Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
installer.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {EEC7FF0D-3F84-42B8-A8DE-D00B0E91B91D}, Number of Words: 10, Subject: App x installer, Author: Coors Q Corporation,
Name of Creating Application: App x installer, Template: x64;2057, Comments: This installer database contains the logic and
data required to install App x installer., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date:
Tue Dec 24 10:35:19 2024, Last Saved Time/Date: Tue Dec 24 10:35:19 2024, Last Printed: Tue Dec 24 10:35:19 2024, Number of
Pages: 450
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\msi56AA.txt
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\pss56BD.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scr56AB.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Config.Msi\592106.rbs
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ac42ywzw.pnj.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xfwxtefk.zro.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\BCUninstaller.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\ImporterREDServer.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\UnRar.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-console-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-console-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-datetime-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-debug-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-errorhandling-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-file-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-file-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-file-l2-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-handle-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-heap-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-interlocked-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-libraryloader-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-localization-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-memory-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-namedpipe-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-processenvironment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-processthreads-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-processthreads-l1-1-1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-profile-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-rtlsupport-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-string-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-synch-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-synch-l1-2-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-sysinfo-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-timezone-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-core-util-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-crt-conio-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-crt-convert-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-crt-environment-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\api-ms-win-crt-filesystem-l1-1-0.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\boost_date_time.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\boost_filesystem.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\boost_program_options.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\boost_regex.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\boost_system.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\boost_threads.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\createdump.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\dvacore.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\dvaunittesting.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\ghiuoqfj.rar
|
RAR archive data, v5
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\msvcp140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\suriqk.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\classes.jsa
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\classes_nocoops.jsa
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\java.datatransfer.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\java.desktop.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\java.instrument.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\java.logging.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\java.management.jmod
|
Java jmod module version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\utest.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\vcruntime140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\vcruntime140_1.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}\icon_22.exe
|
MS Windows icon resource - 7 icons, 256x256, 32 bits/pixel, -128x-128, 32 bits/pixel
|
dropped
|
||
|
C:\Windows\Installer\592104.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {EEC7FF0D-3F84-42B8-A8DE-D00B0E91B91D}, Number of Words: 10, Subject: App x installer, Author: Coors Q Corporation,
Name of Creating Application: App x installer, Template: x64;2057, Comments: This installer database contains the logic and
data required to install App x installer., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date:
Tue Dec 24 10:35:19 2024, Last Saved Time/Date: Tue Dec 24 10:35:19 2024, Last Printed: Tue Dec 24 10:35:19 2024, Number of
Pages: 450
|
dropped
|
||
|
C:\Windows\Installer\592107.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Security: 0, Code page: 1252,
Revision Number: {EEC7FF0D-3F84-42B8-A8DE-D00B0E91B91D}, Number of Words: 10, Subject: App x installer, Author: Coors Q Corporation,
Name of Creating Application: App x installer, Template: x64;2057, Comments: This installer database contains the logic and
data required to install App x installer., Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date:
Tue Dec 24 10:35:19 2024, Last Saved Time/Date: Tue Dec 24 10:35:19 2024, Last Printed: Tue Dec 24 10:35:19 2024, Number of
Pages: 450
|
dropped
|
||
|
C:\Windows\Installer\MSI29ED.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2A5B.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2A9B.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2AEA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2B39.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2B69.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI2BA9.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI4963.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSI5599.tmp
|
data
|
dropped
|
||
|
C:\Windows\Installer\MSI55AA.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF1532B0E5BE53704F.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF1D164618692E272C.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF1E3A5800360CA94D.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF3733BBF1C279C69A.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DF4AFD094CB6DB1597.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF99F9FC8BD15D75EC.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFA693C1C9851578A8.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFAB1B6D022B5864A8.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFAF8545830B8C22C5.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFC9EB8C3F528A2344.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Temp\~DFCCE253544FE4A88A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFF38F92FB4340F433.TMP
|
data
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
There are 82 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\msiexec.exe
|
"C:\Windows\System32\msiexec.exe" /i "C:\Users\user\Desktop\installer.msi"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding 3138A056C811D1F6BC08A5B6A4F984EC
|
|
|
|
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Temp\pss56BD.ps1" -propFile "C:\Users\user\AppData\Local\Temp\msi56AA.txt"
-scriptFile "C:\Users\user\AppData\Local\Temp\scr56AB.ps1" -scriptArgsFile "C:\Users\user\AppData\Local\Temp\scr56AC.txt"
-propSep " :<->: " -lineSep " <<:>> " -testPrefix "_testValue."
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\suriqk.bat" "C:\Users\user\AppData\Roaming\Coors
Q Corporation\App x installer\ImporterREDServer.exe""
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\createdump.exe
|
"C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\createdump.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\ImporterREDServer.exe
|
"C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\ImporterREDServer.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 1 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://trailbuddymaps.com/updater.php
|
172.67.196.179
|
|
|
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://java.oracle.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
http://schemas.mick
|
unknown
|
||
|
http://xml.org/sax/features/external-general-entitieshttp://xml.org/sax/features/external-parameter-
|
unknown
|
||
|
https://aka.ms/pscore6lBkq
|
unknown
|
||
|
https://trailbuddymaps.com/updater.phpx
|
unknown
|
||
|
https://aka.ms/winui2/webview2download/Reload():
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
trailbuddymaps.com
|
172.67.196.179
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.196.179
|
trailbuddymaps.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\592106.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\592106.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E443C93FE38A0674D88A2F672090B5F4
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\187E38CB2ED78A74793CE2C69CCBDA28
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E7EE285D6BCFBB0488FD8D57166FADAC
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\51125544FAB230246BBFE149506FE373
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\065A82ED1E5E5304C83A443964682A94
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\89B93D30BB7E2604DB2903D746A2C51F
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\3E23C972A00A3154A9B83D89A4146ABF
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\574D5B86D91DF25448D9F526CAAE9C9D
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\14BA7B05AF5C8754DA7B962E06A867B6
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\9B5AF4DE1AB2060489B6AE7B3EA194D6
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\49982E48A3B4BC04FA606F6079F49621
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\C66308C74B87A2543A43E47D5062F642
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\23FCC08CDC982854E8B3DC110D4BA6F0
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\4E53B16B1EB817146BB92E24C39E71F9
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\EE69BDDFD74852B4581B566E26FC368A
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\DE8D80696CE804542B23A42863608F26
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\6D8E6B71400CBD04BBD221D5C7C12CE1
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\9737E2B1877BA2647A4AC547869EDF03
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\65624D8381D30F249B874F58E818676E
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1D6B9F26743114741949E7CBD0850B50
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\876E9D03A3628184781AD86C940640F7
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\281AF9D8612EF2E47BDAFD353EBB66DB
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\D63B3F7EA8654C24FB42180178BBBF34
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\C04D16F8CDF5F4543AC9A3616BA42840
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\74BFD8668DF9CDF4DAE798C67C0F5E07
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E84195AD854B9A744A14CCC0101E24CE
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1DD769335A51CEF409558BD4F1FD0D16
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\A90F39F166BA2EA44BC33F5B99568A56
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\448F614546145E44A8D80DE268772838
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\05FD0BAA4CB2CD9439DCE5CDE594202A
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\314863730BAF8734C8564E85B3A047C8
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\EA86D228823216D438705787F640D3A5
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\6B5745FE5D94C414FA11D00F7E2AB400
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\6B581FFC20289EB4099D141CDE7359BB
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\99506DC9F6A09D640842631E2BC2AC70
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\210EE68B5FD50E34281311DD8E8CA8CE
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\BF72C907D7DD14443B547200FB74B315
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E7F5D6A9A9F5C584282653FB24AE4CCB
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\B218C6F033F3D9F4E9F7F1687CFC5E4E
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\ECEF6DC4638DFEF4686CB4AA8C90A457
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\799575847269DFB4B90DB80E9AE3F513
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\9AB49572650F2254CB98AFD3B7DA9B2E
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\1DA51AE393E3A2E44AD642274DF874C9
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\EE9277BB1523DD045952C0B8CCCF2CF8
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\27B23E0DE8354FA4984FE3E6EA64A0DA
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E053C72B9492790418B6BC8963A132B1
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\418D33948A06A3141BB101F3E34641AE
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\30E3084F57A08354080B6375A86D0459
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\57D46BCA90CDE574793A997F4D70B5FE
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\BE3F70CAE98AB094E896B57BD601796E
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\E571FA2CC5C29C246B485717ABC8D733
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Components\6518C1A5576E11E4FBC0C0E45F2E3C59
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Coors Q Corporation\App x installer\una_front\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Users\user\AppData\Roaming\Microsoft\Installer\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}\
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Coors Q Corporation\App x installer
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Coors Q Corporation\App x installer
|
Path
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Coors Q Corporation\App x installer
|
CivineQuiteLic
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Coors Q Corporation\App x installer\Durox
|
Ver
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
LocalPackage
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
AuthorizedCDFPrefix
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
InstallSource
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Size
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
WindowsInstaller
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\8F320D1FA6528E84EB0BE61ED47DBC80
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\InstallProperties
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C431E5A6-B7FF-4C83-AA62-6161DB3498C7}
|
DisplayName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\6A5E134CFF7B38C4AA261616BD43897C
|
MainFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\Features
|
MainFeature
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2246122658-3693405117-2476756634-1002\Products\6A5E134CFF7B38C4AA261616BD43897C\Patches
|
AllPatches
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
ProductName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
PackageCode
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
Language
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
Version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
Assignment
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
AdvertiseFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
ProductIcon
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
InstanceType
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
AuthorizedLUAApp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
DeploymentFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\UpgradeCodes\8F320D1FA6528E84EB0BE61ED47DBC80
|
6A5E134CFF7B38C4AA261616BD43897C
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C\SourceList
|
PackageName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C\SourceList\Net
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C\SourceList\Media
|
DiskPrompt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C\SourceList\Media
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C
|
Clients
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\6A5E134CFF7B38C4AA261616BD43897C\SourceList
|
LastUsedSource
|
There are 129 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
317E000
|
stack
|
page read and write
|
||
|
8720000
|
trusted library allocation
|
page read and write
|
||
|
8780000
|
heap
|
page read and write
|
||
|
4D08000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
78E0000
|
heap
|
page read and write
|
||
|
7C90000
|
trusted library allocation
|
page read and write
|
||
|
787E000
|
heap
|
page read and write
|
||
|
79B1000
|
heap
|
page read and write
|
||
|
73EB000
|
stack
|
page read and write
|
||
|
769E000
|
stack
|
page read and write
|
||
|
31A6000
|
heap
|
page read and write
|
||
|
3492000
|
trusted library allocation
|
page read and write
|
||
|
3464000
|
trusted library allocation
|
page read and write
|
||
|
7FFE0EC64000
|
unkown
|
page write copy
|
||
|
7931000
|
heap
|
page read and write
|
||
|
87DE000
|
stack
|
page read and write
|
||
|
7B05000
|
trusted library allocation
|
page read and write
|
||
|
756E000
|
stack
|
page read and write
|
||
|
8790000
|
heap
|
page read and write
|
||
|
7FFE0EC63000
|
unkown
|
page read and write
|
||
|
7928000
|
heap
|
page read and write
|
||
|
2B194C20000
|
heap
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
3079000
|
stack
|
page read and write
|
||
|
4E7E000
|
stack
|
page read and write
|
||
|
2B194DC0000
|
heap
|
page read and write
|
||
|
7AC0000
|
trusted library allocation
|
page read and write
|
||
|
787C000
|
heap
|
page read and write
|
||
|
31DC000
|
heap
|
page read and write
|
||
|
7FFE0EBE0000
|
unkown
|
page readonly
|
||
|
7B10000
|
trusted library allocation
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
72AE000
|
stack
|
page read and write
|
||
|
74EA000
|
stack
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page read and write
|
||
|
3460000
|
trusted library allocation
|
page read and write
|
||
|
7FFE0EC35000
|
unkown
|
page readonly
|
||
|
8820000
|
heap
|
page read and write
|
||
|
7C20000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
7FFE1A451000
|
unkown
|
page execute read
|
||
|
7D00000
|
trusted library allocation
|
page read and write
|
||
|
625A000
|
trusted library allocation
|
page read and write
|
||
|
7FF7B8DFD000
|
unkown
|
page readonly
|
||
|
7FF7B8DF1000
|
unkown
|
page execute read
|
||
|
5A9000
|
heap
|
page read and write
|
||
|
7C70000
|
trusted library allocation
|
page read and write
|
||
|
7FF7B8DFC000
|
unkown
|
page write copy
|
||
|
1802BB000
|
unkown
|
page read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
3289000
|
heap
|
page read and write
|
||
|
3519000
|
heap
|
page read and write
|
||
|
7FF7B8DF0000
|
unkown
|
page readonly
|
||
|
7FFE148E0000
|
unkown
|
page readonly
|
||
|
8730000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
heap
|
page read and write
|
||
|
7FF7B8DF0000
|
unkown
|
page readonly
|
||
|
7D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AB0000
|
trusted library allocation
|
page read and write
|
||
|
7919000
|
heap
|
page read and write
|
||
|
7FFE0EC67000
|
unkown
|
page readonly
|
||
|
78C6000
|
heap
|
page read and write
|
||
|
6219000
|
trusted library allocation
|
page read and write
|
||
|
180429000
|
unkown
|
page write copy
|
||
|
7B9E000
|
stack
|
page read and write
|
||
|
8839000
|
heap
|
page read and write
|
||
|
31E8000
|
heap
|
page read and write
|
||
|
7CE0000
|
trusted library allocation
|
page read and write
|
||
|
346D000
|
trusted library allocation
|
page execute and read and write
|
||
|
DF6ACFF000
|
stack
|
page read and write
|
||
|
7AA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE1A466000
|
unkown
|
page read and write
|
||
|
34FE000
|
stack
|
page read and write
|
||
|
14001A000
|
unkown
|
page write copy
|
||
|
14001A000
|
unkown
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
7FF7B8DF8000
|
unkown
|
page readonly
|
||
|
307D000
|
stack
|
page read and write
|
||
|
7365000
|
heap
|
page execute and read and write
|
||
|
34B0000
|
trusted library allocation
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
61F9000
|
trusted library allocation
|
page read and write
|
||
|
2B194AF0000
|
heap
|
page read and write
|
||
|
61F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFE148E1000
|
unkown
|
page execute read
|
||
|
7939000
|
heap
|
page read and write
|
||
|
3285000
|
heap
|
page read and write
|
||
|
2B194B2B000
|
heap
|
page read and write
|
||
|
4D9E000
|
stack
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
7903000
|
heap
|
page read and write
|
||
|
51F1000
|
trusted library allocation
|
page read and write
|
||
|
7C40000
|
trusted library allocation
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
7C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
72EE000
|
stack
|
page read and write
|
||
|
7FFE148E8000
|
unkown
|
page read and write
|
||
|
303C000
|
stack
|
page read and write
|
||
|
3463000
|
trusted library allocation
|
page execute and read and write
|
||
|
180479000
|
unkown
|
page readonly
|
||
|
14001B000
|
unkown
|
page readonly
|
||
|
726E000
|
stack
|
page read and write
|
||
|
8A40000
|
trusted library allocation
|
page read and write
|
||
|
140013000
|
unkown
|
page readonly
|
||
|
7FF7B8DFD000
|
unkown
|
page readonly
|
||
|
3510000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
74AD000
|
stack
|
page read and write
|
||
|
7AB7000
|
trusted library allocation
|
page read and write
|
||
|
75EB000
|
stack
|
page read and write
|
||
|
7970000
|
heap
|
page execute and read and write
|
||
|
7FFE1A461000
|
unkown
|
page readonly
|
||
|
7CD0000
|
trusted library allocation
|
page read and write
|
||
|
55DB000
|
trusted library allocation
|
page read and write
|
||
|
7936000
|
heap
|
page read and write
|
||
|
4CFE000
|
stack
|
page read and write
|
||
|
877D000
|
stack
|
page read and write
|
||
|
746E000
|
stack
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
7987000
|
trusted library allocation
|
page read and write
|
||
|
180428000
|
unkown
|
page read and write
|
||
|
7360000
|
heap
|
page execute and read and write
|
||
|
7CB0000
|
trusted library allocation
|
page read and write
|
||
|
7CF0000
|
trusted library allocation
|
page read and write
|
||
|
722E000
|
stack
|
page read and write
|
||
|
DF6AE7F000
|
stack
|
page read and write
|
||
|
5346000
|
trusted library allocation
|
page read and write
|
||
|
7B19000
|
trusted library allocation
|
page read and write
|
||
|
3216000
|
heap
|
page read and write
|
||
|
742E000
|
stack
|
page read and write
|
||
|
7FFE148E9000
|
unkown
|
page readonly
|
||
|
882F000
|
heap
|
page read and write
|
||
|
DF6AB7D000
|
stack
|
page read and write
|
||
|
7FFE0EBE1000
|
unkown
|
page execute read
|
||
|
2B194A10000
|
heap
|
page read and write
|
||
|
7860000
|
heap
|
page read and write
|
||
|
524B000
|
trusted library allocation
|
page read and write
|
||
|
78E3000
|
heap
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
313E000
|
stack
|
page read and write
|
||
|
7FF7B8DF1000
|
unkown
|
page execute read
|
||
|
76E0000
|
heap
|
page read and write
|
||
|
7FF7B8DFC000
|
unkown
|
page read and write
|
||
|
1802BD000
|
unkown
|
page readonly
|
||
|
791D000
|
heap
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
14C000
|
stack
|
page read and write
|
||
|
785F000
|
stack
|
page read and write
|
||
|
31B8000
|
heap
|
page read and write
|
||
|
7C80000
|
trusted library allocation
|
page read and write
|
||
|
32A3000
|
heap
|
page read and write
|
||
|
5548000
|
trusted library allocation
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
86F0000
|
heap
|
page read and write
|
||
|
4DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
564D000
|
trusted library allocation
|
page read and write
|
||
|
7FFE1A450000
|
unkown
|
page readonly
|
||
|
4D5C000
|
stack
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
7C50000
|
trusted library allocation
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
180426000
|
unkown
|
page write copy
|
||
|
7FF7B8DF8000
|
unkown
|
page readonly
|
||
|
3479000
|
trusted library allocation
|
page read and write
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
7CC0000
|
trusted library allocation
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
7FFE148E5000
|
unkown
|
page readonly
|
||
|
8A20000
|
trusted library allocation
|
page read and write
|
||
|
7BDE000
|
stack
|
page read and write
|
||
|
3500000
|
heap
|
page readonly
|
||
|
5659000
|
trusted library allocation
|
page read and write
|
||
|
7C60000
|
trusted library allocation
|
page read and write
|
||
|
7B5E000
|
stack
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
140013000
|
unkown
|
page readonly
|
||
|
781E000
|
stack
|
page read and write
|
||
|
3470000
|
trusted library allocation
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
544D000
|
trusted library allocation
|
page read and write
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
3410000
|
heap
|
page read and write
|
||
|
3495000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C1D000
|
stack
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
73AD000
|
stack
|
page read and write
|
||
|
7FFE1A467000
|
unkown
|
page readonly
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
793C000
|
heap
|
page read and write
|
||
|
4DC0000
|
heap
|
page execute and read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
14001B000
|
unkown
|
page readonly
|
||
|
2B194B20000
|
heap
|
page read and write
|
||
|
87E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
7CA0000
|
trusted library allocation
|
page read and write
|
||
|
7912000
|
heap
|
page read and write
|
There are 191 hidden memdumps, click here to show them.