Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
5q4psw.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {D557C495-7A3E-4038-8369-B6EDCD5EFABE}, Create Time/Date: Tue May
30 14:26:08 2023, Last Saved Time/Date: Tue May 30 14:26:08 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
initial sample
|
 |
|
|
C:\Config.Msi\66172c.rbs
|
data
|
modified
|
||
|
C:\System Volume Information\SPP\OnlineMetadataCache\{95bd4ba6-e44e-4e3d-aced-35775530fd8d}_OnDiskSnapshotProp
|
data
|
dropped
|
||
|
C:\System Volume Information\SPP\metadata-2
|
SysEx File - Twister
|
dropped
|
||
|
C:\System Volume Information\SPP\snapshot-2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF081EC1EE06C4DD73.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DF26027B870D05A567.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFD45D14352E4E4A80.TMP
|
data
|
dropped
|
||
|
C:\Windows\Installer\66172a.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {D557C495-7A3E-4038-8369-B6EDCD5EFABE}, Create Time/Date: Tue May
30 14:26:08 2023, Last Saved Time/Date: Tue May 30 14:26:08 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\66172b.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\66172d.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {D557C495-7A3E-4038-8369-B6EDCD5EFABE}, Create Time/Date: Tue May
30 14:26:08 2023, Last Saved Time/Date: Tue May 30 14:26:08 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSIABDA.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
There are 5 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\5q4psw.msi"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\System32\wscript.exe
|
wscript.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://streams.videolan.org/upload/
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
2.82.8.80
|
unknown
|
Portugal
|
|
|
|
70.160.67.203
|
unknown
|
United States
|
|
|
|
75.143.236.149
|
unknown
|
United States
|
|
|
|
83.110.223.61
|
unknown
|
United Arab Emirates
|
|
|
|
86.195.14.72
|
unknown
|
France
|
|
|
|
84.215.202.8
|
unknown
|
Norway
|
|
|
|
184.182.66.109
|
unknown
|
United States
|
|
|
|
105.184.103.97
|
unknown
|
South Africa
|
|
|
|
92.186.69.229
|
unknown
|
France
|
|
|
|
174.4.89.3
|
unknown
|
Canada
|
|
|
|
161.142.103.187
|
unknown
|
Malaysia
|
|
|
|
114.143.176.236
|
unknown
|
India
|
|
|
|
14.192.241.76
|
unknown
|
Malaysia
|
|
|
|
173.88.135.179
|
unknown
|
United States
|
|
|
|
84.108.200.161
|
unknown
|
Israel
|
|
|
|
47.34.30.133
|
unknown
|
United States
|
|
|
|
183.87.163.165
|
unknown
|
India
|
|
|
|
124.149.143.189
|
unknown
|
Australia
|
|
|
|
184.181.75.148
|
unknown
|
United States
|
|
|
|
84.35.26.14
|
unknown
|
Netherlands
|
|
|
|
73.29.92.128
|
unknown
|
United States
|
|
|
|
68.203.69.96
|
unknown
|
United States
|
|
|
|
82.131.141.209
|
unknown
|
Hungary
|
|
|
|
64.121.161.102
|
unknown
|
United States
|
|
|
|
178.175.187.254
|
unknown
|
Moldova Republic of
|
|
|
|
96.56.197.26
|
unknown
|
United States
|
|
|
|
186.64.67.30
|
unknown
|
Argentina
|
|
|
|
188.28.19.84
|
unknown
|
United Kingdom
|
|
|
|
125.99.76.102
|
unknown
|
India
|
|
|
|
81.101.185.146
|
unknown
|
United Kingdom
|
|
|
|
86.176.144.234
|
unknown
|
United Kingdom
|
|
|
|
59.28.84.65
|
unknown
|
Korea Republic of
|
|
|
|
76.86.31.59
|
unknown
|
United States
|
|
|
|
147.147.30.126
|
unknown
|
United Kingdom
|
|
|
|
96.87.28.170
|
unknown
|
United States
|
|
|
|
75.109.111.89
|
unknown
|
United States
|
|
|
|
78.92.133.215
|
unknown
|
Hungary
|
|
|
|
124.122.47.148
|
unknown
|
Thailand
|
|
|
|
88.126.94.4
|
unknown
|
France
|
|
|
|
51.14.29.227
|
unknown
|
United Kingdom
|
|
|
|
85.57.212.13
|
unknown
|
Spain
|
|
|
|
47.205.25.170
|
unknown
|
United States
|
|
|
|
95.45.50.93
|
unknown
|
Ireland
|
|
|
|
80.12.88.148
|
unknown
|
France
|
|
|
|
81.111.108.123
|
unknown
|
United Kingdom
|
|
|
|
69.133.162.35
|
unknown
|
United States
|
|
|
|
86.132.236.117
|
unknown
|
United Kingdom
|
|
|
|
151.62.238.176
|
unknown
|
Italy
|
|
|
|
70.112.206.5
|
unknown
|
United States
|
|
|
|
41.228.224.161
|
unknown
|
Tunisia
|
|
|
|
205.237.67.69
|
unknown
|
Canada
|
|
|
|
102.159.188.125
|
unknown
|
Tunisia
|
|
|
|
151.65.167.77
|
unknown
|
Italy
|
|
|
|
76.178.148.107
|
unknown
|
United States
|
|
|
|
89.36.206.69
|
unknown
|
Italy
|
|
|
|
69.242.31.249
|
unknown
|
United States
|
|
|
|
85.104.105.67
|
unknown
|
Turkey
|
|
|
|
94.207.104.225
|
unknown
|
United Arab Emirates
|
|
|
|
193.253.100.236
|
unknown
|
France
|
|
|
|
76.16.49.134
|
unknown
|
United States
|
|
|
|
201.244.108.183
|
unknown
|
Colombia
|
|
|
|
103.42.86.42
|
unknown
|
India
|
|
|
|
78.18.105.11
|
unknown
|
Ireland
|
|
|
|
80.6.50.34
|
unknown
|
United Kingdom
|
|
|
|
103.144.201.56
|
unknown
|
unknown
|
|
|
|
27.0.48.233
|
unknown
|
India
|
|
|
|
70.28.50.223
|
unknown
|
Canada
|
|
|
|
98.145.23.67
|
unknown
|
United States
|
|
|
|
82.125.44.236
|
unknown
|
France
|
|
|
|
81.229.117.95
|
unknown
|
Sweden
|
|
|
|
89.129.109.27
|
unknown
|
Spain
|
|
|
|
122.186.210.254
|
unknown
|
India
|
|
|
|
79.77.142.22
|
unknown
|
United Kingdom
|
|
|
|
90.78.147.141
|
unknown
|
France
|
|
|
|
122.184.143.86
|
unknown
|
India
|
|
|
|
186.75.95.6
|
unknown
|
Panama
|
|
|
|
50.68.186.195
|
unknown
|
Canada
|
|
|
|
12.172.173.82
|
unknown
|
United States
|
|
|
|
213.64.33.61
|
unknown
|
Sweden
|
|
|
|
79.168.224.165
|
unknown
|
Portugal
|
|
|
|
176.142.207.63
|
unknown
|
France
|
|
|
|
86.173.2.12
|
unknown
|
United Kingdom
|
|
|
|
92.154.17.149
|
unknown
|
France
|
|
|
|
78.160.146.127
|
unknown
|
Turkey
|
|
|
|
58.186.75.42
|
unknown
|
Viet Nam
|
|
|
|
223.166.13.95
|
unknown
|
China
|
|
|
|
65.95.141.84
|
unknown
|
Canada
|
|
|
|
50.68.204.71
|
unknown
|
Canada
|
|
|
|
71.38.155.217
|
unknown
|
United States
|
|
|
|
220.240.164.182
|
unknown
|
Australia
|
|
|
|
103.123.223.133
|
unknown
|
India
|
|
|
|
24.198.114.130
|
unknown
|
United States
|
|
|
|
2.36.64.159
|
unknown
|
Italy
|
|
|
|
198.2.51.242
|
unknown
|
United States
|
|
|
|
92.9.45.20
|
unknown
|
United Kingdom
|
|
|
|
113.11.92.30
|
unknown
|
Bangladesh
|
|
|
|
109.50.149.241
|
unknown
|
Portugal
|
|
|
|
69.119.123.159
|
unknown
|
United States
|
|
|
|
172.115.17.50
|
unknown
|
United States
|
|
|
|
147.219.4.194
|
unknown
|
United States
|
|
There are 90 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
GETSTATE (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
GETSTATE (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
DOSNAPSHOT (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
DOSNAPSHOT (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InProgress
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\66172c.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\66172c.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
DCF90BD2E8D742C4FBD5BFB52DD5767B
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\
|
||
|
HKEY_CURRENT_USER\Software\AdobeAcrobatPDFBrowserPlugin
|
AdobeAcrobatPDFBrowserPlugin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
DCF90BD2E8D742C4FBD5BFB52DD5767B
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2DB09FCD-7D8E-4C24-BF5D-FB5BD25D67B7}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-966771315-3019405637-367336477-1006\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
DCF90BD2E8D742C4FBD5BFB52DD5767B
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\DCF90BD2E8D742C4FBD5BFB52DD5767B\SourceList
|
LastUsedSource
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
|
LastIndex
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
IDENTIFY (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppGatherWriterMetadata (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppAddInterestingComponents (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Enter)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\VssapiPublisher
|
PREPAREBACKUP (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SPP
|
SppCreate (Leave)
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS\Diag\SystemRestore
|
SrCreateRp (Leave)
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
a86a1114
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
9df5c15a
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
9fb4e126
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
27088643
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
5a00c9c9
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
e2bcaeac
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
2549a63f
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
d7237ee2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
a86a1114
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Wepnwwwxkll
|
a86a1114
|
There are 107 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
257D000
|
heap
|
page read and write
|
|
|
|
38D000
|
heap
|
page read and write
|
|
|
|
47E0000
|
heap
|
page read and write
|
||
|
3D9000
|
heap
|
page read and write
|
||
|
466000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
2F6000
|
stack
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
2054000
|
heap
|
page read and write
|
||
|
13AF000
|
stack
|
page read and write
|
||
|
240000
|
trusted library allocation
|
page read and write
|
||
|
1C2E000
|
heap
|
page read and write
|
||
|
27D000
|
heap
|
page read and write
|
||
|
470000
|
trusted library allocation
|
page read and write
|
||
|
1C1F000
|
heap
|
page read and write
|
||
|
2FE000
|
stack
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
233E000
|
trusted library allocation
|
page read and write
|
||
|
233F000
|
trusted library allocation
|
page read and write
|
||
|
23D0000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
FD000
|
stack
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
1916000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
23F2000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
378A000
|
stack
|
page read and write
|
||
|
44E000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
18F2000
|
heap
|
page read and write
|
||
|
2E000
|
heap
|
page read and write
|
||
|
3D4000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
1C27000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
180000
|
direct allocation
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
1C43000
|
heap
|
page read and write
|
||
|
3EE000
|
heap
|
page read and write
|
||
|
2B6000
|
heap
|
page read and write
|
||
|
2332000
|
trusted library allocation
|
page read and write
|
||
|
351000
|
heap
|
page read and write
|
||
|
1C23000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
2350000
|
trusted library allocation
|
page read and write
|
||
|
272E000
|
stack
|
page read and write
|
||
|
3AF0000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
504000
|
heap
|
page read and write
|
||
|
2C2000
|
trusted library allocation
|
page read and write
|
||
|
6EF000
|
stack
|
page read and write
|
||
|
1CCE000
|
heap
|
page read and write
|
||
|
2333000
|
trusted library allocation
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
388F000
|
stack
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
3D2000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
3C8000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
1C2A000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
2560000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
357000
|
heap
|
page read and write
|
||
|
1933000
|
heap
|
page read and write
|
||
|
2336000
|
trusted library allocation
|
page read and write
|
||
|
376000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
19A000
|
direct allocation
|
page readonly
|
||
|
11C000
|
stack
|
page read and write
|
||
|
250E000
|
stack
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
25E5000
|
heap
|
page read and write
|
||
|
1912000
|
heap
|
page read and write
|
||
|
22BF000
|
stack
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
C0000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
387000
|
heap
|
page read and write
|
||
|
1C2F000
|
heap
|
page read and write
|
||
|
1C42000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
1C2D000
|
heap
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
3DF000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
3A16000
|
heap
|
page read and write
|
||
|
18F4000
|
heap
|
page read and write
|
||
|
3CC000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
1C1D000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
286000
|
heap
|
page read and write
|
||
|
3C4000
|
heap
|
page read and write
|
||
|
1A68000
|
stack
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
164000
|
heap
|
page read and write
|
||
|
1C1C000
|
heap
|
page read and write
|
||
|
377000
|
heap
|
page read and write
|
||
|
154C000
|
stack
|
page read and write
|
||
|
39E0000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
1C2A000
|
heap
|
page read and write
|
||
|
1F7000
|
heap
|
page read and write
|
||
|
1C25000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
3D3000
|
heap
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
1C23000
|
heap
|
page read and write
|
||
|
417000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
13B7000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
29B000
|
stack
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1CFD000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
1955000
|
heap
|
page read and write
|
||
|
45F000
|
heap
|
page read and write
|
||
|
100AB000
|
unkown
|
page readonly
|
||
|
10000
|
heap
|
page read and write
|
||
|
3BF5000
|
heap
|
page read and write
|
||
|
20CB000
|
heap
|
page read and write
|
||
|
27C000
|
stack
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
34D000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1A2000
|
direct allocation
|
page readonly
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
26F0000
|
trusted library allocation
|
page read and write
|
||
|
1C23000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
2335000
|
trusted library allocation
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
101D8000
|
unkown
|
page readonly
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
160000
|
heap
|
page read and write
|
||
|
19F000
|
direct allocation
|
page read and write
|
||
|
26AF000
|
stack
|
page read and write
|
||
|
554000
|
heap
|
page read and write
|
||
|
1C10000
|
heap
|
page read and write
|
||
|
1C3A000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
351A000
|
stack
|
page read and write
|
||
|
1C1B000
|
heap
|
page read and write
|
||
|
146E000
|
stack
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
101FC000
|
unkown
|
page readonly
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
233C000
|
trusted library allocation
|
page read and write
|
||
|
3DC000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
1C2D000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
36E0000
|
heap
|
page read and write
|
||
|
23D4000
|
heap
|
page read and write
|
||
|
20D0000
|
heap
|
page read and write
|
||
|
233B000
|
trusted library allocation
|
page read and write
|
||
|
18F6000
|
heap
|
page read and write
|
||
|
233A000
|
trusted library allocation
|
page read and write
|
||
|
28B000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
917000
|
heap
|
page read and write
|
||
|
BD000
|
stack
|
page read and write
|
||
|
1C44000
|
heap
|
page read and write
|
||
|
3BF9000
|
heap
|
page read and write
|
||
|
1E2000
|
heap
|
page read and write
|
||
|
234F000
|
trusted library allocation
|
page read and write
|
||
|
24000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
2C0000
|
trusted library allocation
|
page read and write
|
||
|
1D00000
|
heap
|
page read and write
|
||
|
233D000
|
trusted library allocation
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
2338000
|
trusted library allocation
|
page read and write
|
||
|
192E000
|
heap
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
2095000
|
heap
|
page read and write
|
||
|
1C30000
|
heap
|
page read and write
|
||
|
2030000
|
heap
|
page read and write
|
||
|
101DE000
|
unkown
|
page write copy
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1C6000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
280000
|
heap
|
page read and write
|
||
|
1C29000
|
heap
|
page read and write
|
||
|
F6000
|
heap
|
page read and write
|
||
|
345000
|
heap
|
page read and write
|
||
|
77C000
|
stack
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
1C22000
|
heap
|
page read and write
|
||
|
46C000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
1C3A000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
20000
|
heap
|
page read and write
|
||
|
2342000
|
trusted library allocation
|
page read and write
|
||
|
4A6E000
|
stack
|
page read and write
|
||
|
101DD000
|
unkown
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
3E9000
|
heap
|
page read and write
|
||
|
181000
|
direct allocation
|
page execute read
|
||
|
4DF000
|
stack
|
page read and write
|
||
|
1C23000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
1C29000
|
heap
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
468000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
2F9000
|
stack
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1C39000
|
heap
|
page read and write
|
||
|
13BD000
|
heap
|
page read and write
|
||
|
3CA000
|
heap
|
page read and write
|
||
|
282E000
|
stack
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
1C30000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
266E000
|
stack
|
page read and write
|
||
|
22F0000
|
trusted library allocation
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
45A000
|
heap
|
page read and write
|
||
|
3A5000
|
heap
|
page read and write
|
||
|
339C000
|
heap
|
page read and write
|
||
|
90E000
|
stack
|
page read and write
|
||
|
3C9000
|
heap
|
page read and write
|
||
|
B2F000
|
stack
|
page read and write
|
||
|
202D000
|
stack
|
page read and write
|
||
|
62F000
|
stack
|
page read and write
|
||
|
350000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
1C3E000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
1C28000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
374000
|
heap
|
page read and write
|
||
|
170000
|
direct allocation
|
page execute read
|
||
|
101E1000
|
unkown
|
page write copy
|
||
|
236000
|
heap
|
page read and write
|
||
|
26C000
|
heap
|
page read and write
|
||
|
326000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
247000
|
heap
|
page read and write
|
||
|
32AC000
|
heap
|
page read and write
|
||
|
2334000
|
trusted library allocation
|
page read and write
|
||
|
23B000
|
heap
|
page read and write
|
||
|
2F7000
|
heap
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
161F000
|
stack
|
page read and write
|
||
|
467000
|
heap
|
page read and write
|
||
|
3C3000
|
heap
|
page read and write
|
||
|
35A000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
486000
|
trusted library allocation
|
page read and write
|
||
|
1C42000
|
heap
|
page read and write
|
||
|
1D36000
|
heap
|
page read and write
|
||
|
2337000
|
trusted library allocation
|
page read and write
|
||
|
1DF0000
|
heap
|
page read and write
|
||
|
4BB000
|
stack
|
page read and write
|
||
|
1C2A000
|
heap
|
page read and write
|
||
|
1947000
|
heap
|
page read and write
|
||
|
18F8000
|
heap
|
page read and write
|
||
|
2339000
|
trusted library allocation
|
page read and write
|
||
|
22D000
|
heap
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
1DFE000
|
heap
|
page read and write
|
||
|
39C0000
|
heap
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
359B000
|
stack
|
page read and write
|
||
|
6A0000
|
trusted library allocation
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
1C27000
|
heap
|
page read and write
|
||
|
2F0000
|
heap
|
page read and write
|
||
|
424000
|
heap
|
page read and write
|
||
|
15D000
|
stack
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
1C2C000
|
heap
|
page read and write
|
||
|
1D2F000
|
heap
|
page read and write
|
||
|
100AA000
|
unkown
|
page read and write
|
||
|
25DF000
|
heap
|
page read and write
|
||
|
327C000
|
heap
|
page read and write
|
||
|
2341000
|
trusted library allocation
|
page read and write
|
||
|
1C21000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2050000
|
heap
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
327D000
|
heap
|
page read and write
|
||
|
1F00000
|
heap
|
page read and write
|
||
|
20F000
|
stack
|
page read and write
|
||
|
1C2B000
|
heap
|
page read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
32E000
|
heap
|
page read and write
|
||
|
3DA000
|
heap
|
page read and write
|
||
|
1D38000
|
heap
|
page read and write
|
||
|
1C45000
|
heap
|
page read and write
|
||
|
3A7000
|
heap
|
page read and write
|
||
|
33D4000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
3DE000
|
heap
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
There are 345 hidden memdumps, click here to show them.