Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ProjectFunding_450726_Jun01.js
|
ASCII text, with very long lines (1337), with CRLF line terminators
|
initial sample
|
 |
|
|
C:\Config.Msi\4fa97f.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B87Z87FM\national[1].htm
|
HTML document, ASCII text, with very long lines (65212)
|
dropped
|
||
|
C:\Windows\Installer\4fa980.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {04978FC0-C46D-416F-9983-8CD7C69572EE}, Create Time/Date: Thu Jun
1 15:57:38 2023, Last Saved Time/Date: Thu Jun 1 15:57:38 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI319E.tmp
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {04978FC0-C46D-416F-9983-8CD7C69572EE}, Create Time/Date: Thu Jun
1 15:57:38 2023, Last Saved Time/Date: Thu Jun 1 15:57:38 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSIAA1B.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF22471B5A50AA2E97.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF2A70DF5CEC56BF5D.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF6E755A35FD255ACB.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF79B335FA0EB48BA5.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF8619ED3253D39042.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF883F1083607F70C3.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF95BD744A4429F4FF.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFB376DA478E956195.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFBDB1CFA03CBC6FC5.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFC37A16C50B7C8BD7.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD99EF38F4A03F6CF.TMP
|
data
|
dropped
|
||
|
C:\Config.Msi\6781be.rbs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\P96VU3JU.htm
|
HTML document, Unicode text, UTF-8 text, with very long lines (1206), with CRLF, LF line terminators
|
dropped
|
||
|
C:\Windows\Installer\6781bf.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {8C788FE0-D109-4927-9111-67E9237DDA2D}, Create Time/Date: Thu Jun
1 15:57:00 2023, Last Saved Time/Date: Thu Jun 1 15:57:00 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Installer\MSI81ED.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI980.tmp
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation
Database, Subject: Adobe Acrobat PDF Browser Plugin 4.8.25, Author: Adobe Inc., Keywords: Installer, Comments: Adobe Acrobat
PDF Browser Plugin, Template: Intel;1033, Revision Number: {8C788FE0-D109-4927-9111-67E9237DDA2D}, Create Time/Date: Thu Jun
1 15:57:00 2023, Last Saved Time/Date: Thu Jun 1 15:57:00 2023, Number of Pages: 200, Number of Words: 10, Name of Creating
Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
|
dropped
|
||
|
C:\Windows\Temp\~DF0DDEAC6C9405E7E5.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF4D363E067C7B1335.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF7239BB99E68B74D1.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF97032EC5218A315C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFAAF580DC072508D1.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFC5AF83C6C09B723C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFC8411CD743E6CADD.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFCFA0FDA4AEF3B850.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFD56E4E9B73156A44.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFEA98AB2A043532AC.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFEE30CB9E16457345.TMP
|
data
|
dropped
|
There are 26 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\main.dll,next
|
|
|
|
C:\Windows\SysWOW64\wermgr.exe
|
C:\Windows\SysWOW64\wermgr.exe
|
|
|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\ProjectFunding_450726_Jun01.js"
|
||
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
||
|
C:\Windows\System32\wscript.exe
|
wscript.exe C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\notify.vbs
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://garokelka.com/$
|
unknown
|
||
|
https://garokelka.com/yjxcii.msi0C:
|
unknown
|
||
|
https://www.xfinity.com/mobile/policies/broadband-disclosures
|
unknown
|
||
|
https://www.xfinity.com/learn/internet-service/acp
|
unknown
|
||
|
https://www.xfinity.com/networkmanagement
|
unknown
|
||
|
https://garokelka.com/yjxcii.msi-825014416310365950
|
unknown
|
||
|
https://%/%.msi%InstallProduct
|
unknown
|
||
|
https://garokelka.com/yjxcii.msill.mui
|
unknown
|
||
|
https://garokelka.com/yjxcii.msi
|
217.195.153.225
|
||
|
https://xfinity.com/
|
96.114.21.40
|
||
|
https://garokelka.com/
|
unknown
|
||
|
https://www.cisco.com/c/en_eg/index.html
|
unknown
|
||
|
https://www.youtube.com/user/cisco
|
unknown
|
||
|
https://www.cisco.com/c/en/us/solutions/service-provider/routed-optical-networking/index.html?ccid=c
|
unknown
|
||
|
https://www.cisco.com/c/ar_ae/index.html
|
unknown
|
||
|
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2023/m05/cisco-launches-program-for-customers-and-p
|
unknown
|
||
|
https://www.cisco.com/c/en_sg/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_dz/index.html
|
unknown
|
||
|
https://www.cisco.com/c/hu_hu/index.html
|
unknown
|
||
|
https://www.cisco.com/site/in/en/index.html
|
unknown
|
||
|
https://software.cisco.com/download/navigator.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/contact-cisco.html
|
unknown
|
||
|
https://www.schema.org
|
unknown
|
||
|
https://www.cisco.com/c/en/us/partners/connect-with-a-partner.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/sitemap.html
|
unknown
|
||
|
https://www.cisco.com/c/sv_se/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ru_ru/index.html
|
unknown
|
||
|
https://learninglocator.cloudapps.cisco.com/#/home
|
unknown
|
||
|
https://www.cisco.com/c/pl_pl/index.html
|
unknown
|
||
|
https://blogs.cisco.com/security/now-is-the-time-to-step-up-your-security?utm_medium=web-referral&ut
|
unknown
|
||
|
https://www.cisco.com
|
unknown
|
||
|
https://www.cisco.com/c/fr_dz/index.html
|
unknown
|
||
|
https://www.cisco.com/c/de_ch/index.html
|
unknown
|
||
|
http://pdx-col.eum-appdynamics.com
|
unknown
|
||
|
https://www.cisco.com/site/fr/fr/index.html
|
unknown
|
||
|
https://www.cisco.com/c/nl_nl/index.html
|
unknown
|
||
|
https://www.cisco.com/site/au/en/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msi
|
217.195.153.225
|
||
|
https://www.cisco.com/c/es_ec/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/legal/trademarks.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about.html
|
unknown
|
||
|
https://www.cisco.com/c/pt_br/index.html
|
unknown
|
||
|
https://www.cisco.com/c/th_th/index.html
|
unknown
|
||
|
https://www.cisco.com/site/de/de/index.html
|
unknown
|
||
|
https://search.cisco.com/search?query=
|
unknown
|
||
|
http://schema.org/ImageObject
|
unknown
|
||
|
https://www.ciscolive.com/global.html?CID=cdchp&TEAM=global_events&MEDIUM=digital_direct&CAMPAIGN=bt
|
unknown
|
||
|
https://www.cisco.com/c/en_my/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_es/index.html
|
unknown
|
||
|
https://www.cisco.com/c/it_it/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_il/index.html
|
unknown
|
||
|
https://www.cisco.com/site/cn/zh/index.html
|
unknown
|
||
|
https://newsroom.cisco.com/c/r/newsroom/en/us/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_hk/index.html
|
unknown
|
||
|
https://www.cisco.com/c/de_at/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_pa/index.html
|
unknown
|
||
|
https://www.cisco.com/c/da_dk/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ru_ua/index.html
|
unknown
|
||
|
https://www.instagram.com/cisco/
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/accessibility.html
|
unknown
|
||
|
https://www.cisco.com/c/es_mx/index.html
|
unknown
|
||
|
https://www.cisco.com/c/fr_be/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msi0C:
|
unknown
|
||
|
https://www.cisco.com/c/tr_tr/index.html
|
unknown
|
||
|
https://ciscocx.qualtrics.com/jfe/form/SV_0Tcp9VU8pUm4lBY?Ref=/c/en/us/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en_ph/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_ar/index.html
|
unknown
|
||
|
https://www.cisco.com/c/no_no/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_cr/index.html
|
unknown
|
||
|
https://twitter.com/Cisco/
|
unknown
|
||
|
https://www.cisco.com/c/ar_eg/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ko_kr/index.html
|
unknown
|
||
|
https://www.cisco.com/c/ro_ro/index.html
|
unknown
|
||
|
https://www.cisco.com/site/ca/fr/index.html
|
unknown
|
||
|
https://www.cisco.com/c/nl_be/index.html
|
unknown
|
||
|
https://duo.com/solutions/risk-based-authentication?utm_medium=web-referral&utm_source=cisco#eyJoYXN
|
unknown
|
||
|
https://www.cisco.com/c/es_co/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/legal/terms-conditions.html
|
unknown
|
||
|
https://www.cisco.com/c/pt_pt/index.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/buy.html
|
unknown
|
||
|
https://www.cisco.com/c/uk_ua/index.html
|
unknown
|
||
|
https://cisco.com/
|
72.163.4.185
|
||
|
https://www.cisco.com/c/es_pe/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msif:randomM
|
unknown
|
||
|
https://www.cisco.com/c/m/en_us/solutions/hybrid-work/workplace-solutions/penn1-lookbook.html?ccid=c
|
unknown
|
||
|
https://www.cisco.com/c/en/us/training-events/training-certifications.html
|
unknown
|
||
|
https://www.cisco.com/c/cs_cz/index.html
|
unknown
|
||
|
https://www.cisco.com/web/fw/i/logo-open-graph.gif
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/careers.html
|
unknown
|
||
|
https://www.cisco.com/c/en_za/index.html
|
unknown
|
||
|
https://pdx-col.eum-appdynamics.com
|
unknown
|
||
|
https://community.cisco.com/
|
unknown
|
||
|
https://blogs.cisco.com/networking/it-leaders-contend-with-secure-multicloud-access-the-2023-global-
|
unknown
|
||
|
https://www.cisco.com/c/vi_vn/index.html
|
unknown
|
||
|
http://cdn.appdynamics.com
|
unknown
|
||
|
https://cdn.appdynamics.com
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/legal/privacy-full.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/about/help.html
|
unknown
|
||
|
https://www.cisco.com/site/uk/en/index.html
|
unknown
|
||
|
https://garokelka.com/rlvoq0.msi457110176310365940
|
unknown
|
||
|
https://www.cisco.com/c/en/us/solutions/design-zone.html
|
unknown
|
||
|
https://www.cisco.com/c/en/us/training-events/events.html
|
unknown
|
||
|
https://www.cisco.com/site/jp/ja/index.html
|
unknown
|
||
|
https://www.cisco.com/c/es_bz/index.html
|
unknown
|
||
|
https://www.cisco.com/c/zh_hk/index.html
|
unknown
|
||
|
https://www.linkedin.com/company/cisco
|
unknown
|
||
|
https://www.cisco.com/
|
unknown
|
||
|
https://www.cisco.com/c/fr_ch/index.html
|
unknown
|
||
|
https://www.cisco.com/site/ca/en/index.html
|
unknown
|
There are 99 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xfinity.com
|
96.114.21.40
|
||
|
garokelka.com
|
217.195.153.225
|
||
|
www.xfinity.com
|
unknown
|
||
|
cisco.com
|
72.163.4.185
|
||
|
www.cisco.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
75.143.236.149
|
unknown
|
United States
|
|
|
|
83.110.223.61
|
unknown
|
United Arab Emirates
|
|
|
|
86.195.14.72
|
unknown
|
France
|
|
|
|
84.215.202.8
|
unknown
|
Norway
|
|
|
|
184.182.66.109
|
unknown
|
United States
|
|
|
|
80.167.196.79
|
unknown
|
Denmark
|
|
|
|
125.99.69.178
|
unknown
|
India
|
|
|
|
89.32.156.5
|
unknown
|
Italy
|
|
|
|
161.142.103.187
|
unknown
|
Malaysia
|
|
|
|
213.64.33.92
|
unknown
|
Sweden
|
|
|
|
114.143.176.236
|
unknown
|
India
|
|
|
|
24.234.220.88
|
unknown
|
United States
|
|
|
|
14.192.241.76
|
unknown
|
Malaysia
|
|
|
|
173.88.135.179
|
unknown
|
United States
|
|
|
|
72.205.104.134
|
unknown
|
United States
|
|
|
|
69.160.121.6
|
unknown
|
Jamaica
|
|
|
|
117.195.17.148
|
unknown
|
India
|
|
|
|
47.34.30.133
|
unknown
|
United States
|
|
|
|
70.49.205.198
|
unknown
|
Canada
|
|
|
|
184.181.75.148
|
unknown
|
United States
|
|
|
|
84.35.26.14
|
unknown
|
Netherlands
|
|
|
|
41.227.190.59
|
unknown
|
Tunisia
|
|
|
|
86.168.210.41
|
unknown
|
United Kingdom
|
|
|
|
100.4.163.158
|
unknown
|
United States
|
|
|
|
70.50.83.216
|
unknown
|
Canada
|
|
|
|
165.120.169.171
|
unknown
|
United States
|
|
|
|
82.131.141.209
|
unknown
|
Hungary
|
|
|
|
68.203.69.96
|
unknown
|
United States
|
|
|
|
79.92.15.6
|
unknown
|
France
|
|
|
|
64.121.161.102
|
unknown
|
United States
|
|
|
|
96.56.197.26
|
unknown
|
United States
|
|
|
|
178.175.187.254
|
unknown
|
Moldova Republic of
|
|
|
|
125.99.76.102
|
unknown
|
India
|
|
|
|
81.101.185.146
|
unknown
|
United Kingdom
|
|
|
|
98.187.21.2
|
unknown
|
United States
|
|
|
|
92.149.250.113
|
unknown
|
France
|
|
|
|
76.86.31.59
|
unknown
|
United States
|
|
|
|
147.147.30.126
|
unknown
|
United Kingdom
|
|
|
|
96.87.28.170
|
unknown
|
United States
|
|
|
|
75.109.111.89
|
unknown
|
United States
|
|
|
|
124.122.47.148
|
unknown
|
Thailand
|
|
|
|
88.126.94.4
|
unknown
|
France
|
|
|
|
85.57.212.13
|
unknown
|
Spain
|
|
|
|
103.101.203.177
|
unknown
|
Singapore
|
|
|
|
94.204.202.106
|
unknown
|
United Arab Emirates
|
|
|
|
47.205.25.170
|
unknown
|
United States
|
|
|
|
95.45.50.93
|
unknown
|
Ireland
|
|
|
|
85.61.165.153
|
unknown
|
Spain
|
|
|
|
80.12.88.148
|
unknown
|
France
|
|
|
|
103.144.201.48
|
unknown
|
unknown
|
|
|
|
102.156.10.183
|
unknown
|
Tunisia
|
|
|
|
86.132.236.117
|
unknown
|
United Kingdom
|
|
|
|
205.237.67.69
|
unknown
|
Canada
|
|
|
|
201.143.215.69
|
unknown
|
Mexico
|
|
|
|
76.178.148.107
|
unknown
|
United States
|
|
|
|
69.242.31.249
|
unknown
|
United States
|
|
|
|
85.104.105.67
|
unknown
|
Turkey
|
|
|
|
41.186.88.38
|
unknown
|
Rwanda
|
|
|
|
76.16.49.134
|
unknown
|
United States
|
|
|
|
90.104.151.37
|
unknown
|
France
|
|
|
|
201.244.108.183
|
unknown
|
Colombia
|
|
|
|
103.42.86.42
|
unknown
|
India
|
|
|
|
105.184.209.194
|
unknown
|
South Africa
|
|
|
|
116.74.163.130
|
unknown
|
India
|
|
|
|
116.120.145.170
|
unknown
|
Korea Republic of
|
|
|
|
103.139.242.6
|
unknown
|
India
|
|
|
|
70.28.50.223
|
unknown
|
Canada
|
|
|
|
98.145.23.67
|
unknown
|
United States
|
|
|
|
81.229.117.95
|
unknown
|
Sweden
|
|
|
|
82.125.44.236
|
unknown
|
France
|
|
|
|
45.243.142.31
|
unknown
|
Egypt
|
|
|
|
89.129.109.27
|
unknown
|
Spain
|
|
|
|
27.109.19.90
|
unknown
|
India
|
|
|
|
122.186.210.254
|
unknown
|
India
|
|
|
|
122.184.143.86
|
unknown
|
India
|
|
|
|
50.68.186.195
|
unknown
|
Canada
|
|
|
|
45.62.70.33
|
unknown
|
Canada
|
|
|
|
83.249.198.100
|
unknown
|
Sweden
|
|
|
|
12.172.173.82
|
unknown
|
United States
|
|
|
|
47.199.241.39
|
unknown
|
United States
|
|
|
|
79.168.224.165
|
unknown
|
Portugal
|
|
|
|
199.27.66.213
|
unknown
|
United States
|
|
|
|
176.142.207.63
|
unknown
|
France
|
|
|
|
86.176.83.44
|
unknown
|
United Kingdom
|
|
|
|
92.154.17.149
|
unknown
|
France
|
|
|
|
65.95.141.84
|
unknown
|
Canada
|
|
|
|
50.68.204.71
|
unknown
|
Canada
|
|
|
|
89.79.229.50
|
unknown
|
Poland
|
|
|
|
71.38.155.217
|
unknown
|
United States
|
|
|
|
77.126.99.230
|
unknown
|
Israel
|
|
|
|
103.123.223.133
|
unknown
|
India
|
|
|
|
31.53.29.235
|
unknown
|
United Kingdom
|
|
|
|
198.2.51.242
|
unknown
|
United States
|
|
|
|
93.147.235.8
|
unknown
|
Italy
|
|
|
|
92.9.45.20
|
unknown
|
United Kingdom
|
|
|
|
113.11.92.30
|
unknown
|
Bangladesh
|
|
|
|
77.86.98.236
|
unknown
|
United Kingdom
|
|
|
|
172.115.17.50
|
unknown
|
United States
|
|
|
|
217.195.153.225
|
garokelka.com
|
Netherlands
|
||
|
96.114.21.40
|
xfinity.com
|
United States
|
||
|
72.163.4.185
|
cisco.com
|
United States
|
There are 91 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\4fa97f.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\4fa97f.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
FE4BEC69D25AFEE4699BB6AA364C4274
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Local\AdobeAcrobatPDFBrowserPlugin\
|
||
|
HKEY_CURRENT_USER\Software\AdobeAcrobatPDFBrowserPlugin
|
AdobeAcrobatPDFBrowserPlugin
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
FE4BEC69D25AFEE4699BB6AA364C4274
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96CEB4EF-A52D-4EEF-96B9-6BAA63C42447}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\FE4BEC69D25AFEE4699BB6AA364C4274
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\FE4BEC69D25AFEE4699BB6AA364C4274
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\FE4BEC69D25AFEE4699BB6AA364C4274\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
FE4BEC69D25AFEE4699BB6AA364C4274
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274\SourceList\URL
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274\SourceList
|
LastUsedSource
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\FE4BEC69D25AFEE4699BB6AA364C4274\SourceList\URL
|
SourceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
471ae0c3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
7285308d
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
70c410f1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
c8787794
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
b570381e
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
dcc5f7b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
ca3957e8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
38538f35
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
471ae0c3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
471ae0c3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
471ae0c3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Dxrhrhsyety
|
471ae0c3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6781be.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6781be.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Components\DF2B5B287322BA24F9303B9BAE3B0000
|
133299CF040AFA646B78A6D9FB953039
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
133299CF040AFA646B78A6D9FB953039
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC992331-A040-46AF-B687-6A9DBF590393}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\133299CF040AFA646B78A6D9FB953039
|
MainProgram
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\Features
|
MainProgram
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\133299CF040AFA646B78A6D9FB953039
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\Features
|
Complete
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3853321935-2125563209-4053062332-1002\Products\133299CF040AFA646B78A6D9FB953039\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
ProductName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
PackageCode
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Language
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Version
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Assignment
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
InstanceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\100000007322BA24F9303B9BAE3B502B
|
133299CF040AFA646B78A6D9FB953039
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList\URL
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039
|
Clients
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList
|
LastUsedSource
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\133299CF040AFA646B78A6D9FB953039\SourceList\URL
|
SourceType
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
ed48855
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
c95a829
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
b429cf4c
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
c92180c6
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
719de7a3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
b668ef30
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
440237ed
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Pbcfrax
|
3b4b581b
|
There are 166 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4C30000
|
heap
|
page read and write
|
|
|
|
ECA000
|
heap
|
page read and write
|
|
|
|
66DA000
|
heap
|
page read and write
|
||
|
4CAF000
|
heap
|
page read and write
|
||
|
7A6B0FE000
|
stack
|
page read and write
|
||
|
70A0000
|
heap
|
page read and write
|
||
|
2D1E1FF000
|
stack
|
page read and write
|
||
|
4A91000
|
heap
|
page read and write
|
||
|
1C96BC1D000
|
heap
|
page read and write
|
||
|
27990680000
|
heap
|
page read and write
|
||
|
5EA4000
|
heap
|
page read and write
|
||
|
FC0000
|
direct allocation
|
page execute read
|
||
|
279902E0000
|
heap
|
page read and write
|
||
|
1C96BC52000
|
heap
|
page read and write
|
||
|
27990424000
|
heap
|
page read and write
|
||
|
172539A7000
|
heap
|
page read and write
|
||
|
FEA000
|
direct allocation
|
page readonly
|
||
|
1C96BC52000
|
heap
|
page read and write
|
||
|
1C96D4E4000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2799041C000
|
heap
|
page read and write
|
||
|
4C95000
|
heap
|
page read and write
|
||
|
1010000
|
trusted library allocation
|
page read and write
|
||
|
70A3000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
1C96BC5B000
|
heap
|
page read and write
|
||
|
1C96BC5E000
|
heap
|
page read and write
|
||
|
279903F9000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
27990402000
|
heap
|
page read and write
|
||
|
4A90000
|
heap
|
page read and write
|
||
|
4C8F000
|
heap
|
page read and write
|
||
|
75BB000
|
heap
|
page read and write
|
||
|
27990424000
|
heap
|
page read and write
|
||
|
70AA000
|
heap
|
page read and write
|
||
|
1C96BC31000
|
heap
|
page read and write
|
||
|
17253AC0000
|
heap
|
page read and write
|
||
|
75BD000
|
heap
|
page read and write
|
||
|
1C96D931000
|
heap
|
page read and write
|
||
|
27990402000
|
heap
|
page read and write
|
||
|
27990334000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
2D1E4FF000
|
stack
|
page read and write
|
||
|
27990424000
|
heap
|
page read and write
|
||
|
1C96D920000
|
heap
|
page read and write
|
||
|
279903E2000
|
heap
|
page read and write
|
||
|
1C96BC2E000
|
heap
|
page read and write
|
||
|
1C96BBB0000
|
heap
|
page read and write
|
||
|
1C96BB90000
|
heap
|
page read and write
|
||
|
5BC1000
|
heap
|
page read and write
|
||
|
2D1DEFF000
|
stack
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
17253860000
|
heap
|
page read and write
|
||
|
35864FF000
|
stack
|
page read and write
|
||
|
70A2000
|
heap
|
page read and write
|
||
|
1C96BBD0000
|
heap
|
page read and write
|
||
|
27990330000
|
heap
|
page read and write
|
||
|
1C96BCF0000
|
heap
|
page read and write
|
||
|
358647C000
|
stack
|
page read and write
|
||
|
1C96BC52000
|
heap
|
page read and write
|
||
|
7A6B1FE000
|
stack
|
page read and write
|
||
|
1C96BC4F000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
E2E000
|
stack
|
page read and write
|
||
|
27990408000
|
heap
|
page read and write
|
||
|
1C96BC0B000
|
heap
|
page read and write
|
||
|
1C96BC35000
|
heap
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
27990440000
|
heap
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
5BC1000
|
heap
|
page read and write
|
||
|
2D1E6FE000
|
stack
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
E6F000
|
stack
|
page read and write
|
||
|
1C96BC1C000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
27990440000
|
heap
|
page read and write
|
||
|
27990409000
|
heap
|
page read and write
|
||
|
2799041C000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
279903F9000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
1C96BC35000
|
heap
|
page read and write
|
||
|
17253C90000
|
heap
|
page read and write
|
||
|
1C96BA50000
|
heap
|
page read and write
|
||
|
7AB2000
|
heap
|
page read and write
|
||
|
70A1000
|
heap
|
page read and write
|
||
|
7A6A9F9000
|
stack
|
page read and write
|
||
|
27990685000
|
heap
|
page read and write
|
||
|
1C96DBA0000
|
trusted library allocation
|
page read and write
|
||
|
C17000
|
heap
|
page read and write
|
||
|
27990402000
|
heap
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
1C96BC35000
|
heap
|
page read and write
|
||
|
75AA000
|
heap
|
page read and write
|
||
|
1C96D92C000
|
heap
|
page read and write
|
||
|
27990424000
|
heap
|
page read and write
|
||
|
279903F7000
|
heap
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
27990300000
|
heap
|
page read and write
|
||
|
279920A0000
|
heap
|
page read and write
|
||
|
279903F5000
|
heap
|
page read and write
|
||
|
1C96BCFC000
|
heap
|
page read and write
|
||
|
2799068B000
|
heap
|
page read and write
|
||
|
75B7000
|
heap
|
page read and write
|
||
|
6581000
|
heap
|
page read and write
|
||
|
75B2000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
1C96DA80000
|
heap
|
page read and write
|
||
|
10094000
|
unkown
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
27993930000
|
trusted library allocation
|
page read and write
|
||
|
6636000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
279903D0000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
FD0000
|
direct allocation
|
page read and write
|
||
|
2D1DCFE000
|
stack
|
page read and write
|
||
|
5D7B000
|
heap
|
page read and write
|
||
|
1C96BC31000
|
heap
|
page read and write
|
||
|
279903D8000
|
heap
|
page read and write
|
||
|
1C96BC09000
|
heap
|
page read and write
|
||
|
1C96BBF5000
|
heap
|
page read and write
|
||
|
1C96BBF8000
|
heap
|
page read and write
|
||
|
1C96BCF5000
|
heap
|
page read and write
|
||
|
358657F000
|
stack
|
page read and write
|
||
|
27990425000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
279903F9000
|
heap
|
page read and write
|
||
|
1C96D922000
|
heap
|
page read and write
|
||
|
1C96BCFE000
|
heap
|
page read and write
|
||
|
279901A0000
|
heap
|
page read and write
|
||
|
1C96BC63000
|
heap
|
page read and write
|
||
|
2799041C000
|
heap
|
page read and write
|
||
|
1C96BC35000
|
heap
|
page read and write
|
||
|
1C96D931000
|
heap
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
2799041C000
|
heap
|
page read and write
|
||
|
279903EC000
|
heap
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
1C96BC52000
|
heap
|
page read and write
|
||
|
32A0000
|
heap
|
page read and write
|
||
|
C3C000
|
stack
|
page read and write
|
||
|
2799041C000
|
heap
|
page read and write
|
||
|
1C96BC5E000
|
heap
|
page read and write
|
||
|
1C96D928000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
7A6AFFF000
|
stack
|
page read and write
|
||
|
5BD1000
|
heap
|
page read and write
|
||
|
1006A000
|
unkown
|
page readonly
|
||
|
5D6F000
|
heap
|
page read and write
|
||
|
10092000
|
unkown
|
page write copy
|
||
|
10095000
|
unkown
|
page readonly
|
||
|
FEF000
|
direct allocation
|
page read and write
|
||
|
4C8F000
|
heap
|
page read and write
|
||
|
5D4D000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
70A9000
|
heap
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
1C96BC59000
|
heap
|
page read and write
|
||
|
7A6ADFE000
|
stack
|
page read and write
|
||
|
1C96D922000
|
heap
|
page read and write
|
||
|
1C96BBED000
|
heap
|
page read and write
|
||
|
70A3000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
27990424000
|
heap
|
page read and write
|
||
|
4CAF000
|
heap
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
17253AA0000
|
heap
|
page read and write
|
||
|
1C96D4E0000
|
heap
|
page read and write
|
||
|
2D1E2FE000
|
stack
|
page read and write
|
||
|
1C96BC31000
|
heap
|
page read and write
|
||
|
279920A2000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
1C96BBF6000
|
heap
|
page read and write
|
||
|
4A91000
|
heap
|
page read and write
|
||
|
4C41000
|
heap
|
page read and write
|
||
|
27990660000
|
heap
|
page read and write
|
||
|
17253C95000
|
heap
|
page read and write
|
||
|
1C96BC31000
|
heap
|
page read and write
|
||
|
1C96D924000
|
heap
|
page read and write
|
||
|
2D1D979000
|
stack
|
page read and write
|
||
|
4C9D000
|
heap
|
page read and write
|
||
|
1C96BC52000
|
heap
|
page read and write
|
||
|
498D000
|
heap
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
2D1E3FE000
|
stack
|
page read and write
|
||
|
1C96BC04000
|
heap
|
page read and write
|
||
|
70AC000
|
heap
|
page read and write
|
||
|
1C96BC05000
|
heap
|
page read and write
|
||
|
5D4C000
|
heap
|
page read and write
|
||
|
172539AB000
|
heap
|
page read and write
|
||
|
C7B000
|
stack
|
page read and write
|
||
|
4C53000
|
heap
|
page read and write
|
||
|
2D1DDFE000
|
stack
|
page read and write
|
||
|
C17000
|
heap
|
page read and write
|
||
|
1C96BC35000
|
heap
|
page read and write
|
||
|
61C9000
|
heap
|
page read and write
|
||
|
1C96BBE8000
|
heap
|
page read and write
|
||
|
FF2000
|
direct allocation
|
page readonly
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
64C4000
|
heap
|
page read and write
|
||
|
75BF000
|
heap
|
page read and write
|
||
|
172539A0000
|
heap
|
page read and write
|
||
|
5E6C000
|
heap
|
page read and write
|
||
|
DA4000
|
heap
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
4C90000
|
heap
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
1C96BC31000
|
heap
|
page read and write
|
||
|
279903E7000
|
heap
|
page read and write
|
||
|
2D1E0FF000
|
stack
|
page read and write
|
||
|
5EAC000
|
heap
|
page read and write
|
||
|
FD1000
|
direct allocation
|
page execute read
|
||
|
7A6ACFE000
|
stack
|
page read and write
|
||
|
27990402000
|
heap
|
page read and write
|
||
|
27990402000
|
heap
|
page read and write
|
||
|
1C96BBF7000
|
heap
|
page read and write
|
||
|
1C96BC52000
|
heap
|
page read and write
|
There are 216 hidden memdumps, click here to show them.