IOC Report
SecuriteInfo.com.Program.Unwanted.5320.27373.27791.exe

loading gif

Files

File Path
Type
Category
Malicious
SecuriteInfo.com.Program.Unwanted.5320.27373.27791.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
C:\Program Files (x86)\PC Cleaner\Animation.gif (copy)
GIF image data, version 89a, 48 x 48
dropped
C:\Program Files (x86)\PC Cleaner\Brazilian.ini (copy)
Generic INItialization configuration [Actions]
dropped
C:\Program Files (x86)\PC Cleaner\Cookies.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Danish.ini (copy)
Generic INItialization configuration [Actions]
dropped
C:\Program Files (x86)\PC Cleaner\Dutch.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (465), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\English.ini (copy)
Generic INItialization configuration [Actions]
dropped
C:\Program Files (x86)\PC Cleaner\Finnish.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (408), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\French.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (410), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\GExts.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\German.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (479), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\HomePage.url (copy)
MS Windows 95 Internet shortcut text (URL=<https://www.pchelpsoft.com/>), ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Ids.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Italian.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (451), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Japanese.ini (copy)
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Norwegian.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (382), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\PCCleaner.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\PCHSUninstaller.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\PlayaSDK.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\Polish.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (456), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Portuguese.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (413), with CRLF, CR line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Russian.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (357), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\SList.db (copy)
SQLite 3.x database, last written using SQLite version 3011000, page size 1024, file counter 3, database pages 1069, cookie 0x18, schema 4, UTF-8, version-valid-for 3
dropped
C:\Program Files (x86)\PC Cleaner\SList.txt (copy)
Non-ISO extended-ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\SchedTasks.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Services1.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Services2.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\SiteNtf.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Spanish.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (404), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Swedish.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (388), with CRLF, CR line terminators
dropped
C:\Program Files (x86)\PC Cleaner\Turkish.ini (copy)
Unicode text, UTF-8 (with BOM) text, with very long lines (424), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-0OI5S.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\is-247E9.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-31H0L.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (357), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-59DFD.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (388), with CRLF, CR line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-5GPCL.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\is-5HH89.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\is-6HMCK.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-72708.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (465), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-8E9R8.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (410), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-8F6BD.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\is-936N5.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-9B3TS.tmp
Generic INItialization configuration [Actions]
dropped
C:\Program Files (x86)\PC Cleaner\is-BLHN8.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-BOR76.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\is-D8QT2.tmp
Generic INItialization configuration [Actions]
dropped
C:\Program Files (x86)\PC Cleaner\is-DSLRT.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (404), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-E1UCS.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (451), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-EMTEG.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (408), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-GSPK3.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\is-HC9LK.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (456), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-I3BOT.tmp
MS Windows 95 Internet shortcut text (URL=<https://www.pchelpsoft.com/>), ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-IJSKU.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (382), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-KDE3K.tmp
GIF image data, version 89a, 48 x 48
dropped
C:\Program Files (x86)\PC Cleaner\is-KMOL8.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (413), with CRLF, CR line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-L9510.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-MKA8K.tmp
SQLite 3.x database, last written using SQLite version 3011000, page size 1024, file counter 3, database pages 1069, cookie 0x18, schema 4, UTF-8, version-valid-for 3
dropped
C:\Program Files (x86)\PC Cleaner\is-PIESJ.tmp
SQLite 3.x database, last written using SQLite version 3034000, file counter 37, database pages 366, cookie 0x1a, schema 4, UTF-8, version-valid-for 37
dropped
C:\Program Files (x86)\PC Cleaner\is-QSUE4.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (479), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-R89KD.tmp
Generic INItialization configuration [Actions]
dropped
C:\Program Files (x86)\PC Cleaner\is-TE37R.tmp
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-TQTDS.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-UC71B.tmp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-UL898.tmp
Unicode text, UTF-8 (with BOM) text, with very long lines (424), with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\is-VS3FJ.tmp
Non-ISO extended-ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\PC Cleaner\net.db
SQLite 3.x database, last written using SQLite version 3022000, file counter 46, database pages 495, cookie 0x23, schema 4, UTF-8, version-valid-for 46
dropped
C:\Program Files (x86)\PC Cleaner\net.db-journal
SQLite Rollback Journal
dropped
C:\Program Files (x86)\PC Cleaner\sqlite3.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\unins000.dat
InnoSetup Log PC Cleaner, version 0x418, 38060 bytes, 301389\37\user\376, C:\Program Files (x86)\PC Cleaner\376\377\
dropped
C:\Program Files (x86)\PC Cleaner\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\PC Cleaner\unins000.msg
InnoSetup messages, version 6.0.0, 261 messages (UTF-16), Cancel installation
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner\PC Cleaner on the Web.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Apr 24 09:30:12 2024, mtime=Wed Apr 24 09:30:12 2024, atime=Thu Nov 2 10:38:22 2023, length=53, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner\PC Cleaner.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Apr 24 09:30:11 2024, mtime=Wed Apr 24 09:30:12 2024, atime=Wed Apr 3 10:32:12 2024, length=10560360, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner\Uninstall PC Cleaner.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Apr 24 09:30:11 2024, mtime=Wed Apr 24 09:30:11 2024, atime=Wed Apr 24 09:30:07 2024, length=3204968, window=hide
dropped
C:\ProgramData\PC Cleaner\CookieExclusions.txt
ASCII text, with CRLF line terminators
modified
C:\ProgramData\PC Cleaner\Cookies.txt
ASCII text, with CRLF line terminators
dropped
C:\ProgramData\PC Cleaner\IDs.txt
ASCII text, with CRLF line terminators
dropped
C:\ProgramData\PC Cleaner\SiteNtf.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\install[1].htm
HTML document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\etilqs_21VpiMtiVJlr4vv
SQLite 3.x database, last written using SQLite version 3022000, file counter 1, database pages 495, cookie 0x21, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\etilqs_QOBcOyRp4Oo6lrg
SQLite 3.x database, last written using SQLite version 3022000, file counter 1, database pages 495, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\etilqs_v0kBdD5gRFdYt58
SQLite 3.x database, last written using SQLite version 3022000, file counter 1, database pages 495, cookie 0x22, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\etilqs_wgwuzVwgpK883Yd
SQLite 3.x database, last written using SQLite version 3022000, file counter 1, database pages 495, cookie 0x23, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Temp\is-BVGJ6.tmp\PCCleaner.bmp
PC bitmap, Windows 3.x format, 455 x 56 x 24, image size 76608, resolution 2834 x 2834 px/m, cbSize 76662, bits offset 54
dropped
C:\Users\user\AppData\Local\Temp\is-BVGJ6.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-HLNI5.tmp\SecuriteInfo.com.Program.Unwanted.5320.27373.27791.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\PC Cleaner\Log\Tasks.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\Desktop\PC Cleaner.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Apr 24 09:30:11 2024, mtime=Wed Apr 24 09:30:11 2024, atime=Wed Apr 3 10:32:12 2024, length=10560360, window=hide
dropped
There are 80 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5320.27373.27791.exe
"C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5320.27373.27791.exe"
 malicious
C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe
"C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe"
 malicious
C:\Program Files (x86)\PC Cleaner\PCCleaner.exe
"C:\Program Files (x86)\PC Cleaner\PCCleaner" /START
 malicious
C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe
"C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe"
 malicious
C:\Users\user\AppData\Local\Temp\is-HLNI5.tmp\SecuriteInfo.com.Program.Unwanted.5320.27373.27791.tmp
"C:\Users\user\AppData\Local\Temp\is-HLNI5.tmp\SecuriteInfo.com.Program.Unwanted.5320.27373.27791.tmp" /SL5="$20450,6944918,831488,C:\Users\user\Desktop\SecuriteInfo.com.Program.Unwanted.5320.27373.27791.exe"

URLs

Name
IP
Malicious
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
https://www.pchelpsoft.comm/api/collectn
unknown
https://notifications.avqtools.com/executed/
unknown
https://cloud.pchelpsoft.com/desktop/install_complete
216.239.32.21
https://collect.avqtools.com/api/collectd
unknown
https://pchelpsoft.upclick.com/clickgate/join.aspx?ref=crm.pchelpsoft.com/cleaner&ujid=20s3lABRVNE=&
unknown
https://collect.avqtools.com/t.co
unknown
https://pchelpsoft.upclick.com/clickgate/join.aspx?ref=crm.pchelpsoft.com/cleaner&ujid=2GD9HaP
unknown
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=TqA1Vm9ge5o=
unknown
https://notifications.avqtools.com/exit-xml/PCHELPSOFT
unknown
https://upgrades.avqtools.com
unknown
http://schemas.xmlsoap.org/soap/envelope/
unknown
https://www.pchelpsoft.com/Q
unknown
https://www.pchelpsoft.com/images/build-phone-banners/phone_activation.png.co
unknown
https://www.pchelpsoft.com/images/build-phone-banners/phone_activation.png
104.26.1.116
https://notifications.avqtools.com/confirmed/
unknown
https://pchelpsoft.com/company/privacy-policy/
unknown
http://www.playanext.com/U
unknown
https://pchelpsoft.com/support/pc-cleaner/how-to-uninstall/
unknown
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=TqA1Vm9ge5o=1AJ
unknown
http://www.indyproject.org/
unknown
https://www.pchelpsoft.com/company/privacy-policy/S
unknown
https://files.playanext.com/Installer/
unknown
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=TqA1Vm9ge5o=&src=default_re
unknown
https://subscriptions.avqtools.com0
unknown
https://collect.avqtools.com/api/collectU
unknown
https://notifications.avqtools.comaPr
unknown
https://us.trustpilot.com/evaluate/www.pchelpsoft.com
unknown
https://curl.haxx.se/docs/http-cookies.html
unknown
https://curl.haxx.se/docs/http-cookies.html#
unknown
https://pchelpsoft.com/rpf
unknown
https://webtools.avanquest.com/redirect.cfm?eredirectId=pchelpsoft/pc_cleaner_router_missing_passwor
unknown
https://pchelpsoft.upclick.com/clickgate/join.aspx?ref=crm.pchelpsoft.com/cleaner&ujid=epIz41GP07U=&
unknown
https://www.pchelpsoft.com/
unknown
https://pchelpsoft.com/pc-cleaner/install
172.67.73.195
https://www.remobjects.com/ps
unknown
https://collect.avqtools.com/api/debugU
unknown
https://pchelpsoft.com/pc-cleaner/installO
unknown
https://pchelpsoft.com/pc-cleaner/installU
unknown
https://www.innosetup.com/
unknown
https://www.pchelpsoft.com/images/build-phone-banners/phone_activation.png$
unknown
https://offers.playanext.com/offer
unknown
https://pchelpsoft.com/company/eula/a
unknown
http://api.playanext.com/httpapi
108.138.246.21
https://www.pchelpsoft.com/LMEM
unknown
https://www.pchelpsoft.com/company/eula/U
unknown
https://support.pchelpsoft.com/hc/0
unknown
https://notifications.avqtools.com/clicked/
unknown
https://pchelpsoft.com/pc-cleaner/install-
unknown
https://store.pchelpsoft.com/clickgate/join.aspx?ref=pchelpsoft.com&ujid=Pxo3UeCZAEo=&step=2&cmp=UNI
unknown
https://support.pchelpsoft.com/hc/9QO
unknown
http://cdn.pchelpsoft.com/pchelpsoft/Driver_Updater_CS.exe?mkey1=PH_CRS_PCC_TO_DU_DL&cmp=CROSSELLtmp
unknown
http://schemas.xmlsoap.org/soap/encoding/
unknown
https://collect.avqtools.com/2
unknown
https://www.pchelpsoft.com/pc-cleaner/installite
unknown
https://pchelpsoft.com/company/eula/
unknown
https://partner-tracking.lavasoft.com/api/tracking/pccleaner?downloadedDate=2024-04-24T10%3A30%3A06.678Z
104.16.148.130
https://collect.avqtools.com/6
unknown
https://pchelpsoft.com/
unknown
http://www.google.com/search?q=
unknown
https://techsupport.avqtools.com/feedback
unknown
https://www.pchelpsoft.com/company/privacy-policy/
unknown
https://www.pchelpsoft.com/images/build-phone-banners/phone_activation.pngo
unknown
https://partner-tracking.lavasoft.com/api/tracking/pccleaner?downloadedDate=
unknown
https://services.avanquest.com/pchelpsoft/trustedPilot_cleaner.php?data=
unknown
https://collect.avqtools.com/api/debug?program=pchs_cleaner_v
unknown
http://www.dk-soft.org/
unknown
https://collect.avqtools.com/
unknown
https://www.pchelpsoft.com/a
unknown
https://www.pchelpsoft.com/c
unknown
https://support.pchelpsoft.com/hc/
unknown
https://collect.avqtools.com/debug.txt
116.203.251.147
https://collect.avqtools.com/api/collect
116.203.251.147
http://cdn.pchelpsoft.com/pchelpsoft/Driver_Updater_CS.exe?mkey1=PH_CRS_PCC_TO_DU_DL&cmp=CROSSELL
unknown
http://api.playanext.com/httpapib%22distributor%22%3a%22%22%2c%
unknown
https://offers.playanext.com/offer0
unknown
https://subscriptions.avqtools.com
unknown
https://upgrades.avqtools.comS
unknown
https://pchelpsoft.upclick.com/clickgate/join.aspx?ref=crm.pchelpsoft.com/cleaner&ujid=hv6Az34OCw8=&
unknown
https://www.pchelpsoft.com/pc-cleaner/install
104.26.1.116
There are 70 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
cloud.pchelpsoft.com
216.239.32.21
d1atxff5avezsq.cloudfront.net
108.138.246.21
www.pchelpsoft.com
104.26.1.116
b217xlnyk0.execute-api.us-west-2.amazonaws.com
18.239.199.80
collect.avqtools.com
116.203.251.147
pchelpsoft.com
172.67.73.195
partner-tracking.lavasoft.com
104.16.148.130
api.playanext.com
unknown
offers.playanext.com
unknown

IPs

IP
Domain
Country
Malicious
104.26.1.116
www.pchelpsoft.com
United States
108.138.246.21
d1atxff5avezsq.cloudfront.net
United States
216.239.32.21
cloud.pchelpsoft.com
United States
116.203.251.147
collect.avqtools.com
Germany
104.16.148.130
partner-tracking.lavasoft.com
United States
18.239.199.80
b217xlnyk0.execute-api.us-west-2.amazonaws.com
United States
127.0.0.1
unknown
unknown
172.67.73.195
pchelpsoft.com
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
IsUpgrade
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
Language
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
InstallerName
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
Version
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BuildID
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UpgradeID
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
PartnerID
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
Phones
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SendDebugLogs
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
HomePageURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SupportURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BuyNowURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AfterInstallURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AfterInstallURL2
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ProURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
RenewURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UninstallURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AdsDownloadURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
EulaURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
PrivacyURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BuyNowURL_UPG
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BuyNowURL_CS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ppc_encrypted\OpenWithProgids
PCCleaner.ppc_encrypted
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PCCleaner.ppc_encrypted
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PCCleaner.ppc_encrypted\DefaultIcon
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PCCleaner.ppc_encrypted\shell\open\command
NULL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\PCCleaner.exe\SupportedTypes
.ppc_encrypted
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: Selected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: Deselected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Inno Setup: Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
DisplayIcon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
MinorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
EstimatedSize
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
chkLaunch
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
chkStartScan
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
TrayAllowed
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
OnWinStartup
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
sch_enabled
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_SmartEnabled
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_SmartDate
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_Mode
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_Date
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_Time
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_Exec
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
MonitorNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastNotification
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ShownNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
NewAppNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
NewExtNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
StartupNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LowDiskSpaceNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LowFreeMemNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
CrashNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
NoAVNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BigCacheSizeNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
CookieNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SlowStartupNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
RecycleBinNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BigDownloadsSizeNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_SmartMode
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UninstallNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
MinFreeDiskSpace
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
MinFreeMemory
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
MinCacheSize
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
MinCookieNumber
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
CheckUpdates
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastUpdCheck
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SoftwareNotifications
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastSrvNotification
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastSrvCheck
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastLive
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastDebug
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
AC_Enabled
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Check1
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Check2
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Check3
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Check4
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Skip1
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Skip2
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Interval
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AC_Date
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AllowTechInfo
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AllowSilentUpgrade
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
AllowOffers
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UsageReportShown
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
HI
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
AI1
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ActiveBrowser
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SI2
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastLive
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastDebug
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BackupDir
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
InstallationDate
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
TrialDate
HKEY_CURRENT_USER_Classes\pchscleaner
NULL
HKEY_CURRENT_USER_Classes\pchscleaner
URL Protocol
HKEY_CURRENT_USER_Classes\pchscleaner\shell\open\command
NULL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
NLaunches
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LogDir
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UndoDir
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ItemsToMainScan
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ItemsToRegistryScan
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ItemsToPrivacyScan
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ItemsToRecoveryScan
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UseExclusions
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ShowRebootMessage
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ShowRecycleBin
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ShowTips
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SI1
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastScanCanceled
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastCleanExecuted
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
JsonParams
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
Params
HKEY_CURRENT_USER\SOFTWARE\Licenses\d245d16c219a0913f2cb2177b11da31a
DC_Ext
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastScanDate
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
LastScanFound
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ItemsToFix
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ItemsFixed
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SizeToClean
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
SizeToCleanInt
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ScanRes1
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ScanRes2
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ScanRes3
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ScanRes4
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
ScanRes5
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
s_SmartDate
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
BuyNowURL
HKEY_CURRENT_USER\SOFTWARE\PC Cleaner
UninstallURL
There are 141 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
25A0000
direct allocation
page read and write
43DF000
stack
page read and write
2D90000
trusted library allocation
page read and write
656F000
heap
page read and write
3AF0000
heap
page read and write
7B8000
unkown
page write copy
7A56000
heap
page read and write
72A9000
direct allocation
page read and write
2BED000
direct allocation
page read and write
7B4000
heap
page read and write
231F000
direct allocation
page read and write
6932000
heap
page read and write
2716000
direct allocation
page read and write
6A02000
heap
page read and write
6644000
heap
page read and write
6437000
heap
page read and write
EEB000
heap
page read and write
6C0E4000
unkown
page write copy
7C7000
unkown
page read and write
662A000
heap
page read and write
7A93000
heap
page read and write
7A46000
heap
page read and write
6496000
heap
page read and write
52D0000
heap
page read and write
64AE000
heap
page read and write
6486000
heap
page read and write
63C1000
heap
page read and write
B5E000
unkown
page readonly
7A27000
heap
page read and write
670B000
heap
page read and write
A1F000
heap
page read and write
61E8F000
unkown
page read and write
329E000
stack
page read and write
339D000
stack
page read and write
6590000
heap
page read and write
6580000
heap
page read and write
6C7000
unkown
page read and write
2358000
direct allocation
page read and write
778000
heap
page read and write
9B000
stack
page read and write
36B8000
direct allocation
page read and write
61E8F000
unkown
page read and write
3ADD000
heap
page read and write
7A6000
heap
page read and write
B70000
heap
page read and write
3B37000
heap
page read and write
37AC000
direct allocation
page read and write
F6C000
heap
page read and write
7A61000
heap
page read and write
6900000
heap
page read and write
D6C000
unkown
page readonly
6486000
heap
page read and write
794000
heap
page read and write
EF5000
heap
page read and write
668A000
heap
page read and write
5291000
heap
page read and write
773000
heap
page read and write
8BE000
stack
page read and write
EE3000
heap
page read and write
A8F000
heap
page read and write
69B1000
heap
page read and write
129D000
heap
page read and write
5B3C000
direct allocation
page read and write
6958000
heap
page read and write
5BA2000
direct allocation
page read and write
129D000
heap
page read and write
7AB7000
heap
page read and write
3A6E000
heap
page read and write
7D5000
heap
page read and write
7FE33000
direct allocation
page read and write
9C0000
heap
page read and write
34F0000
direct allocation
page read and write
6906000
heap
page read and write
401000
unkown
page execute read
3630000
unkown
page read and write
401000
unkown
page execute read
64E3000
heap
page read and write
64A4000
heap
page read and write
3A79000
heap
page read and write
76D000
heap
page read and write
7D1000
unkown
page write copy
3A65000
heap
page read and write
671B000
heap
page read and write
66B2000
heap
page read and write
7A33000
heap
page read and write
26A7000
direct allocation
page read and write
3A81000
heap
page read and write
401F000
stack
page read and write
3A51000
heap
page read and write
68E0000
heap
page read and write
6402000
heap
page read and write
63C0000
heap
page read and write
400000
unkown
page readonly
3AA7000
heap
page read and write
780000
heap
page read and write
A0D000
heap
page read and write
139F000
stack
page read and write
27F4000
direct allocation
page read and write
6585000
heap
page read and write
2220000
direct allocation
page read and write
650D000
heap
page read and write
762000
heap
page read and write
3D9F000
stack
page read and write
6900000
heap
page read and write
6581000
heap
page read and write
52A5000
direct allocation
page read and write
667F000
heap
page read and write
6531000
heap
page read and write
7A46000
heap
page read and write
375F000
stack
page read and write
2326000
direct allocation
page read and write
36E1000
direct allocation
page read and write
66F4000
heap
page read and write
BBF000
stack
page read and write
6C0E3000
unkown
page read and write
24A2000
direct allocation
page read and write
3AB0000
heap
page read and write
6220000
direct allocation
page read and write
224B000
direct allocation
page read and write
3A81000
heap
page read and write
2BF0000
heap
page read and write
3713000
direct allocation
page read and write
6659000
heap
page read and write
3A6B000
heap
page read and write
3AF0000
heap
page read and write
2494000
direct allocation
page read and write
64D4000
heap
page read and write
6540000
heap
page read and write
6444000
heap
page read and write
389F000
stack
page read and write
6319000
direct allocation
page read and write
6489000
heap
page read and write
773000
heap
page read and write
26A6000
direct allocation
page read and write
870000
heap
page read and write
36F2000
direct allocation
page read and write
2822000
direct allocation
page read and write
7A8B000
heap
page read and write
EEA000
heap
page read and write
234A000
direct allocation
page read and write
F62000
heap
page read and write
652D000
heap
page read and write
51D0000
heap
page read and write
EE4000
heap
page read and write
6903000
heap
page read and write
7A74000
heap
page read and write
3A79000
heap
page read and write
6647000
heap
page read and write
3AD8000
heap
page read and write
5187000
direct allocation
page read and write
E5C000
stack
page read and write
72F1000
direct allocation
page read and write
39DF000
stack
page read and write
AA1000
heap
page read and write
6487000
heap
page read and write
1295000
heap
page read and write
2C04000
direct allocation
page read and write
6593000
heap
page read and write
6975000
heap
page read and write
2B46000
direct allocation
page read and write
D64000
unkown
page readonly
6282000
direct allocation
page read and write
6900000
heap
page read and write
2301000
direct allocation
page read and write
B27000
unkown
page read and write
2646000
direct allocation
page read and write
24AA000
direct allocation
page read and write
C25000
heap
page read and write
A8F000
heap
page read and write
3731000
direct allocation
page read and write
5508000
direct allocation
page read and write
3AEF000
heap
page read and write
786000
heap
page read and write
61E00000
unkown
page readonly
7D8000
unkown
page readonly
2700000
direct allocation
page read and write
EC7000
heap
page read and write
3ABE000
heap
page read and write
6603000
heap
page read and write
3A65000
heap
page read and write
F6C000
heap
page read and write
7AF000
unkown
page read and write
1290000
heap
page read and write
3B2E000
heap
page read and write
634C000
direct allocation
page read and write
A48000
heap
page read and write
36D1000
direct allocation
page read and write
3360000
remote allocation
page read and write
6597000
heap
page read and write
3AE5000
heap
page read and write
64CC000
heap
page read and write
EEF000
heap
page read and write
3A82000
heap
page read and write
6497000
heap
page read and write
64CC000
heap
page read and write
649C000
heap
page read and write
264D000
direct allocation
page read and write
7220000
heap
page read and write
E66000
heap
page read and write
3140000
heap
page read and write
650E000
heap
page read and write
3517000
direct allocation
page read and write
675C000
heap
page read and write
6CEF000
heap
page read and write
77F000
heap
page read and write
767000
heap
page read and write
6444000
heap
page read and write
64B9000
heap
page read and write
2459000
direct allocation
page read and write
7A5B000
heap
page read and write
675C000
heap
page read and write
6427000
heap
page read and write
7A9000
unkown
page read and write
6445000
heap
page read and write
6580000
heap
page read and write
61EA0000
unkown
page readonly
3AEB000
heap
page read and write
5C2A000
direct allocation
page read and write
6902000
heap
page read and write
6578000
heap
page read and write
66E4000
heap
page read and write
4FD0000
direct allocation
page read and write
3AF7000
heap
page read and write
6644000
heap
page read and write
6402000
heap
page read and write
66B4000
heap
page read and write
18D000
stack
page read and write
3AFF000
heap
page read and write
401000
unkown
page execute read
EED000
heap
page read and write
B25000
unkown
page write copy
7A9E000
heap
page read and write
7D6000
unkown
page readonly
6576000
heap
page read and write
6560000
heap
page read and write
3A7E000
heap
page read and write
670D000
heap
page read and write
246F000
direct allocation
page read and write
63C1000
heap
page read and write
656F000
heap
page read and write
6429000
heap
page read and write
65C2000
heap
page read and write
24F3000
direct allocation
page read and write
A8F000
heap
page read and write
7FB40000
direct allocation
page read and write
78E000
heap
page read and write
129E000
heap
page read and write
2CDD000
direct allocation
page read and write
64D6000
heap
page read and write
7C7000
unkown
page read and write
26AD000
direct allocation
page read and write
7EFD000
stack
page read and write
6942000
heap
page read and write
2318000
direct allocation
page read and write
62FD000
direct allocation
page read and write
7A5000
heap
page read and write
775000
heap
page read and write
EFC000
heap
page read and write
7227000
heap
page read and write
6560000
heap
page read and write
7A10000
heap
page read and write
22DB000
direct allocation
page read and write
7FDF0000
direct allocation
page read and write
7CE000
unkown
page read and write
2766000
direct allocation
page read and write
2E8D000
stack
page read and write
7A46000
heap
page read and write
3A82000
heap
page read and write
320E000
stack
page read and write
7A7000
unkown
page write copy
641D000
heap
page read and write
6449000
heap
page read and write
3AE6000
heap
page read and write
6942000
heap
page read and write
6565000
heap
page read and write
2B50000
heap
page read and write
645F000
heap
page read and write
6963000
heap
page read and write
7AC9000
heap
page read and write
6A02000
heap
page read and write
6DE000
unkown
page readonly
3B25000
heap
page read and write
11AE000
stack
page read and write
273A000
direct allocation
page read and write
275E000
direct allocation
page read and write
5B53000
direct allocation
page read and write
5291000
heap
page read and write
246C000
direct allocation
page read and write
E60000
heap
page read and write
3B48000
heap
page read and write
61E90000
unkown
page readonly
AA2000
heap
page read and write
69A0000
heap
page read and write
67FE000
stack
page read and write
6435000
heap
page read and write
3480000
direct allocation
page read and write
1210000
heap
page read and write
27D0000
direct allocation
page read and write
3739000
direct allocation
page read and write
26C3000
direct allocation
page read and write
3B2B000
heap
page read and write
37C8000
direct allocation
page read and write
531F000
direct allocation
page read and write
A70000
heap
page read and write
A98000
heap
page read and write
6444000
heap
page read and write
2CE5000
direct allocation
page read and write
2CDD000
direct allocation
page read and write
68C1000
heap
page read and write
A95000
heap
page read and write
6A35000
heap
page read and write
7A61000
heap
page read and write
2B4E000
stack
page read and write
787000
heap
page read and write
6A02000
heap
page read and write
52D1000
heap
page read and write
86E000
stack
page read and write
A98000
heap
page read and write
A7C000
heap
page read and write
68C0000
heap
page read and write
6455000
heap
page read and write
6573000
heap
page read and write
379D000
direct allocation
page read and write
7B6E000
stack
page read and write
7A7000
unkown
page read and write
7A6F000
heap
page read and write
3EDF000
stack
page read and write
A8D000
heap
page read and write
7A6E000
heap
page read and write
6932000
heap
page read and write
419C000
stack
page read and write
7A49000
heap
page read and write
820000
heap
page read and write
61EA2000
unkown
page read and write
2BB0000
heap
page read and write
7A76000
heap
page read and write
7A9000
unkown
page read and write
6486000
heap
page read and write
3A90000
heap
page read and write
65AD000
heap
page read and write
69A0000
heap
page read and write
3360000
remote allocation
page read and write
19B000
stack
page read and write
27D7000
direct allocation
page read and write
D6F000
stack
page read and write
343E000
stack
page read and write
6A97000
heap
page read and write
3AF9000
heap
page read and write
9B000
stack
page read and write
6911000
heap
page read and write
280B000
direct allocation
page read and write
3AFE000
heap
page read and write
6492000
heap
page read and write
26A0000
direct allocation
page read and write
76D000
heap
page read and write
5BC4000
direct allocation
page read and write
3AC1000
heap
page read and write
3AA0000
heap
page read and write
BD3000
heap
page read and write
A8F000
heap
page read and write
5BB1000
direct allocation
page read and write
652D000
heap
page read and write
E40000
heap
page read and write
66C5000
heap
page read and write
691F000
heap
page read and write
600000
heap
page read and write
A8D000
heap
page read and write
3B46000
heap
page read and write
C10000
direct allocation
page execute and read and write
3B49000
heap
page read and write
696F000
heap
page read and write
93E000
stack
page read and write
780000
heap
page read and write
A9C000
heap
page read and write
6488000
heap
page read and write
36B0000
direct allocation
page read and write
97F000
stack
page read and write
63C1000
heap
page read and write
375C000
direct allocation
page read and write
940000
heap
page read and write
2D5F000
direct allocation
page read and write
6C0E8000
unkown
page readonly
6911000
heap
page read and write
2776000
direct allocation
page read and write
365E000
stack
page read and write
1298000
heap
page read and write
6984000
heap
page read and write
267B000
direct allocation
page read and write
6688000
heap
page read and write
656F000
heap
page read and write
658A000
heap
page read and write
788000
heap
page read and write
644E000
heap
page read and write
694E000
heap
page read and write
3AF6000
heap
page read and write
6643000
heap
page read and write
677E000
heap
page read and write
7A61000
heap
page read and write
26CA000
direct allocation
page read and write
3AE4000
heap
page read and write
19D000
stack
page read and write
65C1000
heap
page read and write
4C0000
unkown
page read and write
26D1000
direct allocation
page read and write
795000
heap
page read and write
F47000
heap
page read and write
5C17000
direct allocation
page read and write
42DC000
stack
page read and write
401000
unkown
page execute read
6554000
heap
page read and write
6305000
direct allocation
page read and write
3B43000
heap
page read and write
7A37000
heap
page read and write
2D66000
direct allocation
page read and write
6618000
heap
page read and write
69D2000
heap
page read and write
66A9000
heap
page read and write
B52000
unkown
page read and write
6A48000
heap
page read and write
7223000
heap
page read and write
35A0000
heap
page read and write
A2F000
heap
page read and write
66A7000
heap
page read and write
EEC000
heap
page read and write
429F000
stack
page read and write
400000
unkown
page readonly
3B45000
heap
page read and write
285C000
direct allocation
page read and write
6903000
heap
page read and write
B78000
heap
page read and write
66A2000
heap
page read and write
37A4000
direct allocation
page read and write
A95000
heap
page read and write
6CF7000
heap
page read and write
690C000
heap
page read and write
AC0000
heap
page read and write
6670000
heap
page read and write
379D000
direct allocation
page read and write
247D000
direct allocation
page read and write
6562000
heap
page read and write
2838000
direct allocation
page read and write
3B27000
heap
page read and write
7A7A000
heap
page read and write
22FA000
direct allocation
page read and write
2748000
direct allocation
page read and write
2724000
direct allocation
page read and write
225A000
direct allocation
page read and write
7B3000
heap
page read and write
5B30000
direct allocation
page read and write
675C000
heap
page read and write
7AE000
unkown
page read and write
5B9A000
direct allocation
page read and write
6441000
heap
page read and write
6414000
heap
page read and write
ABF000
stack
page read and write
764000
heap
page read and write
27E6000
direct allocation
page read and write
3721000
direct allocation
page read and write
8F0000
heap
page read and write
6472000
heap
page read and write
6AFE000
stack
page read and write
36F9000
direct allocation
page read and write
27D7000
direct allocation
page read and write
8E6000
heap
page read and write
9A5000
heap
page read and write
36DA000
direct allocation
page read and write
DD0000
direct allocation
page execute and read and write
5322000
direct allocation
page read and write
641C000
heap
page read and write
374D000
direct allocation
page read and write
BD0000
heap
page read and write
3AA2000
heap
page read and write
B80000
heap
page read and write
6BFF000
stack
page read and write
6604000
heap
page read and write
79B000
heap
page read and write
794000
heap
page read and write
3AC1000
heap
page read and write
3AE1000
heap
page read and write
192000
stack
page read and write
9C0000
heap
page read and write
A92000
heap
page read and write
B2D000
unkown
page read and write
A1C000
heap
page read and write
66D8000
heap
page read and write
129D000
heap
page read and write
9A000
stack
page read and write
379E000
stack
page read and write
3490000
direct allocation
page read and write
3B43000
heap
page read and write
3B39000
heap
page read and write
6644000
heap
page read and write
701000
unkown
page readonly
AA0000
heap
page read and write
B5C000
unkown
page read and write
2784000
direct allocation
page read and write
675B000
heap
page read and write
2476000
direct allocation
page read and write
7A3000
heap
page read and write
3AA2000
heap
page read and write
774000
heap
page read and write
64A5000
heap
page read and write
656F000
heap
page read and write
F59000
heap
page read and write
6942000
heap
page read and write
2F8E000
stack
page read and write
2610000
direct allocation
page read and write
2CEF000
direct allocation
page read and write
3C5F000
stack
page read and write
3A50000
heap
page read and write
2308000
direct allocation
page read and write
3A84000
heap
page read and write
7D5000
unkown
page read and write
6413000
heap
page read and write
3A1E000
stack
page read and write
6686000
heap
page read and write
6A9E000
heap
page read and write
DC0000
heap
page read and write
6CF000
unkown
page read and write
3AD5000
heap
page read and write
693D000
heap
page read and write
7C6F000
stack
page read and write
B45000
unkown
page read and write
222D000
direct allocation
page read and write
2234000
direct allocation
page read and write
6605000
heap
page read and write
66D8000
heap
page read and write
6C001000
unkown
page execute read
3A7B000
heap
page read and write
668E000
heap
page read and write
6A24000
heap
page read and write
4B7000
unkown
page write copy
F4B000
heap
page read and write
ECF000
heap
page read and write
782000
heap
page read and write
669D000
heap
page read and write
3B47000
heap
page read and write
69E2000
heap
page read and write
286A000
direct allocation
page read and write
B2F000
unkown
page read and write
37B3000
direct allocation
page read and write
3B45000
heap
page read and write
4520000
heap
page read and write
68C8000
heap
page read and write
6A03000
heap
page read and write
6486000
heap
page read and write
7A30000
heap
page read and write
2B5D000
direct allocation
page read and write
66AB000
heap
page read and write
129D000
heap
page read and write
6CC000
unkown
page read and write
2740000
direct allocation
page read and write
36E8000
direct allocation
page read and write
2508000
direct allocation
page read and write
640B000
heap
page read and write
3C9E000
stack
page read and write
6999000
heap
page read and write
7A3E000
heap
page read and write
2261000
direct allocation
page read and write
6228000
direct allocation
page read and write
6648000
heap
page read and write
308F000
stack
page read and write
6402000
heap
page read and write
E70000
heap
page read and write
654C000
heap
page read and write
520F000
heap
page read and write
2460000
direct allocation
page read and write
66C2000
heap
page read and write
3779000
direct allocation
page read and write
7C9000
unkown
page read and write
26B4000
direct allocation
page read and write
2B40000
direct allocation
page read and write
779000
heap
page read and write
6538000
heap
page read and write
6C5000
unkown
page read and write
6402000
heap
page read and write
3B03000
heap
page read and write
24D6000
direct allocation
page read and write
B25000
unkown
page read and write
3A51000
heap
page read and write
330F000
stack
page read and write
71C0000
direct allocation
page read and write
D6A000
unkown
page readonly
A39000
heap
page read and write
6900000
heap
page read and write
65B2000
heap
page read and write
4E0000
heap
page read and write
2804000
direct allocation
page read and write
6487000
heap
page read and write
6605000
heap
page read and write
27FD000
direct allocation
page read and write
232D000
direct allocation
page read and write
6547000
heap
page read and write
283F000
direct allocation
page read and write
277D000
direct allocation
page read and write
400000
unkown
page readonly
F66000
heap
page read and write
A91000
heap
page read and write
5291000
heap
page read and write
7A1C000
heap
page read and write
3A82000
heap
page read and write
6469000
heap
page read and write
6445000
heap
page read and write
7A6E000
heap
page read and write
64A7000
heap
page read and write
26BC000
direct allocation
page read and write
670C000
heap
page read and write
6688000
heap
page read and write
6C0E6000
unkown
page read and write
281B000
direct allocation
page read and write
7A7000
unkown
page read and write
2674000
direct allocation
page read and write
B95000
heap
page read and write
F59000
heap
page read and write
6A44000
heap
page read and write
64C6000
heap
page read and write
6700000
heap
page read and write
3763000
direct allocation
page read and write
64C5000
heap
page read and write
3ABA000
heap
page read and write
650E000
heap
page read and write
E78000
heap
page read and write
3DDE000
stack
page read and write
ECF000
heap
page read and write
6900000
heap
page read and write
7A75000
heap
page read and write
3780000
direct allocation
page read and write
61E9F000
unkown
page read and write
7B5000
heap
page read and write
66CB000
heap
page read and write
6908000
heap
page read and write
3F1E000
stack
page read and write
34CF000
stack
page read and write
7FD40000
direct allocation
page read and write
A94000
heap
page read and write
37C1000
direct allocation
page read and write
27DE000
direct allocation
page read and write
3533000
direct allocation
page read and write
72A2000
direct allocation
page read and write
77F000
heap
page read and write
650E000
heap
page read and write
377E000
direct allocation
page read and write
B56000
unkown
page write copy
7A37000
heap
page read and write
65C2000
heap
page read and write
9A0000
heap
page read and write
3AA2000
heap
page read and write
3AA1000
heap
page read and write
F0A000
heap
page read and write
3B05000
heap
page read and write
6639000
heap
page read and write
2683000
direct allocation
page read and write
78D000
heap
page read and write
415F000
stack
page read and write
7ABF000
heap
page read and write
6916000
heap
page read and write
65B8000
heap
page read and write
3B37000
heap
page read and write
6935000
heap
page read and write
6646000
heap
page read and write
6486000
heap
page read and write
AE3000
heap
page read and write
26E0000
direct allocation
page read and write
64C5000
heap
page read and write
26B6000
direct allocation
page read and write
75E000
heap
page read and write
7A27000
heap
page read and write
7A56000
heap
page read and write
6942000
heap
page read and write
96000
stack
page read and write
36AE000
stack
page read and write
3743000
direct allocation
page read and write
6408000
heap
page read and write
353E000
stack
page read and write
3B3C000
heap
page read and write
2878000
direct allocation
page read and write
61E01000
unkown
page execute read
2243000
direct allocation
page read and write
5B94000
direct allocation
page read and write
6902000
heap
page read and write
65B0000
heap
page read and write
6A56000
heap
page read and write
6561000
heap
page read and write
371F000
direct allocation
page read and write
270F000
direct allocation
page read and write
350E000
direct allocation
page read and write
3BEC000
heap
page read and write
9C8000
heap
page read and write
375E000
direct allocation
page read and write
AD0000
direct allocation
page execute and read and write
65BE000
heap
page read and write
75E000
heap
page read and write
7221000
heap
page read and write
8E0000
heap
page read and write
64C5000
heap
page read and write
62CC000
direct allocation
page read and write
6A44000
heap
page read and write
36CA000
direct allocation
page read and write
519C000
direct allocation
page read and write
663D000
heap
page read and write
63C1000
heap
page read and write
F5E000
heap
page read and write
5BAD000
direct allocation
page read and write
7A7C000
heap
page read and write
3ACD000
heap
page read and write
2D85000
direct allocation
page read and write
6543000
heap
page read and write
6985000
heap
page read and write
26F2000
direct allocation
page read and write
1F7000
heap
page read and write
3AF3000
heap
page read and write
3A81000
heap
page read and write
3796000
direct allocation
page read and write
E6F000
stack
page read and write
26BD000
direct allocation
page read and write
6599000
heap
page read and write
6C000000
unkown
page readonly
6689000
heap
page read and write
73F000
heap
page read and write
2343000
direct allocation
page read and write
666D000
heap
page read and write
6592000
heap
page read and write
6A02000
heap
page read and write
5C4A000
direct allocation
page read and write
24EC000
direct allocation
page read and write
6706000
heap
page read and write
3B41000
heap
page read and write
6D4000
unkown
page read and write
70BF000
stack
page read and write
2C93000
direct allocation
page read and write
779000
heap
page read and write
268E000
direct allocation
page read and write
6DC000
unkown
page readonly
3AA2000
heap
page read and write
272C000
direct allocation
page read and write
5210000
heap
page read and write
5290000
direct allocation
page read and write
19A000
stack
page read and write
A87000
heap
page read and write
66AF000
heap
page read and write
940000
heap
page read and write
6A56000
heap
page read and write
3A7C000
heap
page read and write
6E40000
direct allocation
page read and write
38DE000
stack
page read and write
7A0000
heap
page read and write
2757000
direct allocation
page read and write
7A59000
heap
page read and write
5B7B000
direct allocation
page read and write
7A40000
heap
page read and write
64C7000
heap
page read and write
610000
heap
page read and write
2708000
direct allocation
page read and write
6925000
heap
page read and write
EEB000
heap
page read and write
6402000
heap
page read and write
6686000
heap
page read and write
23DB000
direct allocation
page read and write
697F000
heap
page read and write
4B9000
unkown
page read and write
65C2000
heap
page read and write
788000
heap
page read and write
569E000
stack
page read and write
2268000
direct allocation
page read and write
647F000
heap
page read and write
71E9000
direct allocation
page read and write
71F000
stack
page read and write
654A000
heap
page read and write
400000
unkown
page readonly
6572000
heap
page read and write
6417000
heap
page read and write
7A9A000
heap
page read and write
653A000
heap
page read and write
3490000
direct allocation
page read and write
26D8000
direct allocation
page read and write
C00000
heap
page read and write
782000
heap
page read and write
6431000
heap
page read and write
65B1000
heap
page read and write
7B1000
unkown
page read and write
1F0000
heap
page read and write
6901000
heap
page read and write
68D1000
heap
page read and write
26F9000
direct allocation
page read and write
75E000
stack
page read and write
6410000
heap
page read and write
6483000
heap
page read and write
6A47000
heap
page read and write
9D0000
heap
page read and write
643C000
heap
page read and write
6665000
heap
page read and write
3B27000
heap
page read and write
EE5000
heap
page read and write
223B000
direct allocation
page read and write
78D000
heap
page read and write
6445000
heap
page read and write
2640000
direct allocation
page read and write
64FE000
heap
page read and write
4C6000
unkown
page readonly
278B000
direct allocation
page read and write
3490000
heap
page read and write
2484000
direct allocation
page read and write
3AD8000
heap
page read and write
357C000
stack
page read and write
93000
stack
page read and write
64CC000
heap
page read and write
6582000
heap
page read and write
6555000
heap
page read and write
1F5000
heap
page read and write
F90000
heap
page read and write
2501000
direct allocation
page read and write
6CBE000
stack
page read and write
3690000
direct allocation
page read and write
6716000
heap
page read and write
7CBE000
stack
page read and write
6655000
heap
page read and write
778000
heap
page read and write
37BF000
direct allocation
page read and write
B37000
unkown
page write copy
6AA3000
heap
page read and write
3AC8000
heap
page read and write
3143000
heap
page read and write
728000
heap
page read and write
2351000
direct allocation
page read and write
3B5E000
stack
page read and write
6645000
heap
page read and write
7C9000
unkown
page read and write
65A2000
heap
page read and write
3AFA000
heap
page read and write
2B53000
heap
page read and write
665E000
heap
page read and write
2252000
direct allocation
page read and write
658C000
heap
page read and write
2830000
direct allocation
page read and write
7CE000
unkown
page read and write
ED1000
heap
page read and write
24E4000
direct allocation
page read and write
24C8000
direct allocation
page read and write
720000
heap
page read and write
6932000
heap
page read and write
AE0000
heap
page read and write
B60000
unkown
page readonly
27ED000
direct allocation
page read and write
3B26000
heap
page read and write
C20000
heap
page read and write
3B3C000
heap
page read and write
7A43000
heap
page read and write
2C80000
trusted library allocation
page read and write
656B000
heap
page read and write
7DFE000
stack
page read and write
EF5000
heap
page read and write
61EA6000
unkown
page readonly
3C50000
trusted library allocation
page read and write
2748000
direct allocation
page read and write
3A51000
heap
page read and write
691B000
heap
page read and write
3B2E000
heap
page read and write
361F000
stack
page read and write
98E000
stack
page read and write
65A3000
heap
page read and write
5BA9000
direct allocation
page read and write
74D000
heap
page read and write
3B41000
heap
page read and write
6445000
heap
page read and write
2846000
direct allocation
page read and write
378F000
direct allocation
page read and write
6551000
heap
page read and write
73B000
heap
page read and write
65A1000
heap
page read and write
3AD4000
heap
page read and write
A7C000
heap
page read and write
26D4000
direct allocation
page read and write
3A7B000
heap
page read and write
4C4000
unkown
page readonly
3B43000
heap
page read and write
655E000
heap
page read and write
78A000
heap
page read and write
A81000
heap
page read and write
3A79000
heap
page read and write
661F000
heap
page read and write
6690000
heap
page read and write
F4A000
heap
page read and write
2BBF000
direct allocation
page read and write
657B000
heap
page read and write
F56000
heap
page read and write
7A74000
heap
page read and write
6424000
heap
page read and write
7AC000
heap
page read and write
2733000
direct allocation
page read and write
6D7000
unkown
page write copy
F5B000
heap
page read and write
3A90000
heap
page read and write
2654000
direct allocation
page read and write
6486000
heap
page read and write
6403000
heap
page read and write
249B000
direct allocation
page read and write
2ACE000
stack
page read and write
6985000
heap
page read and write
374B000
direct allocation
page read and write
8F0000
heap
page read and write
2334000
direct allocation
page read and write
66CA000
heap
page read and write
B4D000
unkown
page read and write
6C5000
unkown
page write copy
23D0000
direct allocation
page read and write
68DE000
heap
page read and write
2814000
direct allocation
page read and write
659D000
heap
page read and write
351E000
stack
page read and write
F50000
heap
page read and write
6929000
heap
page read and write
66B8000
heap
page read and write
3B49000
heap
page read and write
3B05000
heap
page read and write
37BA000
direct allocation
page read and write
EE7000
heap
page read and write
ECC000
heap
page read and write
6604000
heap
page read and write
34D0000
heap
page read and write
3B5A000
heap
page read and write
2D45000
direct allocation
page read and write
650E000
heap
page read and write
A8D000
heap
page read and write
694A000
heap
page read and write
645B000
heap
page read and write
7A7A000
heap
page read and write
2226000
direct allocation
page read and write
61E8E000
unkown
page write copy
3A63000
heap
page read and write
405E000
stack
page read and write
3B50000
trusted library allocation
page read and write
66B6000
heap
page read and write
8E7000
heap
page read and write
6C0BA000
unkown
page readonly
1200000
heap
page read and write
19D000
stack
page read and write
C29000
heap
page read and write
4C2000
unkown
page write copy
65A5000
heap
page read and write
E30000
heap
page read and write
554E000
stack
page read and write
A7E000
heap
page read and write
6972000
heap
page read and write
4B7000
unkown
page read and write
6489000
heap
page read and write
B92000
heap
page read and write
33CE000
stack
page read and write
66C7000
heap
page read and write
65A9000
heap
page read and write
F5F000
heap
page read and write
3ACE000
heap
page read and write
5FE000
stack
page read and write
3709000
direct allocation
page read and write
671A000
heap
page read and write
19B000
stack
page read and write
2699000
direct allocation
page read and write
6A86000
heap
page read and write
690E000
heap
page read and write
F4F000
heap
page read and write
61EA5000
unkown
page write copy
64A5000
heap
page read and write
274F000
direct allocation
page read and write
6402000
heap
page read and write
79F000
unkown
page execute read
1230000
direct allocation
page execute and read and write
64A5000
heap
page read and write
233C000
direct allocation
page read and write
2CF8000
direct allocation
page read and write
579F000
stack
page read and write
6688000
heap
page read and write
3742000
direct allocation
page read and write
664E000
heap
page read and write
5C67000
direct allocation
page read and write
69E3000
heap
page read and write
2863000
direct allocation
page read and write
2854000
direct allocation
page read and write
5B9E000
direct allocation
page read and write
3A82000
heap
page read and write
3B1F000
stack
page read and write
A9F000
heap
page read and write
D6E000
unkown
page readonly
3A58000
heap
page read and write
7DBE000
stack
page read and write
6800000
trusted library allocation
page read and write
3360000
remote allocation
page read and write
6DBF000
stack
page read and write
797000
heap
page read and write
61E8E000
unkown
page read and write
6402000
heap
page read and write
6625000
heap
page read and write
787000
heap
page read and write
26DB000
direct allocation
page read and write
7A24000
heap
page read and write
6543000
heap
page read and write
6969000
heap
page read and write
3521000
direct allocation
page read and write
64DA000
heap
page read and write
EEA000
heap
page read and write
7D1000
unkown
page read and write
660A000
heap
page read and write
3480000
direct allocation
page read and write
6677000
heap
page read and write
26CD000
direct allocation
page read and write
3B48000
heap
page read and write
6A8A000
heap
page read and write
2829000
direct allocation
page read and write
1260000
heap
page read and write
6420000
heap
page read and write
6565000
heap
page read and write
318D000
stack
page read and write
51D1000
heap
page read and write
24FA000
direct allocation
page read and write
564F000
stack
page read and write
26C4000
direct allocation
page read and write
26AE000
direct allocation
page read and write
3AC8000
heap
page read and write
2B0E000
stack
page read and write
There are 1007 hidden memdumps, click here to show them.