IOC Report
Support.Client.exe

loading gif

Files

File Path
Type
Category
Malicious
Support.Client.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
malicious
C:\ProgramData\Microsoft\Network\Downloader\edb.log
data
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
Extensible storage engine DataBase, version 0x620, checksum 0x477ec496, page size 16384, DirtyShutdown, Windows version 10.0
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
data
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Support.Client.e_194b467251df22b5388ca6e14a2fded071b9a86_6f85ab5c_7b8aff25-4b1d-4190-996d-8c3e7a62d1e6\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER62F3.tmp.dmp
Mini DuMP crash report, 14 streams, Sun Dec 22 11:46:58 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6565.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER65B4.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER665E.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER68A1.tmp.txt
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C56C4404C4DEF0DC88E5FCD9F09CB2F1
Certificate, Version=3
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4
Certificate, Version=3
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C56C4404C4DEF0DC88E5FCD9F09CB2F1
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2E248BEDDBB2D85122423C41028BFD4
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (10074), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (63847), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471.cdf-ms
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\manifests\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\ScreenConnect.ClientService.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\ScreenConnect.WindowsBackstageShell.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\ScreenConnect.WindowsBackstageShell.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\ScreenConnect.WindowsClient.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\ScreenConnect.WindowsFileManager.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\ScreenConnect.WindowsFileManager.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106\ScreenConnect.Core.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436\ScreenConnect.Windows.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413\ScreenConnect.WindowsClient.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a\ScreenConnect.Client.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\2p1jd0af.newcfg
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\Client.Override.en-US.resources
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\Client.en-US.resources
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\Client.resources
data
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\app.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\user.config (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471\ScreenConnect.ClientService.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\ScreenConnect.WindowsClient.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dfsvc.exe.log
ASCII text, with CRLF line terminators
modified
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ScreenConnect.ClientService.exe.log
CSV text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\OX50X7XC.log
Unicode text, UTF-16, little-endian text, with very long lines (651), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\5NBJHH5W.M4X\XEDNGAA4.YCQ.application
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (63847), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.Client.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.Client.dll.genman
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.ClientService.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.ClientService.dll.genman
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.ClientService.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.Core.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.Core.dll.genman
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.Windows.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.Windows.dll.genman
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsBackstageShell.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsBackstageShell.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsClient.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsClient.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsClient.exe.genman
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsClient.exe.manifest
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (10074), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsFileManager.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\Deployment\T4CMJK9K.K3C\OOPO66OZ.RYH\ScreenConnect.WindowsFileManager.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\932a2db58c237abd381d22df4c63a04a_9e146be9-c76a-4720-bcdb-53011b87bd06
data
dropped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
JSON data
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 65 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\Support.Client.exe
"C:\Users\user\Desktop\Support.Client.exe"
malicious
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.WindowsClient.exe
"C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.WindowsClient.exe"
malicious
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.ClientService.exe
"C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.ClientService.exe" "?e=Support&y=Guest&h=0bd0.adrsxpjm0rga0n.de&p=8041&s=12a62791-f49c-4806-9cc2-0b20f2ce6bb8&k=BgIAAACkAABSU0ExAAgAAAEAAQBdRYPv%2fs%2bijGK1u%2flkqPsG%2bdG7F%2f4ax8QNSH9Yo6i7A6UZdAY2kZfgAMhSjF%2fKrmKc4KX%2fDk9ZtiCRIRrmQh3eoku1a3oxQ2phk099M%2brHxm%2fsY2PWCCL%2fy3eISyDDs8dYSd7NyaWC%2bZQBDk%2bCMboNgHDqg5TZ2DZSQbH4e9PpCOhBmemQ0OLPi7s6np%2fBxp4rKNbDymsYFM0a6KINC%2bdchq29F%2bXHGl%2fK%2fQmGvHtdIpX8%2bO%2fTtZQDOLPXW57J20w3ypOH%2bHf7phXvddrwOTzrArQoTCReWUatoySRLumG3cOPSFHex5FRYf45W%2bMRD4DXmWP56lW1jk7oCGLWlFHE&r=&i=Untitled%20Session" "1"
malicious
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.ClientService.exe
"C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.ClientService.exe" "?e=Support&y=Guest&h=0bd0.adrsxpjm0rga0n.de&p=8041&s=12a62791-f49c-4806-9cc2-0b20f2ce6bb8&k=BgIAAACkAABSU0ExAAgAAAEAAQBdRYPv%2fs%2bijGK1u%2flkqPsG%2bdG7F%2f4ax8QNSH9Yo6i7A6UZdAY2kZfgAMhSjF%2fKrmKc4KX%2fDk9ZtiCRIRrmQh3eoku1a3oxQ2phk099M%2brHxm%2fsY2PWCCL%2fy3eISyDDs8dYSd7NyaWC%2bZQBDk%2bCMboNgHDqg5TZ2DZSQbH4e9PpCOhBmemQ0OLPi7s6np%2fBxp4rKNbDymsYFM0a6KINC%2bdchq29F%2bXHGl%2fK%2fQmGvHtdIpX8%2bO%2fTtZQDOLPXW57J20w3ypOH%2bHf7phXvddrwOTzrArQoTCReWUatoySRLumG3cOPSFHex5FRYf45W%2bMRD4DXmWP56lW1jk7oCGLWlFHE&r=&i=Untitled%20Session" "1"
malicious
C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.WindowsClient.exe
"C:\Users\user\AppData\Local\Apps\2.0\467JXDCM.KDT\OTWE8PPY.T3G\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\ScreenConnect.WindowsClient.exe" "RunRole" "f96fdd58-b31b-40b0-b300-0e1ead05a7df" "User"
malicious
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe"
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 7568 -ip 7568
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7568 -s 884
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS

URLs

Name
IP
Malicious
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.dll
104.168.134.232
http://www.fontbureau.com/designersG
unknown
http://www.fontbureau.com/designers/?
unknown
http://www.founder.com.cn/cn/bThe
unknown
http://www.fontbureau.com/designers?
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsFileManager.exeD
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Core.dll
104.168.134.232
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.ClientSer8
unknown
http://www.tiro.com
unknown
https://g.live.com/odclientsettings/ProdV2.C:
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application2
unknown
http://www.fontbureau.com/designers
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsBackstageSx
unknown
http://www.goodfont.co.kr
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application?e=Support&y=Guest&h=0bd0.adr
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application2j
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.ClientService.dll
104.168.134.232
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationxm
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.manifest
104.168.134.232
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsBackstageShell.exe.config
104.168.134.232
http://www.sajatypeworks.com
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Windo
unknown
http://www.typography.netD
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsFileManager.exe.configT
unknown
https://g.live.com/odclientsettings/Prod.C:
unknown
http://www.founder.com.cn/cn/cThe
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsClient.exe.config
104.168.134.232
http://www.galapagosdesign.com/staff/dennis.htm
unknown
https://g.live.com/odclientsettings/ProdV2
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsFileManager.exe
104.168.134.232
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsBackstageShell.exe
104.168.134.232
http://www.xrml.org/schema/2001/11/xrml2coreS
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application%
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.manifestC
unknown
http://www.galapagosdesign.com/DPlease
unknown
https://crea.alarmasdelsu
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Windows.dllPt
unknown
http://www.w3.o
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application
unknown
http://www.fonts.com
unknown
http://www.sandoll.co.kr
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsFileManager.ex
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsFileMa
unknown
http://www.urwpp.deDPlease
unknown
https://crea.alarmasdelsur
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application#ScreenConnect.WindowsClient.
unknown
http://www.zhongyicts.com.cn
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://www.sakkal.com
unknown
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsClient.exeR
unknown
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://www.fontbureau.com
unknown
https://crea.alarmasdels
unknown
http://www.xrml.org/schema/2001/11/xrml2core
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Windows.dll
104.168.134.232
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.ClientService.exe
104.168.134.232
http://www.w3.or
unknown
http://crl.ver)
unknown
http://upx.sf.net
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsClient.exex
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationx
unknown
https://crea.alarmasdelsureste.com
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.application8j
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationDv
unknown
https://crea.alarmasdelsureste.com/Bin/S2
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsCl8
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsFileManager.exe.config
104.168.134.232
http://www.carterandcone.coml
unknown
http://www.fontbureau.com/designers/cabarga.htmlN
unknown
http://www.founder.com.cn/cn
unknown
http://www.fontbureau.com/designers/frere-user.html
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationgod&
unknown
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationestl
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsClient.exe.configJ
unknown
http://www.jiyu-kobo.co.jp/
unknown
https://feedback.screenconnect.com/Feedback.axd
unknown
http://www.fontbureau.com/designers8
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsClient.exe
104.168.134.232
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationcd
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.C
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Core.dllcw
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.Client.applicationX
unknown
http://crea.alarmasdelsureste.com
unknown
https://crea.alarmasdelsureste.com/Bin/ScreenConnect.WindowsClient.exe.configW
unknown
There are 77 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
bg.microsoft.map.fastly.net
199.232.214.172
0bd0.adrsxpjm0rga0n.de
104.168.134.232
crea.alarmasdelsureste.com
104.168.134.232
fp2e7a.wpc.phicdn.net
192.229.221.95

IPs

IP
Domain
Country
Malicious
104.168.134.232
0bd0.adrsxpjm0rga0n.de
United States
127.0.0.1
unknown
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7B0F360B775F76C94A12CA48445AA2D2A875701C
Blob
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\4C2272FBA7A7380F55E2A424E9E624AEE1C14579
Blob
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0
ComponentStore_RandomString
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0
ComponentStore_RandomString
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager
StateStore_RandomString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\dfsvc_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\7B0F360B775F76C94A12CA48445AA2D2A875701C
Blob
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{60051b8f-4f12-400a-8e50-dd05ebd438d1}
NonCanonicalData
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{60051b8f-4f12-400a-8e50-dd05ebd438d1}\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
appid
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{60051b8f-4f12-400a-8e50-dd05ebd438d1}\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
{c989bb7a-8385-4715-98cf-a741a8edb823}!ApplicationTrust
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
lock!01000000d6cbe50db41d0000e01d00000000000000000000e272d2137756db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}
NonCanonicalData
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
appid
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!DeploymentSourceUri
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!ApplicationSourceUri
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!IsFullTrust
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
appid
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!IsShellVisible
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!PreviousBind
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!PendingBind
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!ExcludedDeployment
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!PendingDeployment
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!DeploymentProviderUri
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!MinimumRequiredVersion
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!LastCheckTime
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!UpdateSkippedDeployment
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!UpdateSkipTime
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!AppType
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata\{2ec93463-b0c3-45e1-8364-327e96aea856}_{3f471841-eef2-47d6-89c0-d028f03a4ad5}\scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
{2ad613da-6fdb-4671-af9e-18ab2e4df4d8}!CurrentBind
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
appid
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
pin!S_{3f471841-eef2-47d6-89c0-d028f03a4ad5}
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
appid
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
implication!scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
implication!scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
implication!scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
implication!scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
implication!scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
DigestValue
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
Transform
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
DigestMethod
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.ClientService.exe_e781b1ee36f7c0e0
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.ClientService.exe_e781b1ee36f7c0e0
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsBackstageShell.exe_898f6d085da479bc
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsBackstageShell.exe_898f6d085da479bc
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsFileManager.exe.config_ceab8affc7343daa
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsClient.exe.config_f7f106a5cc529540
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsClient.exe.config_f7f106a5cc529540
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsBackstageShell.exe.config_61230ac9d37a71e2
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsBackstageShell.exe.config_61230ac9d37a71e2
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_54d59b038afa39b7\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsFileManager.exe_0e21f87bfcff26be
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsFileManager.exe_0e21f87bfcff26be
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
DigestValue
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
Transform
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
DigestMethod
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a\Files
ScreenConnect.Client.dll_fc1d7bd48553fcab
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a\Files
ScreenConnect.Client.dll_fc1d7bd48553fcab
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
DigestValue
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
Transform
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
DigestMethod
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471\Files
ScreenConnect.ClientService.dll_e781b1c636f7bfae
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471\Files
ScreenConnect.ClientService.dll_e781b1c636f7bfae
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
DigestValue
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
Transform
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
DigestMethod
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436\Files
ScreenConnect.Windows.dll_fc0d83aff7df0b5b
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436\Files
ScreenConnect.Windows.dll_fc0d83aff7df0b5b
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
DigestValue
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
DigestMethod
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413\Files
ScreenConnect.WindowsClient.exe_6492277df2db17d2
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413\Files
ScreenConnect.WindowsClient.exe_6492277df2db17d2
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
SizeOfStronglyNamedComponent
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
DigestValue
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
Transform
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
DigestMethod
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106\Files
ScreenConnect.Core.dll_b96889d378047e27
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106\Files
ScreenConnect.Core.dll_b96889d378047e27
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment
OnlineAppQuotaUsageEstimate
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
lock!10000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
lock!0e000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
lock!0c000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
lock!0a000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
lock!08000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
lock!06000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
lock!04000000d7a5180eb41d0000e01d00000000000000000000eb2241d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager\Applications\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
identity
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager\Applications\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
PreparedForExecution
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
lock!11000000e7a5180eb41d0000e01d00000000000000000000895444d67e56db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.ClientService.exe_5e8c1e841cd8db20
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsBackstageShell.exe_89b7a517a15abfdc
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsFileManager.exe.config_5db10293a642be8a
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsClient.exe.config_432322067acab5c0
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsBackstageShell.exe.config_bc78256f1e952942
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92\Files
ScreenConnect.WindowsFileManager.exe_74b82db4db38179e
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436\Files
ScreenConnect.Windows.dll_fa5f7fd8f7c108bb
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471\Files
ScreenConnect.ClientService.dll_5e8c1e5c1cd8d9ee
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413\Files
ScreenConnect.WindowsClient.exe_fd0fcfe1fd1a6cd2
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106\Files
ScreenConnect.Core.dll_963930cc5ced28c7
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a\Files
ScreenConnect.Client.dll_7b0ea606092ddbcb
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
SubstructureCreated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4
Blob
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\7B0F360B775F76C94A12CA48445AA2D2A875701C
Blob
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
ProgramId
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
FileId
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
LowerCaseLongPath
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
LongPathHash
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
Name
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
OriginalFileName
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
Publisher
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
Version
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
BinFileVersion
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
BinaryType
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
ProductName
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
ProductVersion
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
LinkDate
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
BinProductVersion
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
AppxPackageFullName
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
AppxPackageRelativeId
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
Size
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
Language
\REGISTRY\A\{bb80a68d-f37e-ed28-92ed-0072c7fc02fb}\Root\InventoryApplicationFile\support.client.e|fbc97aa933ae989
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
PerfMMFileName
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
lock!0e0000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
lock!0c0000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
lock!0a0000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
lock!080000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
lock!060000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
lock!040000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
lock!020000000b106300c0040000a404000000000000000000006d90094f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..core_4b14c015c87c1ad8_0018.0002_none_5411371a15332106
lock!1c0000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_b558103dfe170413
lock!1a0000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..vice_4b14c015c87c1ad8_0018.0002_none_0564cf62aaf28471
lock!180000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..dows_4b14c015c87c1ad8_0018.0002_none_58890efb51813436
lock!160000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..ient_4b14c015c87c1ad8_0018.0002_none_ea2694ec2482770a
lock!140000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre...exe_25b0fbb6ef7eb094_0018.0002_none_98a7d58e59681f92
lock!120000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_none_399c0f24bfe6e975
lock!100000001b106300c0040000a40400000000000000000000b7f20b4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Marks\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
lock!1d0000002b106300c0040000a404000000000000000000001f550e4f6754db01
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager\Families\F_scre..tion_25b0fbb6ef7eb094_b729014a6d03efc9
LastRunVersion
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager\Families\Gc_scre..tion_6f4e3e68e178b16a
LastRunVersion
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager\Families\Gi_scre..tion_25b0fbb6ef7eb094_9edfe039055229dd
LastRunVersion
HKEY_CURRENT_USER_Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\StateManager\Applications\scre..tion_25b0fbb6ef7eb094_0018.0002_dfa92e60aa8309cf
HasRunBefore
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\ScreenConnect Client (12a62791-f49c-4806-9cc2-0b20f2ce6bb8)
NULL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application
AutoBackupLogFiles
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\ScreenConnect
EventMessageFile
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ScreenConnect Client (12a62791-f49c-4806-9cc2-0b20f2ce6bb8)
ImagePath
There are 172 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
29911FE000
unkown
page readonly
1210000
trusted library allocation
page read and write
7FFD9B773000
trusted library allocation
page read and write
1BE0000
heap
page read and write
1632000
trusted library allocation
page read and write
1DEBA400000
heap
page read and write
2E70000
heap
page execute and read and write
1DEBFC6C000
trusted library allocation
page read and write
25140AB0000
trusted library allocation
page read and write
2515A6F5000
heap
page read and write
7FFD9B77D000
trusted library allocation
page execute and read and write
25140AD7000
trusted library allocation
page read and write
251406A3000
trusted library allocation
page read and write
2C9E000
stack
page read and write
2C60000
trusted library allocation
page read and write
1630000
trusted library allocation
page read and write
7FFD9B960000
trusted library allocation
page read and write
101E000
stack
page read and write
1DEBFAE6000
heap
page read and write
2515A604000
heap
page read and write
1635000
trusted library allocation
page execute and read and write
7FFD9B76D000
trusted library allocation
page execute and read and write
2515A65E000
heap
page read and write
5D50000
heap
page read and write
7FFD9B980000
trusted library allocation
page read and write
122D000
trusted library allocation
page execute and read and write
2515A5AB000
heap
page read and write
1B8A8000
heap
page read and write
FE9000
heap
page read and write
1DEBF8C0000
trusted library allocation
page read and write
F05000
heap
page read and write
7FFD9B762000
trusted library allocation
page read and write
1DEBB4E0000
trusted library section
page readonly
129F000
stack
page read and write
3E51000
trusted library allocation
page read and write
E7C000
heap
page read and write
1DEBFC10000
trusted library allocation
page read and write
1B864000
heap
page read and write
1DEBA2F0000
heap
page read and write
7FFD9BAA0000
trusted library allocation
page read and write
565E000
stack
page read and write
15D7000
heap
page read and write
20F7A013000
heap
page read and write
25140220000
heap
page read and write
11FE000
stack
page read and write
1DEBFA00000
heap
page read and write
2DCE000
stack
page read and write
1DEBFAF6000
heap
page read and write
119E000
stack
page read and write
2515BEF3000
heap
page read and write
108F000
heap
page read and write
1DEBB140000
trusted library allocation
page read and write
C13000
unkown
page readonly
25140263000
heap
page read and write
12ABC000
trusted library allocation
page read and write
F6D000
stack
page read and write
10FE000
stack
page read and write
7FDAFFA000
stack
page read and write
7FFD9B970000
trusted library allocation
page read and write
8DE000
heap
page read and write
299127E000
stack
page read and write
7FFD9BAF0000
trusted library allocation
page read and write
4BFD000
stack
page read and write
7FFD9B960000
trusted library allocation
page execute and read and write
7FFD9B990000
trusted library allocation
page read and write
251405BB000
trusted library allocation
page read and write
47AF000
stack
page read and write
1DEBFD07000
trusted library allocation
page read and write
25158EF0000
heap
page read and write
4B70000
trusted library allocation
page read and write
4A40000
trusted library allocation
page read and write
2A9F000
stack
page read and write
E402E79000
stack
page read and write
1DEBFC8E000
trusted library allocation
page read and write
2515A6C7000
heap
page read and write
7FFD9B76D000
trusted library allocation
page execute and read and write
1260000
trusted library allocation
page read and write
1424000
heap
page read and write
251402B8000
heap
page read and write
92B000
heap
page read and write
7FFD9B816000
trusted library allocation
page read and write
E00000
heap
page read and write
7FFD9B91E000
trusted library allocation
page read and write
2513EA35000
heap
page read and write
7FFD9B90F000
trusted library allocation
page read and write
7FFD9BAE6000
trusted library allocation
page read and write
7FFD9B763000
trusted library allocation
page execute and read and write
7FFD9B9C0000
trusted library allocation
page read and write
1DEBFD1A000
trusted library allocation
page read and write
1236000
trusted library allocation
page execute and read and write
1622000
trusted library allocation
page read and write
7FFD9B820000
trusted library allocation
page execute and read and write
251402BB000
heap
page read and write
7FFD9B780000
trusted library allocation
page read and write
15D0000
heap
page read and write
579E000
stack
page read and write
B60000
heap
page read and write
E4026DD000
stack
page read and write
29919F9000
stack
page read and write
25140340000
trusted library section
page readonly
7FDAEF4000
stack
page read and write
2515A0A0000
trusted library allocation
page read and write
A30000
unkown
page readonly
7FFD9B7BC000
trusted library allocation
page execute and read and write
1BD2E000
stack
page read and write
1B40D000
stack
page read and write
1DEC0000000
heap
page read and write
7FFD9BAB0000
trusted library allocation
page read and write
13DE000
stack
page read and write
5ADE000
stack
page read and write
5BE0000
trusted library allocation
page read and write
42B0000
heap
page execute and read and write
7FDB3FD000
stack
page read and write
25158FC3000
heap
page read and write
DB6000
heap
page read and write
4A70000
trusted library allocation
page read and write
1B912000
heap
page read and write
7FFD9B94F000
trusted library allocation
page read and write
4C5E000
stack
page read and write
2513E5DB000
heap
page read and write
4240000
trusted library allocation
page read and write
2C5E000
stack
page read and write
15F0000
trusted library allocation
page read and write
2B1E000
stack
page read and write
29909FE000
unkown
page readonly
7FFD9B784000
trusted library allocation
page read and write
1DEBFA20000
heap
page read and write
2DBE000
stack
page read and write
7FFD9B90C000
trusted library allocation
page read and write
25140612000
trusted library allocation
page read and write
25140606000
trusted library allocation
page read and write
7FFD9B940000
trusted library allocation
page read and write
2C80000
heap
page read and write
20F7A000000
heap
page read and write
2515A796000
heap
page read and write
7FFD9B78B000
trusted library allocation
page execute and read and write
7FFD9B81C000
trusted library allocation
page execute and read and write
25140AD9000
trusted library allocation
page read and write
7FFD9B760000
trusted library allocation
page read and write
1005000
heap
page read and write
7FDB5FD000
stack
page read and write
7FFD9B980000
trusted library allocation
page read and write
299027B000
stack
page read and write
12E8D000
trusted library allocation
page read and write
299187E000
stack
page read and write
59A0000
heap
page read and write
8D0000
heap
page read and write
47EE000
stack
page read and write
1C360000
heap
page read and write
1DEBF914000
trusted library allocation
page read and write
2515A6A0000
heap
page read and write
2515A5CE000
heap
page read and write
20F7A113000
heap
page read and write
7FDADFC000
stack
page read and write
7FFD9B816000
trusted library allocation
page read and write
7FFD9BA20000
trusted library allocation
page read and write
68B000
stack
page read and write
E3E000
heap
page read and write
2062000
trusted library allocation
page read and write
25158F90000
heap
page read and write
7FFD9BC20000
trusted library allocation
page read and write
25150594000
trusted library allocation
page read and write
20F7A113000
heap
page read and write
2515A4ED000
heap
page read and write
1BC2E000
stack
page read and write
1B849000
heap
page read and write
FCF000
heap
page read and write
1DEBAC02000
heap
page read and write
1B890000
heap
page read and write
7FFD9B994000
trusted library allocation
page read and write
7FFD9B780000
trusted library allocation
page read and write
E00000
heap
page read and write
7FFD9BA60000
trusted library allocation
page read and write
12D3000
heap
page read and write
1DEBA4FE000
heap
page read and write
25140834000
trusted library allocation
page read and write
1DEBA413000
heap
page read and write
550C000
stack
page read and write
7FFD9BA10000
trusted library allocation
page read and write
1DEBA310000
heap
page read and write
F43000
heap
page read and write
1DEBFCFF000
trusted library allocation
page read and write
7FFD9B950000
trusted library allocation
page read and write
C0B000
unkown
page readonly
A32000
unkown
page readonly
7FFD9B770000
trusted library allocation
page read and write
1370000
heap
page read and write
124B000
trusted library allocation
page execute and read and write
1DEBFA55000
heap
page read and write
251403B0000
heap
page execute and read and write
13CE000
stack
page read and write
12AE000
heap
page read and write
1BA2E000
stack
page read and write
CF1000
stack
page read and write
7FFD9B816000
trusted library allocation
page read and write
1272000
unkown
page readonly
12ABE000
trusted library allocation
page read and write
E77000
heap
page read and write
1DEBAE01000
trusted library allocation
page read and write
FA9000
heap
page read and write
2513E5E0000
heap
page read and write
7FFD9B901000
trusted library allocation
page read and write
7FFD9B9A0000
trusted library allocation
page read and write
1DEBB4F0000
trusted library section
page readonly
20F79D15000
trusted library allocation
page read and write
7FFD9B880000
trusted library allocation
page execute and read and write
2515A4D4000
heap
page read and write
7FFD9B81C000
trusted library allocation
page execute and read and write
2E41000
trusted library allocation
page read and write
2515A73E000
heap
page read and write
87D000
stack
page read and write
7FDACF8000
stack
page read and write
1DEBB840000
trusted library allocation
page read and write
1EA0000
trusted library allocation
page read and write
1DEBA470000
heap
page read and write
E90000
trusted library allocation
page read and write
41D0000
trusted library allocation
page read and write
1056000
heap
page read and write
1DEBFC15000
trusted library allocation
page read and write
2514060E000
trusted library allocation
page read and write
4BBD000
stack
page read and write
7FFD9B917000
trusted library allocation
page read and write
EFD000
heap
page read and write
1DEBAD1A000
heap
page read and write
20F79C0E000
unkown
page read and write
12FE000
stack
page read and write
29905F7000
stack
page read and write
1B8E0000
heap
page read and write
7FDB6FD000
stack
page read and write
1DEBFCBA000
trusted library allocation
page read and write
2514097C000
trusted library allocation
page read and write
2515BFAF000
heap
page read and write
1B903000
heap
page read and write
1DEBA472000
heap
page read and write
1B8E1000
heap
page read and write
589D000
stack
page read and write
7FFD9B9D0000
trusted library allocation
page read and write
830000
heap
page read and write
2CB0000
heap
page read and write
25140445000
trusted library allocation
page read and write
25158F95000
heap
page read and write
7FFD9B784000
trusted library allocation
page read and write
2515A67B000
heap
page read and write
1DEBF9A0000
trusted library allocation
page read and write
1B03D000
stack
page read and write
1DEBA46B000
heap
page read and write
20F7A102000
heap
page read and write
251408E9000
trusted library allocation
page read and write
211000
unkown
page execute read
11D9000
heap
page read and write
2515A5AD000
heap
page read and write
7FFD9B763000
trusted library allocation
page execute and read and write
1617000
trusted library allocation
page read and write
1426000
heap
page read and write
7FDB1FE000
stack
page read and write
2513EA30000
heap
page read and write
11AC000
stack
page read and write
7FFD9B9D0000
trusted library allocation
page read and write
4C10000
trusted library allocation
page execute and read and write
1DEBFA97000
heap
page read and write
7FFD9B763000
trusted library allocation
page execute and read and write
123A000
trusted library allocation
page execute and read and write
1DEBF900000
trusted library allocation
page read and write
7FFD9BA40000
trusted library allocation
page read and write
2515A5D5000
heap
page read and write
7FFD9B937000
trusted library allocation
page read and write
2070000
trusted library allocation
page read and write
10E3000
trusted library allocation
page read and write
7FFD9B910000
trusted library allocation
page read and write
7FFD9B76D000
trusted library allocation
page execute and read and write
7FFD9B943000
trusted library allocation
page read and write
1B460000
heap
page read and write
58A0000
heap
page read and write
1DEBFAF2000
heap
page read and write
7FDB8FE000
stack
page read and write
7FFD9BA05000
trusted library allocation
page read and write
43E0000
trusted library allocation
page read and write
109B000
heap
page read and write
7FFD9B9E0000
trusted library allocation
page read and write
2CA0000
heap
page read and write
2515A792000
heap
page read and write
2515BFB4000
heap
page read and write
7F0000
heap
page read and write
25140A4D000
trusted library allocation
page read and write
1DEBA48C000
heap
page read and write
EFB000
heap
page read and write
299147E000
stack
page read and write
126E000
stack
page read and write
11D0000
heap
page read and write
2515A60B000
heap
page read and write
1DEBAD00000
heap
page read and write
9CC000
stack
page read and write
1DEBFCA0000
trusted library allocation
page read and write
7FFD9BAFB000
trusted library allocation
page read and write
2DD0000
unkown
page readonly
7FFD9B909000
trusted library allocation
page read and write
1DEBB4D0000
trusted library section
page readonly
7FFD9B91B000
trusted library allocation
page read and write
1086000
heap
page read and write
25140363000
heap
page read and write
2D9E000
stack
page read and write
1DEBFC4D000
trusted library allocation
page read and write
7FFD9B905000
trusted library allocation
page read and write
7FFD9B910000
trusted library allocation
page read and write
2515BEE0000
heap
page read and write
1DEBFAE6000
heap
page read and write
C11000
unkown
page write copy
7FFD9BB90000
trusted library allocation
page execute and read and write
7FFD9B95C000
trusted library allocation
page read and write
1B8E000
stack
page read and write
1B76E000
stack
page read and write
251505E8000
trusted library allocation
page read and write
4A2F000
stack
page read and write
5610000
trusted library allocation
page read and write
F45000
heap
page read and write
7FFD9B998000
trusted library allocation
page read and write
44DE000
stack
page read and write
10E0000
trusted library allocation
page read and write
299207E000
stack
page read and write
20F7A100000
heap
page read and write
1DEBA502000
heap
page read and write
25158FA0000
heap
page read and write
1DEBFC00000
trusted library allocation
page read and write
2513E5A0000
heap
page read and write
128B000
heap
page read and write
CF8000
stack
page read and write
7FFD9B9B0000
trusted library allocation
page read and write
25140209000
heap
page read and write
29908FE000
stack
page read and write
2515A733000
heap
page read and write
7FFD9BA87000
trusted library allocation
page read and write
835000
heap
page read and write
C13000
unkown
page readonly
25140984000
trusted library allocation
page read and write
2513E62E000
heap
page read and write
7FFD9B950000
trusted library allocation
page execute and read and write
2515A6AA000
heap
page read and write
10F5000
heap
page read and write
2990AFA000
stack
page read and write
207A000
trusted library allocation
page read and write
1DEBAD1A000
heap
page read and write
29914FE000
unkown
page readonly
1DEBB4B0000
trusted library section
page readonly
4215000
trusted library allocation
page read and write
5FDA000
stack
page read and write
25140988000
trusted library allocation
page read and write
251401C0000
heap
page read and write
2513E7E0000
trusted library allocation
page read and write
2513E5E8000
heap
page read and write
25158FEB000
heap
page read and write
2515A62F000
heap
page read and write
1DEBFC56000
trusted library allocation
page read and write
1BF70000
heap
page execute and read and write
1DEBAD02000
heap
page read and write
7FFD9B970000
trusted library allocation
page read and write
2DB4000
unkown
page readonly
7FFD9BAC0000
trusted library allocation
page read and write
7FFD9B980000
trusted library allocation
page read and write
2513E823000
heap
page execute and read and write
2515BFAA000
heap
page read and write
D40000
heap
page read and write
FD0000
heap
page read and write
E30000
heap
page read and write
25140990000
trusted library allocation
page read and write
25140A4B000
trusted library allocation
page read and write
5EDD000
stack
page read and write
1BF73000
heap
page execute and read and write
10F0000
heap
page read and write
7FFD9BA90000
trusted library allocation
page read and write
7FFD9B81C000
trusted library allocation
page execute and read and write
BDE000
stack
page read and write
7FFD9B9B0000
trusted library allocation
page read and write
C01000
unkown
page execute read
7FFD9B9B0000
trusted library allocation
page read and write
7FFD9B764000
trusted library allocation
page read and write
1DEBAB90000
trusted library section
page read and write
4290000
trusted library allocation
page execute and read and write
7FDB4FD000
stack
page read and write
2AA0000
heap
page read and write
4229000
trusted library allocation
page read and write
2513E820000
heap
page execute and read and write
1B440000
unkown
page readonly
D1E000
stack
page read and write
7FFD9B958000
trusted library allocation
page read and write
20F79C2B000
heap
page read and write
1B10000
trusted library allocation
page execute and read and write
1DEBA513000
heap
page read and write
251405FE000
trusted library allocation
page read and write
7FFD9B846000
trusted library allocation
page execute and read and write
1020000
heap
page read and write
7FFD9B9C0000
trusted library allocation
page read and write
2513E890000
heap
page read and write
1040000
trusted library section
page read and write
C01000
unkown
page execute read
5D40000
trusted library allocation
page read and write
EC8000
heap
page read and write
2B6F000
trusted library allocation
page read and write
A30000
unkown
page readonly
25140639000
trusted library allocation
page read and write
4270000
trusted library allocation
page read and write
25140970000
trusted library allocation
page read and write
8DA000
heap
page read and write
1DEBA458000
heap
page read and write
1600000
trusted library allocation
page read and write
25150454000
trusted library allocation
page read and write
560C000
stack
page read and write
2515A5F8000
heap
page read and write
1B40000
heap
page execute and read and write
4230000
trusted library allocation
page read and write
44E0000
trusted library allocation
page read and write
1B904000
heap
page read and write
102C000
heap
page read and write
7FFD9B7BC000
trusted library allocation
page execute and read and write
1232000
trusted library allocation
page read and write
20F79C13000
unkown
page read and write
1DEBF850000
trusted library allocation
page read and write
7FDAAFB000
stack
page read and write
2990EFB000
stack
page read and write
F8A000
heap
page read and write
1214000
trusted library allocation
page read and write
BF0000
trusted library allocation
page read and write
251401D0000
heap
page read and write
B80000
heap
page read and write
D20000
heap
page read and write
4460000
unkown
page readonly
2DA0000
unkown
page readonly
1B85D000
heap
page read and write
1200000
trusted library allocation
page read and write
7FFD9B986000
trusted library allocation
page read and write
25158FC9000
heap
page read and write
1BA0000
trusted library allocation
page read and write
1B8B6000
heap
page read and write
1031000
heap
page read and write
7FFD9B97B000
trusted library allocation
page read and write
1DEBAC00000
heap
page read and write
1DEBA497000
heap
page read and write
224000
unkown
page read and write
7FFD9B760000
trusted library allocation
page read and write
25140974000
trusted library allocation
page read and write
2515A6FF000
heap
page read and write
20F79D00000
trusted library allocation
page read and write
1DEBF8E0000
trusted library allocation
page read and write
12AC0000
trusted library allocation
page read and write
2515A6A6000
heap
page read and write
4A50000
trusted library allocation
page read and write
7FFD9B922000
trusted library allocation
page read and write
1DEBFAF2000
heap
page read and write
1667000
heap
page read and write
224000
unkown
page read and write
1DEBA4B4000
heap
page read and write
12A0000
heap
page read and write
7FFD9B9D0000
trusted library allocation
page read and write
B9E000
stack
page read and write
10BE000
stack
page read and write
800000
heap
page read and write
2515A4D8000
heap
page read and write
10D0000
heap
page execute and read and write
4C00000
trusted library allocation
page read and write
1DEBA3F0000
heap
page read and write
7FFD9B93D000
trusted library allocation
page read and write
7FFD9BA70000
trusted library allocation
page read and write
1660000
heap
page read and write
7FFD9B900000
trusted library allocation
page read and write
29918FE000
unkown
page readonly
1BE78000
stack
page read and write
7FFD9B9F1000
trusted library allocation
page read and write
12AE000
stack
page read and write
2C1F000
stack
page read and write
1DEBFAC1000
heap
page read and write
D8E000
stack
page read and write
EF4000
stack
page read and write
1077000
heap
page read and write
251405B9000
trusted library allocation
page read and write
7FDA9FE000
stack
page read and write
25140288000
heap
page read and write
7FFD9B960000
trusted library allocation
page read and write
4500000
unkown
page readonly
20F79C11000
unkown
page read and write
160D000
trusted library allocation
page execute and read and write
2E81000
trusted library allocation
page read and write
2514042F000
trusted library allocation
page read and write
25140273000
heap
page read and write
25140BBC000
trusted library allocation
page read and write
7FF438CE0000
trusted library allocation
page execute and read and write
1B820000
heap
page read and write
1BDE2000
unkown
page readonly
7FFD9BB30000
trusted library allocation
page read and write
7FFD9B915000
trusted library allocation
page read and write
1213000
trusted library allocation
page execute and read and write
29912FE000
unkown
page readonly
1360000
heap
page read and write
48EE000
stack
page read and write
4220000
trusted library allocation
page read and write
E6D000
stack
page read and write
7FFD9B77D000
trusted library allocation
page execute and read and write
2514098C000
trusted library allocation
page read and write
1DEBFB02000
heap
page read and write
2515A5A7000
heap
page read and write
29916FE000
unkown
page readonly
1BDE0000
unkown
page readonly
4A60000
trusted library allocation
page read and write
7FFD9B810000
trusted library allocation
page read and write
42A0000
trusted library allocation
page read and write
E40000
heap
page read and write
1B918000
heap
page read and write
2EBF000
stack
page read and write
7FFD9B930000
trusted library allocation
page read and write
7FFD9BA00000
trusted library allocation
page read and write
25140978000
trusted library allocation
page read and write
1DEBFC70000
remote allocation
page read and write
C00000
unkown
page readonly
1DEBA42B000
heap
page read and write
FD1000
heap
page read and write
7FFD9B950000
trusted library allocation
page read and write
29915FE000
unkown
page readonly
251583F0000
trusted library allocation
page read and write
1B898000
heap
page read and write
E69000
heap
page read and write
4201000
trusted library allocation
page read and write
1DEBFC70000
remote allocation
page read and write
2DA2000
unkown
page readonly
1DEBFC0E000
trusted library allocation
page read and write
1B8F8000
heap
page read and write
2515BF1D000
heap
page read and write
7FFD9B955000
trusted library allocation
page read and write
7FFD9B760000
trusted library allocation
page read and write
7FFD9B9A0000
trusted library allocation
page read and write
1DEBFACB000
heap
page read and write
2513E580000
heap
page read and write
251402D0000
heap
page execute and read and write
25140A2E000
trusted library allocation
page read and write
7FFD9B9C0000
trusted library allocation
page read and write
1247000
trusted library allocation
page execute and read and write
25150686000
trusted library allocation
page read and write
1DEBFA62000
heap
page read and write
7FFD9B78B000
trusted library allocation
page execute and read and write
1610000
trusted library allocation
page read and write
1BD0000
trusted library allocation
page read and write
EE6000
heap
page read and write
20F79B20000
heap
page read and write
1DEBB3C0000
trusted library allocation
page read and write
206A000
trusted library allocation
page read and write
1B84E000
heap
page read and write
2515A783000
heap
page read and write
2513E770000
heap
page read and write
1DEBA48E000
heap
page read and write
7FDA3DE000
stack
page read and write
12E8F000
trusted library allocation
page read and write
1E86000
trusted library allocation
page read and write
29906FE000
unkown
page readonly
4A6F000
trusted library allocation
page read and write
251503C1000
trusted library allocation
page read and write
15C8000
stack
page read and write
20F79C39000
heap
page read and write
25158FB0000
heap
page read and write
2CF1000
trusted library allocation
page read and write
1B810000
heap
page execute and read and write
540C000
stack
page read and write
25158D40000
heap
page read and write
2D30000
trusted library allocation
page read and write
1B400000
trusted library section
page read and write
C11000
unkown
page read and write
B50000
heap
page read and write
7FFD9B970000
trusted library allocation
page execute and read and write
44F0000
trusted library allocation
page read and write
1B879000
heap
page read and write
1DEBFC08000
trusted library allocation
page read and write
5240000
unkown
page readonly
1DEBFAF6000
heap
page read and write
7FFD9B9F9000
trusted library allocation
page read and write
25140390000
heap
page read and write
7FFD9BB00000
trusted library allocation
page read and write
207E000
trusted library allocation
page read and write
41E6000
trusted library allocation
page read and write
43D0000
trusted library allocation
page read and write
1DEBA492000
heap
page read and write
1B0E000
stack
page read and write
2515A5E4000
heap
page read and write
121D000
trusted library allocation
page execute and read and write
25140268000
heap
page read and write
2513E790000
heap
page read and write
575B000
stack
page read and write
1245000
trusted library allocation
page execute and read and write
1DEBAA80000
trusted library allocation
page read and write
1DEBFA42000
heap
page read and write
4280000
trusted library allocation
page read and write
2514077B000
trusted library allocation
page read and write
2DD0000
trusted library allocation
page read and write
1270000
unkown
page readonly
1DEBB4A0000
trusted library section
page readonly
1CEF000
stack
page read and write
1C076000
stack
page read and write
25140BC3000
trusted library allocation
page read and write
1E94000
trusted library allocation
page read and write
2AB1000
trusted library allocation
page read and write
12D0000
heap
page read and write
7FFD9BB50000
trusted library allocation
page read and write
25140360000
heap
page read and write
12E81000
trusted library allocation
page read and write
25158FDA000
heap
page read and write
1DEBA4A4000
heap
page read and write
1C27D000
stack
page read and write
1DEBFB11000
heap
page read and write
1626000
trusted library allocation
page execute and read and write
2E8F000
trusted library allocation
page read and write
1DEBFCE5000
trusted library allocation
page read and write
1330000
heap
page read and write
1DEBA490000
heap
page read and write
7FFD9B78B000
trusted library allocation
page execute and read and write
1210000
heap
page read and write
7FFD9B956000
trusted library allocation
page read and write
2513E640000
heap
page read and write
1DEBB4C0000
trusted library section
page readonly
43F0000
trusted library allocation
page read and write
7FFD9B990000
trusted library allocation
page read and write
2C90000
heap
page read and write
2514044D000
trusted library allocation
page read and write
F03000
heap
page read and write
1DEBF9B0000
trusted library allocation
page read and write
25140449000
trusted library allocation
page read and write
161D000
trusted library allocation
page execute and read and write
20F79E00000
trusted library allocation
page read and write
2990DFE000
unkown
page readonly
7FFD9B880000
trusted library allocation
page execute and read and write
1B85F000
heap
page read and write
251504C1000
trusted library allocation
page read and write
2515BF03000
heap
page read and write
2990BFE000
unkown
page readonly
1DEBF8D0000
trusted library allocation
page read and write
1DEBFC72000
trusted library allocation
page read and write
107B000
heap
page read and write
2513E624000
heap
page read and write
1DEBAC15000
heap
page read and write
EC0000
heap
page read and write
2990FFE000
unkown
page readonly
F09000
heap
page read and write
DB0000
heap
page read and write
7FFD9B9CE000
trusted library allocation
page read and write
2DC0000
trusted library allocation
page read and write
7FFD9BB10000
trusted library allocation
page read and write
7FFD9BB60000
trusted library allocation
page execute and read and write
D30000
heap
page read and write
2514089A000
trusted library allocation
page read and write
7FFD9B94C000
trusted library allocation
page read and write
12D6000
heap
page read and write
2EB7000
trusted library allocation
page read and write
1230000
trusted library allocation
page read and write
11B0000
heap
page read and write
7FDABFF000
stack
page read and write
1B830000
heap
page read and write
1637000
trusted library allocation
page execute and read and write
7FFD9B846000
trusted library allocation
page execute and read and write
7FFD9B764000
trusted library allocation
page read and write
7FFD9B987000
trusted library allocation
page read and write
1DEBFC91000
trusted library allocation
page read and write
7FFD9BB40000
trusted library allocation
page read and write
7FFD9B78D000
trusted library allocation
page execute and read and write
2515A739000
heap
page read and write
1DEBF8E1000
trusted library allocation
page read and write
7FFD9B77D000
trusted library allocation
page execute and read and write
2515A5A0000
heap
page read and write
226000
unkown
page readonly
7FFD9B772000
trusted library allocation
page read and write
25150560000
trusted library allocation
page read and write
7FFD9B9D3000
trusted library allocation
page read and write
1DEBFAFB000
heap
page read and write
29920FE000
unkown
page readonly
1DEBFCF4000
trusted library allocation
page read and write
25140616000
trusted library allocation
page read and write
2D01000
trusted library allocation
page read and write
7FFD9B846000
trusted library allocation
page execute and read and write
2E40000
heap
page execute and read and write
1DEBFC6F000
trusted library allocation
page read and write
7FFD9B908000
trusted library allocation
page read and write
21D000
unkown
page readonly
1DEBFA2C000
heap
page read and write
7FFD9BA50000
trusted library allocation
page read and write
DFE000
stack
page read and write
10C0000
trusted library allocation
page read and write
1DEBFB0F000
heap
page read and write
12AB1000
trusted library allocation
page read and write
25140190000
heap
page read and write
EA0000
heap
page read and write
96B000
heap
page read and write
E3B000
heap
page read and write
7FFD9B820000
trusted library allocation
page execute and read and write
1BB2E000
stack
page read and write
20F79D24000
heap
page read and write
20F79C00000
unkown
page read and write
29910FB000
stack
page read and write
2513E800000
trusted library allocation
page read and write
29917FE000
unkown
page readonly
7FFD9B780000
trusted library allocation
page read and write
1DEBFB0A000
heap
page read and write
2515A4C7000
heap
page read and write
E20000
heap
page read and write
251405F6000
trusted library allocation
page read and write
2991AFE000
unkown
page readonly
5FE0000
trusted library allocation
page execute and read and write
1DEBB2A1000
trusted library allocation
page read and write
2513E5FC000
heap
page read and write
2515A4A0000
heap
page read and write
21D000
unkown
page readonly
2513E570000
heap
page read and write
1DEBF840000
trusted library allocation
page read and write
7FFD9B810000
trusted library allocation
page read and write
2515A618000
heap
page read and write
7FFD9BA30000
trusted library allocation
page read and write
1DEBFC00000
trusted library allocation
page read and write
124C000
heap
page read and write
25150550000
trusted library allocation
page read and write
20F79C02000
unkown
page read and write
7FFD9BC10000
trusted library allocation
page read and write
1218000
heap
page read and write
12BE000
heap
page read and write
2CC0000
heap
page read and write
1DEBAD13000
heap
page read and write
1CF1000
trusted library allocation
page read and write
EA5000
heap
page read and write
25140052000
heap
page read and write
12BC000
heap
page read and write
7FFD9B880000
trusted library allocation
page execute and read and write
2515A643000
heap
page read and write
1DEBFCA3000
trusted library allocation
page read and write
2990CFC000
stack
page read and write
2514085F000
trusted library allocation
page read and write
5BDB000
stack
page read and write
2B5E000
stack
page read and write
2513E664000
heap
page read and write
20F79C36000
heap
page read and write
7FFD9B913000
trusted library allocation
page read and write
2515BF21000
heap
page read and write
1B20000
trusted library allocation
page read and write
1DEBF900000
trusted library allocation
page read and write
1604000
trusted library allocation
page read and write
4ACD000
stack
page read and write
1420000
heap
page read and write
7FFD9B930000
trusted library allocation
page read and write
251403DA000
trusted library allocation
page read and write
8BE000
stack
page read and write
7FFD9B98E000
trusted library allocation
page read and write
1DEBFC64000
trusted library allocation
page read and write
25150584000
trusted library allocation
page read and write
7FFD9B920000
trusted library allocation
page read and write
251405FA000
trusted library allocation
page read and write
BA0000
heap
page read and write
299177E000
stack
page read and write
20F7A100000
heap
page read and write
7FFD9B900000
trusted library allocation
page read and write
2513E5EA000
heap
page read and write
1DEBFCC2000
trusted library allocation
page read and write
7FDA353000
stack
page read and write
1B874000
heap
page read and write
2514022D000
heap
page read and write
25150596000
trusted library allocation
page read and write
41FE000
trusted library allocation
page read and write
7FFD9BB20000
trusted library allocation
page read and write
205E000
trusted library allocation
page read and write
1603000
trusted library allocation
page execute and read and write
1B9B0000
trusted library allocation
page read and write
1650000
trusted library allocation
page read and write
5242000
unkown
page readonly
5BF0000
trusted library allocation
page read and write
1DEBFAE2000
heap
page read and write
7FFD9BAE0000
trusted library allocation
page read and write
428A000
trusted library allocation
page read and write
2513E5C5000
heap
page read and write
3E8E000
stack
page read and write
C00000
unkown
page readonly
5230000
heap
page execute and read and write
1220000
trusted library allocation
page read and write
FE5000
heap
page read and write
2514043C000
trusted library allocation
page read and write
530A000
stack
page read and write
7FFD9B949000
trusted library allocation
page read and write
7FFD9B78D000
trusted library allocation
page execute and read and write
163B000
trusted library allocation
page execute and read and write
1242000
trusted library allocation
page read and write
7FFD9B810000
trusted library allocation
page read and write
4400000
trusted library allocation
page read and write
2515BEEE000
heap
page read and write
7FFD9B9A0000
trusted library allocation
page read and write
224000
unkown
page write copy
7FFD9BAD0000
trusted library allocation
page read and write
4A30000
trusted library allocation
page execute and read and write
2515A667000
heap
page read and write
25140994000
trusted library allocation
page read and write
1C350000
heap
page read and write
25140BAC000
trusted library allocation
page read and write
78C000
stack
page read and write
1B8E4000
heap
page read and write
1350000
trusted library allocation
page execute and read and write
7FFD9B784000
trusted library allocation
page read and write
20F79B00000
heap
page read and write
1240000
trusted library allocation
page read and write
1B8FC000
heap
page read and write
20F7A002000
heap
page read and write
2DE0000
trusted library allocation
page read and write
2B90000
heap
page read and write
7FFD9B917000
trusted library allocation
page read and write
2515A731000
heap
page read and write
492E000
stack
page read and write
2CF7000
trusted library allocation
page read and write
251583C0000
trusted library allocation
page read and write
2074000
trusted library allocation
page read and write
41E2000
trusted library allocation
page read and write
7FFD9B773000
trusted library allocation
page read and write
C0B000
unkown
page readonly
299167E000
stack
page read and write
F1B000
heap
page read and write
F10000
trusted library allocation
page read and write
1B87F000
heap
page read and write
251405F2000
trusted library allocation
page read and write
1DEBFAE1000
heap
page read and write
1DEBFCE8000
trusted library allocation
page read and write
7FFD9B7BC000
trusted library allocation
page execute and read and write
1DEBA4A2000
heap
page read and write
20F79D02000
trusted library allocation
page read and write
1DEBF8B0000
trusted library allocation
page read and write
1B901000
heap
page read and write
251401E1000
heap
page read and write
1DEBF9A0000
trusted library allocation
page read and write
FA0000
heap
page read and write
2513E895000
heap
page read and write
7FFD9B764000
trusted library allocation
page read and write
2515A60F000
heap
page read and write
251504B2000
trusted library allocation
page read and write
1B990000
heap
page execute and read and write
7FFD9B920000
trusted library allocation
page read and write
115F000
stack
page read and write
4A80000
trusted library allocation
page execute and read and write
299137E000
stack
page read and write
7FDA39E000
stack
page read and write
25158FCD000
heap
page read and write
2515059E000
trusted library allocation
page read and write
422B000
trusted library allocation
page read and write
2076000
trusted library allocation
page read and write
1203000
heap
page read and write
7FDB7FD000
stack
page read and write
1DEBFCFC000
trusted library allocation
page read and write
25140980000
trusted library allocation
page read and write
1050000
heap
page read and write
7FFD9B820000
trusted library allocation
page execute and read and write
29913FE000
unkown
page readonly
7FFD9B913000
trusted library allocation
page read and write
1620000
trusted library allocation
page read and write
1DEBFA4F000
heap
page read and write
1DEBA42F000
heap
page read and write
7FFD9B770000
trusted library allocation
page read and write
1B56E000
stack
page read and write
251403C1000
trusted library allocation
page read and write
1DEBA4B0000
heap
page read and write
2E10000
trusted library allocation
page read and write
25140602000
trusted library allocation
page read and write
1DEBF8E0000
trusted library allocation
page read and write
251505A2000
trusted library allocation
page read and write
20F7A102000
heap
page read and write
2513E860000
trusted library allocation
page read and write
7FFD9B930000
trusted library allocation
page read and write
1C176000
stack
page read and write
1DEBFC20000
trusted library allocation
page read and write
1DEBA43F000
heap
page read and write
2514060A000
trusted library allocation
page read and write
FED000
heap
page read and write
2515A0C2000
trusted library allocation
page read and write
1DEBF910000
trusted library allocation
page read and write
E402AFE000
stack
page read and write
1B8CE000
heap
page read and write
1DEBFA5B000
heap
page read and write
210000
unkown
page readonly
1075000
heap
page read and write
43C7000
trusted library allocation
page read and write
2E51000
trusted library allocation
page read and write
6130000
heap
page read and write
1DEBFC70000
remote allocation
page read and write
7FFD9BA80000
trusted library allocation
page read and write
7FDB2FE000
stack
page read and write
7FFD9BB70000
trusted library allocation
page read and write
7FFD9BB80000
trusted library allocation
page read and write
299157E000
stack
page read and write
25140919000
trusted library allocation
page read and write
1B886000
heap
page read and write
1E8B000
trusted library allocation
page read and write
1DEBFC18000
trusted library allocation
page read and write
1DEBF8D0000
trusted library allocation
page read and write
1DEBFCF1000
trusted library allocation
page read and write
1DEBFAC4000
heap
page read and write
There are 877 hidden memdumps, click here to show them.