|
|
50.68.204.71
|
unknown
|
Canada
|
|
|
|
71.38.155.217
|
unknown
|
United States
|
|
|
|
104.35.24.154
|
unknown
|
United States
|
|
|
|
220.240.164.182
|
unknown
|
Australia
|
|
|
|
103.123.223.133
|
unknown
|
India
|
|
|
|
24.198.114.130
|
unknown
|
United States
|
|
|
|
2.36.64.159
|
unknown
|
Italy
|
|
|
|
198.2.51.242
|
unknown
|
United States
|
|
|
|
92.9.45.20
|
unknown
|
United Kingdom
|
|
|
|
113.11.92.30
|
unknown
|
Bangladesh
|
|
|
|
69.119.123.159
|
unknown
|
United States
|
|
|
|
69.123.4.221
|
unknown
|
United States
|
|
|
|
172.115.17.50
|
unknown
|
United States
|
|
|
|
77.86.98.236
|
unknown
|
United Kingdom
|
|
|
|
147.219.4.194
|
unknown
|
United States
|
|
There are 90 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\61e623.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\61e623.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\
|
||
|
HKEY_CURRENT_USER\Software\AdobeAcrobatPDFBrowserPlugin
|
AdobeAcrobatPDFBrowserPlugin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\988FDE4671CFB664E8A9A56888BEC1CD
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\988FDE4671CFB664E8A9A56888BEC1CD
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\988FDE4671CFB664E8A9A56888BEC1CD\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\988FDE4671CFB664E8A9A56888BEC1CD\SourceList
|
LastUsedSource
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
bdbd51c2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
8822818c
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
8a63a1f0
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
32dfc695
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
4fd7891f
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
f76bee7a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
309ee6e9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
c2f43e34
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
bdbd51c2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Afpioeosplyv
|
bdbd51c2
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
GETSTATE (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
GETSTATE (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6bb81c.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6bb81c.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
988FDE4671CFB664E8A9A56888BEC1CD
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64EDF889-FC17-466B-8E9A-5A8688EB1CDC}
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\Features
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\988FDE4671CFB664E8A9A56888BEC1CD\Patches
|
AllPatches
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
3f516fd7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
acebf99
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
88f9fe5
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
b033f880
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
cd3bb70a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
7587d06f
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
b272d8fc
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
40180021
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
3f516fd7
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Iprjuqt
|
3f516fd7
|
There are 169 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
84A000
|
heap
|
page read and write
|
|
|
|
1110000
|
heap
|
page read and write
|
|
|
|
4C8F000
|
heap
|
page read and write
|
||
|
1FAD2D41000
|
heap
|
page read and write
|
||
|
6C78000
|
heap
|
page read and write
|
||
|
1B817820000
|
trusted library allocation
|
page read and write
|
||
|
B719F7B000
|
stack
|
page read and write
|
||
|
1B816A95000
|
heap
|
page read and write
|
||
|
6D80000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
3EDDCF9000
|
stack
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1B816AD0000
|
heap
|
page read and write
|
||
|
7665000
|
heap
|
page read and write
|
||
|
7662000
|
heap
|
page read and write
|
||
|
6DA4000
|
heap
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
B71998B000
|
stack
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
6C78000
|
heap
|
page read and write
|
||
|
101E0000
|
unkown
|
page write copy
|
||
|
7678000
|
unkown
|
page read and write
|
||
|
5AC1000
|
heap
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
2752EFF0000
|
heap
|
page read and write
|
||
|
E96000
|
heap
|
page read and write
|
||
|
7961000
|
heap
|
page read and write
|
||
|
E8311AF000
|
stack
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page readonly
|
||
|
1B8177B0000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
1FAD2B50000
|
heap
|
page read and write
|
||
|
1FAD2D05000
|
heap
|
page read and write
|
||
|
2752F400000
|
heap
|
page read and write
|
||
|
1FAD2CEC000
|
heap
|
page read and write
|
||
|
1FAD46E0000
|
heap
|
page read and write
|
||
|
FCF000
|
direct allocation
|
page read and write
|
||
|
1FAD2DFB000
|
heap
|
page read and write
|
||
|
4C9A000
|
heap
|
page read and write
|
||
|
3EDE3FE000
|
stack
|
page read and write
|
||
|
1B816AC0000
|
heap
|
page read and write
|
||
|
1B817AE0000
|
trusted library allocation
|
page read and write
|
||
|
1FAD2CD8000
|
heap
|
page read and write
|
||
|
1B817A60000
|
trusted library allocation
|
page read and write
|
||
|
6DA4000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
3EDE4FF000
|
stack
|
page read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
1FAD2CF9000
|
heap
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
1B8169E0000
|
trusted library allocation
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
1FAD2DF5000
|
heap
|
page read and write
|
||
|
1B816A99000
|
heap
|
page read and write
|
||
|
1FAD2D36000
|
heap
|
page read and write
|
||
|
2752EF80000
|
heap
|
page read and write
|
||
|
6446000
|
heap
|
page read and write
|
||
|
118F000
|
heap
|
page read and write
|
||
|
6D80000
|
heap
|
page read and write
|
||
|
1B816B21000
|
heap
|
page read and write
|
||
|
6DA4000
|
heap
|
page read and write
|
||
|
6C78000
|
heap
|
page read and write
|
||
|
B719DF9000
|
stack
|
page read and write
|
||
|
118F000
|
heap
|
page read and write
|
||
|
5DEC000
|
heap
|
page read and write
|
||
|
1B816A60000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
5AC1000
|
heap
|
page read and write
|
||
|
1FAD2D05000
|
heap
|
page read and write
|
||
|
7675000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page execute read
|
||
|
1FAD2CE2000
|
heap
|
page read and write
|
||
|
624A000
|
heap
|
page read and write
|
||
|
1FAD2D3B000
|
heap
|
page read and write
|
||
|
4C90000
|
heap
|
page read and write
|
||
|
7660000
|
heap
|
page read and write
|
||
|
1FAD4704000
|
heap
|
page read and write
|
||
|
1FAD2CF7000
|
heap
|
page read and write
|
||
|
E83112C000
|
stack
|
page read and write
|
||
|
6C78000
|
heap
|
page read and write
|
||
|
1FAD2D25000
|
heap
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page read and write
|
||
|
2752F050000
|
heap
|
page read and write
|
||
|
2752F405000
|
heap
|
page read and write
|
||
|
1FAD2D05000
|
heap
|
page read and write
|
||
|
4C5C000
|
heap
|
page read and write
|
||
|
6C6C000
|
heap
|
page read and write
|
||
|
6759000
|
heap
|
page read and write
|
||
|
1FAD2D1D000
|
heap
|
page read and write
|
||
|
1FAD2D1D000
|
heap
|
page read and write
|
||
|
6C7C000
|
heap
|
page read and write
|
||
|
1FAD4700000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
FCA000
|
direct allocation
|
page readonly
|
||
|
4C34000
|
heap
|
page read and write
|
||
|
7662000
|
heap
|
page read and write
|
||
|
4C6C000
|
heap
|
page read and write
|
||
|
100AD000
|
unkown
|
page read and write
|
||
|
1B816B0E000
|
heap
|
page read and write
|
||
|
1B816C90000
|
trusted library allocation
|
page read and write
|
||
|
1FAD2D26000
|
heap
|
page read and write
|
||
|
716E000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
4C11000
|
heap
|
page read and write
|
||
|
5B04000
|
heap
|
page read and write
|
||
|
716D000
|
heap
|
page read and write
|
||
|
B719D79000
|
stack
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
FB1000
|
direct allocation
|
page execute read
|
||
|
6460000
|
trusted library allocation
|
page read and write
|
||
|
101DA000
|
unkown
|
page readonly
|
||
|
7B76000
|
heap
|
page read and write
|
||
|
1B816A40000
|
heap
|
page read and write
|
||
|
2752F010000
|
heap
|
page read and write
|
||
|
3EDDDFD000
|
stack
|
page read and write
|
||
|
6C7C000
|
heap
|
page read and write
|
||
|
1B8177A0000
|
trusted library allocation
|
page read and write
|
||
|
1B816B2F000
|
heap
|
page read and write
|
||
|
FD2000
|
direct allocation
|
page readonly
|
||
|
1FAD2D36000
|
heap
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page read and write
|
||
|
7163000
|
heap
|
page read and write
|
||
|
101FE000
|
unkown
|
page readonly
|
||
|
620000
|
heap
|
page read and write
|
||
|
FB0000
|
direct allocation
|
page read and write
|
||
|
1FAD2D25000
|
heap
|
page read and write
|
||
|
6C7C000
|
heap
|
page read and write
|
||
|
6C6C000
|
heap
|
page read and write
|
||
|
1FAD2CF8000
|
heap
|
page read and write
|
||
|
1FAD2D36000
|
heap
|
page read and write
|
||
|
6950000
|
trusted library allocation
|
page read and write
|
||
|
6C6C000
|
heap
|
page read and write
|
||
|
4C68000
|
heap
|
page read and write
|
||
|
100AE000
|
unkown
|
page readonly
|
||
|
101E3000
|
unkown
|
page write copy
|
||
|
1B817A70000
|
heap
|
page readonly
|
||
|
1B817810000
|
trusted library allocation
|
page read and write
|
||
|
6DA4000
|
heap
|
page read and write
|
||
|
1B817A90000
|
trusted library allocation
|
page read and write
|
||
|
6D80000
|
heap
|
page read and write
|
||
|
1FAD2D41000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
1B816B21000
|
heap
|
page read and write
|
||
|
E83147F000
|
stack
|
page read and write
|
||
|
B719EF9000
|
stack
|
page read and write
|
||
|
6C6C000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
7B7D000
|
heap
|
page read and write
|
||
|
68C000
|
stack
|
page read and write
|
||
|
1FAD2D09000
|
heap
|
page read and write
|
||
|
1FAD2D25000
|
heap
|
page read and write
|
||
|
45E0000
|
trusted library allocation
|
page read and write
|
||
|
98E000
|
stack
|
page read and write
|
||
|
6C7C000
|
heap
|
page read and write
|
||
|
7166000
|
heap
|
page read and write
|
||
|
1B8169D0000
|
heap
|
page read and write
|
||
|
7671000
|
heap
|
page read and write
|
||
|
1FAD62E0000
|
trusted library allocation
|
page read and write
|
||
|
4C8F000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
1FAD2D1D000
|
heap
|
page read and write
|
||
|
2752F05B000
|
heap
|
page read and write
|
||
|
1FAD2D25000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1FAD2D25000
|
heap
|
page read and write
|
||
|
6170000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
3EDE1FF000
|
stack
|
page read and write
|
||
|
9CF000
|
stack
|
page read and write
|
||
|
1FAD2D1D000
|
heap
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
1B816B07000
|
heap
|
page read and write
|
||
|
1FAD2D36000
|
heap
|
page read and write
|
||
|
1FAD2CF7000
|
heap
|
page read and write
|
||
|
7E74000
|
heap
|
page read and write
|
||
|
1B816B0F000
|
heap
|
page read and write
|
||
|
1FAD2CE7000
|
heap
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page read and write
|
||
|
1FAD4A52000
|
heap
|
page read and write
|
||
|
6CEC000
|
heap
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
1FAD2D0A000
|
heap
|
page read and write
|
||
|
1FAD2DF0000
|
heap
|
page read and write
|
||
|
1FAD2D1D000
|
heap
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
7E69000
|
heap
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
1B816A90000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
6CB000
|
stack
|
page read and write
|
||
|
1FAD4A50000
|
heap
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
1FAD2CF5000
|
heap
|
page read and write
|
||
|
3EDDEFE000
|
stack
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page read and write
|
||
|
1B817A80000
|
trusted library allocation
|
page read and write
|
||
|
1FAD2CB0000
|
heap
|
page read and write
|
||
|
6D1D000
|
heap
|
page read and write
|
||
|
1FAD2D05000
|
heap
|
page read and write
|
||
|
754000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1FAD2CD0000
|
heap
|
page read and write
|
||
|
B719E7E000
|
stack
|
page read and write
|
||
|
5E24000
|
heap
|
page read and write
|
||
|
5B02000
|
heap
|
page read and write
|
||
|
6000000
|
trusted library allocation
|
page read and write
|
||
|
1B816AC8000
|
heap
|
page read and write
|
||
|
6D80000
|
heap
|
page read and write
|
||
|
1FAD2D36000
|
heap
|
page read and write
|
||
|
1133000
|
heap
|
page read and write
|
||
|
101DF000
|
unkown
|
page read and write
|
||
|
1B816B0F000
|
heap
|
page read and write
|
||
|
1FAD2C90000
|
heap
|
page read and write
|
||
|
32A0000
|
trusted library allocation
|
page read and write
|
||
|
7B7C000
|
heap
|
page read and write
|
There are 214 hidden memdumps, click here to show them.