IOC Report
CuteWriter.exe

loading gif

Files

File Path
Type
Category
Malicious
CuteWriter.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
C:\Program Files (x86)\CutePDF Writer\CPWSave.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files (x86)\CutePDF Writer\CPWSave.exe.manifest
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\CutePDF Writer\CPWriter2.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\CutePDF Writer\CuteEdit.ico
MS Windows icon resource - 2 icons, 32x32, 16x16
dropped
C:\Program Files (x86)\CutePDF Writer\CutePDFWriter.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\CutePDF Writer\PDFWrite.rsp
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\CutePDF Writer\README.HTM
HTML document, Non-ISO extended-ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\CutePDF Writer\setup.inf
PGP Secret Sub-key -
dropped
C:\Program Files (x86)\CutePDF Writer\setup.ini
ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\CutePDF Writer\unInstcpw64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files (x86)\GPLGS\EndOfTask.ps
data
dropped
C:\Program Files (x86)\GPLGS\FAPIconfig-FCO
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\FCOfontmap-PCLPS3
ASCII text
dropped
C:\Program Files (x86)\GPLGS\FCOfontmap-PS3
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.ATB
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.ATM
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.OS2
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.OSF
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.SGI
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.Sol
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.URW-136.T1
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.URW-136.TT
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.Ult
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Fontmap.VMS
ASCII text
dropped
C:\Program Files (x86)\GPLGS\Info-macos.plist
XML 1.0 document, ASCII text
dropped
C:\Program Files (x86)\GPLGS\PDFA_def.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\PDFX_def.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\acctest.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\addxchar.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\afmdiff.awk
awk script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\align.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8.rpd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8gc12f.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8hg12f.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8oh06n.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8pa06n.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8pp12f.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bj8ts06n.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a0.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a1.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a2.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a3.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a4.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a5.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a6.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a7.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610a8.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b1.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b2.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b3.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b4.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b6.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b7.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\bjc610b8.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\caption.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\cat.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\cbjc600.ppd
PPD file, version "4.1"
dropped
C:\Program Files (x86)\GPLGS\cbjc800.ppd
PPD file, version "4.1"
dropped
C:\Program Files (x86)\GPLGS\cdj550.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\cdj690.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\cdj690ec.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\cid2code.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\cidfmap
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\decrypt.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\dnj750c.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\dnj750m.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\docie.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\dvipdf
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\eps2eps
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\eps2eps.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\eps2eps.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\font2c
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\font2c.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\font2c.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\font2c.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\font2pcl.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ghostpdf.inf
Windows setup INFormation
dropped
C:\Program Files (x86)\GPLGS\ghostpdf.ppd
PPD file, version "4.3"
dropped
C:\Program Files (x86)\GPLGS\gs_ce_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_cmdl.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_fform.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_il2_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_kanji.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_ksb_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_l.xbm
xbm image (48x48), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_l.xpm
X pixmap image, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_l_m.xbm
xbm image (48x48), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_lgo_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_lgx_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_m.xbm
xbm image (32x32), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_m.xpm
X pixmap image, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_m_m.xbm
xbm image (32x32), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_pfile.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_rdlin.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_s.xbm
xbm image (24x24), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_s.xpm
X pixmap image, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_s_m.xbm
xbm image (24x24), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_t.xbm
xbm image (16x16), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_t.xpm
X pixmap image, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_t_m.xbm
xbm image (16x16), ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_wl1_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_wl2_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gs_wl5_e.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsbj
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\gsbj.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsdj
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\gsdj.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsdj500
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\gsdj500.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsdll32.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\GPLGS\gsdll32.lib
current ar archive
dropped
C:\Program Files (x86)\GPLGS\gslj
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\gslj.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gslp
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\gslp.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gslp.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsnd
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\gsnd.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsndt.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gsnup.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\gssetgs.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gssetgs32.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gssetgs64.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gst.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gstt.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\gswin32c.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\GPLGS\ht_ccsto.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\image-qa.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\impath.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\jispaper.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\jobseparator.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\landscap.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\level1.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\lines.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\lp386.bat
ASCII text
dropped
C:\Program Files (x86)\GPLGS\lp386r2.bat
ASCII text
dropped
C:\Program Files (x86)\GPLGS\lpgs.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\lpr2.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\lprsetup.sh
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\markhint.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\markpath.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\mkcidfm.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\necp2x.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\necp2x6.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\opdfread.ps
PostScript document text conforming DSC level 2.0
dropped
C:\Program Files (x86)\GPLGS\packfile.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pcharstr.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdf2dsc
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\pdf2dsc.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdf2dsc.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdf2ps
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\pdf2ps.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdf2ps.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdfopt
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\pdfopt.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdfopt.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pdfwrite.ps
assembler source, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pf2afm
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\pf2afm.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pf2afm.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pf2afm.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\pfbtopfa
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\pfbtopfa.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\pfbtopfa.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pftogsf.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ppath.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\pphs
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\pphs.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\prfont.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\printafm
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\printafm.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\ps2ai.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\ps2ascii
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2ascii.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2ascii.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2ascii.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2epsi
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2epsi.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2epsi.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2epsi.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2pdf.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf12
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2pdf12.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf12.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf13
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2pdf13.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf13.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf14
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2pdf14.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdf14.cmd
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2pdfwr
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2pdfxx.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2ps
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2ps.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2ps.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2ps2
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\ps2ps2.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\ps2ps2.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\quit.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ras1.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ras24.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ras3.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ras32.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ras4.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\ras8m.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\rinkj-2200-setup
ASCII text
dropped
C:\Program Files (x86)\GPLGS\rollconv.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\showchar.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\showpage.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\st640ih.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\st640ihg.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\st640p.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\st640pg.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\st640pl.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\st640plg.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc1520h.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc2.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc200_h.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc2_h.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc2s_h.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc300.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc300bl.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc300bm.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc500p.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc500ph.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc600ih.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc600p.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc600pl.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc640p.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc800ih.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc800p.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc800pl.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc_h.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stc_l.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stcany.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stcany_h.upp
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stcinfo.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stcolor.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\stocht.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\traceimg.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\traceop.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\type1enc.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\type1ops.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\uninfo.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\unix-lpr.sh
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\unprot.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewcmyk.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewgif.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewjpeg.ps
PostScript document text
dropped
C:\Program Files (x86)\GPLGS\viewmiff.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewpbm.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewpcx.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewps2a.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\viewrgb.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\wftopfa
POSIX shell script, ASCII text executable
dropped
C:\Program Files (x86)\GPLGS\wftopfa.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\winmaps.ps
ASCII text
dropped
C:\Program Files (x86)\GPLGS\wmakebat.bat
DOS batch file, ASCII text
dropped
C:\Program Files (x86)\GPLGS\wrfont.ps
assembler source, ASCII text
dropped
C:\Program Files (x86)\GPLGS\zeroline.ps
PostScript document text
modified
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer\Readme.lnk
MS Windows shortcut, Item id list present, Has Description string, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer\Try Free CutePDF Editor.lnk
MS Windows shortcut, Item id list present, Has Description string, Icon number=0, ctime=Sun Dec 31 23:06:32 1600, mtime=Sun Dec 31 23:06:32 1600, atime=Sun Dec 31 23:06:32 1600, length=0, window=hide
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\gplgs[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\EndOfTask.ps
data
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\FAPIconfig-FCO
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\FCOfontmap-PCLPS3
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\FCOfontmap-PS3
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.ATB
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.ATM
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.OS2
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.OSF
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.SGI
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.Sol
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.URW-136.T1
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.URW-136.TT
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.Ult
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Fontmap.VMS
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\Info-macos.plist
XML 1.0 document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\PDFA_def.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\PDFX_def.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\acctest.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\addxchar.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\afmdiff.awk
awk script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\align.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8.rpd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8gc12f.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8hg12f.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8oh06n.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8pa06n.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8pp12f.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bj8ts06n.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a0.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a1.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a2.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a3.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a4.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a5.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a6.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a7.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610a8.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b1.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b2.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b3.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b4.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b6.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b7.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\bjc610b8.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\caption.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cat.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cbjc600.ppd
PPD file, version "4.1"
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cbjc800.ppd
PPD file, version "4.1"
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cdj550.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cdj690.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cdj690ec.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cid2code.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\cidfmap
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\decrypt.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\dnj750c.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\dnj750m.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\docie.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\dvipdf
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\eps2eps
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\eps2eps.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\eps2eps.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\font2c
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\font2c.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\font2c.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\font2c.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\font2pcl.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ghostpdf.inf
Windows setup INFormation
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ghostpdf.ppd
PPD file, version "4.3"
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_ce_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_cmdl.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_fform.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_il2_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_kanji.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_ksb_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_l.xbm
xbm image (48x48), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_l.xpm
X pixmap image, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_l_m.xbm
xbm image (48x48), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_lgo_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_lgx_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_m.xbm
xbm image (32x32), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_m.xpm
X pixmap image, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_m_m.xbm
xbm image (32x32), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_pfile.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_rdlin.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_s.xbm
xbm image (24x24), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_s.xpm
X pixmap image, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_s_m.xbm
xbm image (24x24), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_t.xbm
xbm image (16x16), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_t.xpm
X pixmap image, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_t_m.xbm
xbm image (16x16), ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_wl1_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_wl2_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gs_wl5_e.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsbj
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsbj.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsdj
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsdj.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsdj500
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsdj500.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsdll32.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsdll32.lib
current ar archive
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gslj
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gslj.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gslp
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gslp.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gslp.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsnd
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsnd.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsndt.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gsnup.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gssetgs.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gssetgs32.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gssetgs64.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gst.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gstt.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\gswin32c.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ht_ccsto.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\image-qa.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\impath.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\jispaper.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\jobseparator.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\landscap.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\level1.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\lines.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\lp386.bat
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\lp386r2.bat
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\lpgs.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\lpr2.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\lprsetup.sh
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\markhint.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\markpath.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\mkcidfm.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\necp2x.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\necp2x6.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\opdfread.ps
PostScript document text conforming DSC level 2.0
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\packfile.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pcharstr.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdf2dsc
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdf2dsc.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdf2dsc.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdf2ps
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdf2ps.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdf2ps.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdfopt
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdfopt.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdfopt.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pdfwrite.ps
assembler source, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pf2afm
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pf2afm.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pf2afm.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pf2afm.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pfbtopfa
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pfbtopfa.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pfbtopfa.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pftogsf.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ppath.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pphs
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\pphs.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\prfont.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\printafm
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\printafm.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ai.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ascii
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ascii.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ascii.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ascii.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2epsi
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2epsi.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2epsi.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2epsi.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf12
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf12.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf12.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf13
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf13.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf13.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf14
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf14.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdf14.cmd
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdfwr
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2pdfxx.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ps
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ps.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ps.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ps2
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ps2.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ps2ps2.cmd
OS/2 REXX batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\quit.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ras1.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ras24.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ras3.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ras32.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ras4.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\ras8m.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\rinkj-2200-setup
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\rollconv.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\showchar.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\showpage.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\st640ih.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\st640ihg.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\st640p.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\st640pg.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\st640pl.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\st640plg.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc1520h.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc2.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc200_h.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc2_h.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc2s_h.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc300.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc300bl.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc300bm.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc500p.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc500ph.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc600ih.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc600p.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc600pl.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc640p.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc800ih.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc800p.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc800pl.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc_h.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stc_l.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stcany.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stcany_h.upp
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stcinfo.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stcolor.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\stocht.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\traceimg.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\traceop.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\type1enc.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\type1ops.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\uninfo.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\unix-lpr.sh
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\unprot.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewcmyk.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewgif.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewjpeg.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewmiff.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewpbm.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewpcx.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewps2a.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\viewrgb.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\wftopfa
POSIX shell script, ASCII text executable
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\wftopfa.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\winmaps.ps
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\wmakebat.bat
DOS batch file, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\wrfont.ps
assembler source, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\GPLGS\zeroline.ps
PostScript document text
dropped
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\Setup.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\converter.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\CPWSave.exe.manifest (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\CPWriter2.exe (copy)
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\CuteEdit.ico (copy)
MS Windows icon resource - 2 icons, 32x32, 16x16
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\CutePDFWriter.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\CUTEPDFW.PPD (copy)
PPD file, version "4.3"
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\Cutepdfw.spd (copy)
PPD file, version "4.3"
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\FONTS.MFM (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\ICONLIB.DLL (copy)
MS-DOS executable, NE for MS Windows 3.x (DLL or font)
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PS5UI.DLL (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PSCRIPT.DRV (copy)
MS-DOS executable, NE for MS Windows 3.x (DLL or font)
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PSCRIPT.HLP (copy)
MS Windows 3.1 help, Tue Apr 17 13:11:49 2001, 26038 bytes
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PSCRIPT.INI (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PSCRIPT.NTF (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PSCRIPT5.DLL (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\PSMON.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\TESTPS.TXT (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-58S3Q.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-5KDH7.tmp
MS-DOS executable, NE for MS Windows 3.x (DLL or font)
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-AEH3P.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-B0300.tmp
MS-DOS executable, NE for MS Windows 3.x (DLL or font)
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-DH110.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-EE0EG.tmp
PPD file, version "4.3"
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-GG241.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-MF6F4.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-O3KEO.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-RKNCP.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-SFU84.tmp
PPD file, version "4.3"
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\is-UG394.tmp
MS Windows 3.1 help, Tue Apr 17 13:11:49 2001, 26038 bytes
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\PS5UI.DLL (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\PSCRIPT.HLP (copy)
MS Windows 3.1 help, Tue Apr 17 13:11:49 2001, 26038 bytes
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\PSCRIPT.NTF (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\PSCRIPT5.DLL (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\is-1G36V.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\is-4926L.tmp
MS Windows 3.1 help, Tue Apr 17 13:11:49 2001, 26038 bytes
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\is-4JSOO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Driver\x64\is-5KB0G.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\PDFWrite.rsp (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Readme.htm (copy)
HTML document, Non-ISO extended-ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Setup.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Setup.inf (copy)
PGP Secret Sub-key -
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\WizModernSmallImage-IS.bmp (copy)
PC bitmap, Windows 3.x format, 55 x 55 x 8, image size 3080, resolution 2834 x 2834 px/m, cbSize 4158, bits offset 1078
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\cpwmon32_v40.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\cpwmon64_v40.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-0MQ49.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-2PNKI.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-33MAN.tmp
PE32 executable (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-5HA74.tmp
MS Windows icon resource - 2 icons, 32x32, 16x16
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-64KMK.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-8BBTS.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-8GSLH.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-A1Q13.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-E5HJ8.tmp
PGP Secret Sub-key -
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-EBRN0.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-I6JST.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-KU7JI.tmp
HTML document, Non-ISO extended-ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-NH8EI.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-O1H41.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-RP11G.tmp
PC bitmap, Windows 3.x format, 55 x 55 x 8, image size 3080, resolution 2834 x 2834 px/m, cbSize 4158, bits offset 1078
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-TG3HV.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\is-UEB7U.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\pdfwriter32.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\pdfwriter64.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\setup.ini (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\setup_svr.ini (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\unInstcpw.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\unInstcpw64.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-OJ6AG.tmp\CuteWriter.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\cpwmon64_v40.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Windows\System32\spool\drivers\x64\CUTEPDFW.PPD
PPD file, version "4.3"
dropped
C:\Windows\System32\spool\drivers\x64\PS5UI.DLL
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Windows\System32\spool\drivers\x64\PSCRIPT.HLP
MS Windows 3.1 help, Tue Apr 17 13:11:49 2001, 26038 bytes
dropped
C:\Windows\System32\spool\drivers\x64\PSCRIPT.NTF
data
dropped
C:\Windows\System32\spool\drivers\x64\PSCRIPT5.DLL
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
Chrome Cache Entry: 663
ASCII text, with very long lines (390), with no line terminators
downloaded
Chrome Cache Entry: 664
ASCII text, with very long lines (3518)
dropped
Chrome Cache Entry: 665
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 666
ASCII text, with very long lines (1055)
downloaded
Chrome Cache Entry: 667
JPEG image data, progressive, precision 8, 728x90, components 3
dropped
Chrome Cache Entry: 668
MS Windows icon resource - 2 icons, 32x32, 16x16
dropped
Chrome Cache Entry: 669
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 670
HTML document, ASCII text, with very long lines (1763)
downloaded
Chrome Cache Entry: 671
ASCII text, with very long lines (1932)
downloaded
Chrome Cache Entry: 672
GIF image data, version 89a, 160 x 600
dropped
Chrome Cache Entry: 673
GIF image data, version 89a, 450 x 314
downloaded
Chrome Cache Entry: 674
JSON data
downloaded
Chrome Cache Entry: 675
PNG image data, 596 x 533, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 676
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 677
ASCII text, with very long lines (390), with no line terminators
dropped
Chrome Cache Entry: 678
PNG image data, 336 x 280, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 679
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 680
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 681
ASCII text, with very long lines (2610)
dropped
Chrome Cache Entry: 682
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 683
ASCII text, with very long lines (3835)
dropped
Chrome Cache Entry: 684
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 685
ASCII text, with very long lines (2015)
dropped
Chrome Cache Entry: 686
ASCII text, with very long lines (1382)
dropped
Chrome Cache Entry: 687
ASCII text, with very long lines (1932)
dropped
Chrome Cache Entry: 688
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 689
GIF image data, version 89a, 900 x 5
dropped
Chrome Cache Entry: 690
HTML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 691
ASCII text, with very long lines (53745)
downloaded
Chrome Cache Entry: 692
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 693
GIF image data, version 89a, 300 x 68
downloaded
Chrome Cache Entry: 694
ASCII text, with very long lines (41614)
dropped
Chrome Cache Entry: 695
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, comment: "File written by Adobe Photoshop\250 5.0", baseline, precision 8, 900x260, components 3
dropped
Chrome Cache Entry: 696
ASCII text, with very long lines (3672)
dropped
Chrome Cache Entry: 697
ASCII text, with very long lines (3557)
dropped
Chrome Cache Entry: 698
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 699
HTML document, ISO-8859 text, with CRLF line terminators
downloaded
Chrome Cache Entry: 700
ASCII text, with very long lines (2868)
downloaded
Chrome Cache Entry: 701
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 702
ASCII text, with very long lines (3672)
downloaded
Chrome Cache Entry: 703
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 704
HTML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 705
ASCII text, with very long lines (1055)
dropped
Chrome Cache Entry: 706
GIF image data, version 89a, 300 x 68
downloaded
Chrome Cache Entry: 707
JPEG image data, progressive, precision 8, 728x90, components 3
downloaded
Chrome Cache Entry: 708
ASCII text, with very long lines (3518)
downloaded
Chrome Cache Entry: 709
ASCII text, with very long lines (3557)
downloaded
Chrome Cache Entry: 710
GIF image data, version 89a, 900 x 5
downloaded
Chrome Cache Entry: 711
ASCII text, with very long lines (1382)
downloaded
Chrome Cache Entry: 712
ASCII text, with very long lines (53745)
dropped
Chrome Cache Entry: 713
ASCII text, with very long lines (3835)
downloaded
Chrome Cache Entry: 714
PNG image data, 781 x 536, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 715
ASCII text, with very long lines (2222)
downloaded
Chrome Cache Entry: 716
ASCII text, with very long lines (2586)
dropped
Chrome Cache Entry: 717
ASCII text, with very long lines (41614)
downloaded
Chrome Cache Entry: 718
PNG image data, 478 x 583, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 719
GIF image data, version 89a, 35 x 15
dropped
Chrome Cache Entry: 720
JPEG image data, progressive, precision 8, 300x600, components 3
dropped
Chrome Cache Entry: 721
HTML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 722
PNG image data, 336 x 280, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 723
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 724
C++ source, ASCII text, with very long lines (2873)
downloaded
Chrome Cache Entry: 725
HTML document, ASCII text, with very long lines (2008)
downloaded
Chrome Cache Entry: 726
GIF image data, version 89a, 239 x 202
downloaded
Chrome Cache Entry: 727
PNG image data, 781 x 536, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 728
HTML document, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
downloaded
Chrome Cache Entry: 729
ASCII text, with very long lines (2586)
downloaded
Chrome Cache Entry: 730
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 731
GIF image data, version 89a, 160 x 600
downloaded
Chrome Cache Entry: 732
GIF image data, version 89a, 400 x 62
downloaded
Chrome Cache Entry: 733
JSON data
dropped
Chrome Cache Entry: 734
ASCII text, with very long lines (2610)
downloaded
Chrome Cache Entry: 735
ASCII text, with very long lines (3980)
dropped
Chrome Cache Entry: 736
ASCII text, with very long lines (53745)
downloaded
Chrome Cache Entry: 737
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, comment: "File written by Adobe Photoshop\250 5.0", baseline, precision 8, 1572x498, components 3
dropped
Chrome Cache Entry: 738
HTML document, ASCII text, with very long lines (829), with no line terminators
downloaded
Chrome Cache Entry: 739
GIF image data, version 89a, 960 x 30
downloaded
Chrome Cache Entry: 740
ASCII text, with very long lines (2868)
dropped
Chrome Cache Entry: 741
ASCII text, with very long lines (2200)
dropped
Chrome Cache Entry: 742
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 743
GIF image data, version 89a, 450 x 314
dropped
Chrome Cache Entry: 744
GIF image data, version 89a, 1 x 100
downloaded
Chrome Cache Entry: 745
GIF image data, version 89a, 960 x 30
dropped
Chrome Cache Entry: 746
GIF image data, version 89a, 1 x 1
dropped
Chrome Cache Entry: 747
ASCII text, with very long lines (2222)
dropped
Chrome Cache Entry: 748
ASCII text, with very long lines (2015)
downloaded
Chrome Cache Entry: 749
PNG image data, 478 x 583, 8-bit/color RGB, non-interlaced
dropped
Chrome Cache Entry: 750
GIF image data, version 89a, 300 x 68
dropped
Chrome Cache Entry: 751
GIF image data, version 89a, 35 x 15
downloaded
Chrome Cache Entry: 752
PNG image data, 596 x 533, 8-bit/color RGB, non-interlaced
downloaded
Chrome Cache Entry: 753
GIF image data, version 89a, 400 x 62
dropped
Chrome Cache Entry: 754
GIF image data, version 89a, 300 x 68
dropped
Chrome Cache Entry: 755
ASCII text, with very long lines (3980)
downloaded
Chrome Cache Entry: 756
GIF image data, version 89a, 300 x 68
dropped
Chrome Cache Entry: 757
GIF image data, version 89a, 300 x 68
downloaded
Chrome Cache Entry: 758
JPEG image data, progressive, precision 8, 300x600, components 3
downloaded
Chrome Cache Entry: 759
ASCII text, with very long lines (2200)
downloaded
Chrome Cache Entry: 760
assembler source, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 761
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 762
GIF image data, version 89a, 1 x 1
downloaded
Chrome Cache Entry: 763
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, comment: "File written by Adobe Photoshop\250 5.0", baseline, precision 8, 1572x498, components 3
downloaded
Chrome Cache Entry: 764
GIF image data, version 89a, 1 x 100
dropped
Chrome Cache Entry: 765
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, comment: "File written by Adobe Photoshop\250 5.0", baseline, precision 8, 900x260, components 3
downloaded
Chrome Cache Entry: 766
GIF image data, version 89a, 239 x 202
dropped
Chrome Cache Entry: 767
MS Windows icon resource - 2 icons, 32x32, 16x16
downloaded
\Device\ConDrv
ASCII text, with CRLF line terminators
dropped
There are 693 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\CuteWriter.exe
"C:\Users\user\Desktop\CuteWriter.exe"
C:\Users\user\AppData\Local\Temp\is-OJ6AG.tmp\CuteWriter.tmp
"C:\Users\user\AppData\Local\Temp\is-OJ6AG.tmp\CuteWriter.tmp" /SL5="$20434,3034260,56832,C:\Users\user\Desktop\CuteWriter.exe"
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Setup.exe
"C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\Setup.exe" /inscpw4 -d"C:\Program Files (x86)\CutePDF Writer"
C:\Users\user\AppData\Local\Temp\converter.exe
C:\Users\user\AppData\Local\Temp\\converter.exe /auto
C:\Users\user\AppData\Local\Temp\is-EJPG2.tmp\unInstcpw64.exe
unInstcpw64.exe /copy
C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.cutepdf-editor.com/support/writer.asp
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=1984,i,11850747019021195928,4410645068136790906,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
C:\Users\user\AppData\Local\Temp\WZSE0.TMP\Setup.exe
Setup.exe
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

URLs

Name
IP
Malicious
https://www.cutepdf-editor.com/support/writer.aspZ
unknown
 malicious
https://www.cutepdf-editor.com/support/writer.asphttps://www.cutepdf-editor.com/supportWri
unknown
 malicious
https://www.cutepdf-editor.com/support/writer.aspx
unknown
 malicious
https://www.cutepdf-editor.com/support/writer.aspz
unknown
 malicious
https://www.cutepdf-editor.com/support/writer.aspOR
unknown
 malicious
https://www.cutepdf-editor.com/support/writer.aspWu
unknown
 malicious
http://download.cutepdf.com/download/gplgs.exe
64.34.201.145
 malicious
https://www.cutepdf-editor.com/images/htabs3.gif
64.34.201.144
http://www.color.orgstartxref
unknown
https://stats.g.doubleclick.net/g/collect
unknown
http://www.cutepdf.com/products/cutepdf/Writer.asp#download
unknown
https://syndicatedsearch.goog
unknown
http://www.artifex.
unknown
https://www.cutepdf-editor.com
unknown
https://s0.2mdn.net/simgad/2992038092943504460
142.250.186.166
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6555658820068848&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1729769448&plat=3%3A65536%2C4%3A65536%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.cutepdf-editor.com%2Fsupport%2Fwriter.asp&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1729769444538&bpp=5&bdt=2364&idt=3546&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90%2C160x600%2C336x280&nras=1&correlator=1252293065082&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088192%2C95342016%2C95344190%2C95345270%2C95345280%2C95344978&oid=2&pvsid=1819047191693950&tmod=229837596&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1280%2C0%2C1050%2C964%2C1034%2C870&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1.02&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=3558
142.250.186.162
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6555658820068848&output=html&h=90&slotname=6092711011&adk=1854165047&adf=3987798746&pi=t.ma~as.6092711011&w=728&abgtt=9&lmt=1729769448&format=728x90&url=https%3A%2F%2Fwww.cutepdf-editor.com%2Fsupport%2Fwriter.asp&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1729769444531&bpp=5&bdt=2357&idt=3477&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=1252293065082&frm=20&pv=2&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=145&ady=144&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088192%2C95342016%2C95344190%2C95345270%2C95345280%2C95344978&oid=2&pvsid=1819047191693950&tmod=229837596&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1280%2C0%2C1050%2C964%2C1034%2C870&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1.02&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=3507
142.250.186.162
https://ep2.adtrafficquality.google
unknown
https://www.cutepdf-editor.com/support/writerhelp.asp
unknown
https://www.cutepdf.com/Info/privacy.asp
unknown
http://download.cutepdf.com/oft
unknown
https://fundingchoicesmessages.google.com/el/AGSKWxU4HIZPXN3Dz2Utyszbn3CeXLqUWwwv3XmNMMuT0JCdIheGjsDgod1h66b9XHq494t4j5IcxditcbP8P0KV4iX1au31hq_6N39NZKEBQrCRZkeozYxZ0pFw3wiz3629LhaQguCNqg==
142.250.181.238
http://www.color.org
unknown
https://www.cutepdf-editor.com/images/NEW.GIF
64.34.201.144
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNazkvECEJ-FufYCGNC28p0CMAE&v=APEucNWgFUHrD33z4Q7qDEX7cGEiwYatuDRk88lJea39IdXM_qbynOy7NERbDVMO5c7gjwOeDvPFLj9qUxuPKa1NEQt84qawXw
142.250.186.162
https://www.google.com
unknown
https://editor.cutepdf.com/
unknown
https://www.cutepdf-editor.com/images/Security.png
64.34.201.144
https://googleads.g.doubleclick.net/pagead/html/r20241022/r20190131/zrt_lookup_fy2021.html
142.250.186.162
http://certificates.godaddy.com/repository/gdig2.crt0
unknown
https://www.cutepdf-editor.com/include/main.css
64.34.201.144
https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
unknown
https://www.cutepdf-editor.com/images/htabs1.gif
64.34.201.144
https://www.google.com/adsense
unknown
https://fundingchoicesmessages.google.com/f/AGSKWxVIY3OCDdUHaYgEKjGXEsa9SujGAoJeuST9G0tuvsaJdSmOXsAYRKz0C7Ntjaj8EqPMHxOTZv5z3lNHDoldKWe5-gZQjjMq7ZG993FMcqXY1DEAup1LksT3O07bgvOZSc0_AlHIug==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NzY5NDU2LDE0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LmN1dGVwZGYtZWRpdG9yLmNvbS9zdXBwb3J0L3dyaXRlci5hc3AiLG51bGwsW1s4LCJaN2Z4VnpXY0hLNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
142.250.181.238
http://www.innosetup.com/
unknown
https://fundingchoicesmessages.google.com/el/AGSKWxUiQrKz9xhoKJr0BKcgxH7aceMW-55nLFunVpPZsrmNsvaGY-3yIqhw4F5bjgTdnK4lbO4-0Ts7X9j0L1nQ7VwdLeK42b1oUGHA3GNg378vDqi31BFKHACNNOGW0j90-08VxaZGyQ==
142.250.181.238
http://download.acrosoftware.com/download/converter.asp?V=P1http://download.cutepdf.com/download/con
unknown
http://crl.godaddy.com/gds5-16.crl0S
unknown
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232
unknown
https://ep1.adtrafficquality.google/pagead/gen_204?id=sodar2&v=232
unknown
https://www.cutepdf-editor.com/support/writerhelp.asp~
unknown
http://certs.godaddy.com/repository/1301
unknown
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdline
unknown
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6555658820068848&output=html&h=280&slotname=4387574616&adk=1818151991&adf=1925678805&pi=t.ma~as.4387574616&w=336&abgtt=9&lmt=1729769448&format=336x280&url=https%3A%2F%2Fwww.cutepdf-editor.com%2Fsupport%2Fwriter.asp&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1729769444537&bpp=1&bdt=2363&idt=3531&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90%2C160x600&correlator=1252293065082&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=341&ady=1814&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088192%2C95342016%2C95344190%2C95345270%2C95345280%2C95344978&oid=2&pvsid=1819047191693950&tmod=229837596&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1280%2C0%2C1050%2C964%2C1034%2C870&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1.02&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3540
142.250.186.162
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
142.250.185.129
https://www.cutepdf-editor.com/images/Save.png
64.34.201.144
https://certs.godaddy.com/repository/0
unknown
https://www.cutepdf-editor.com/images/companybg.jpg
64.34.201.144
http://certificates.godaddy.com/repository/gd_intermediate.crt0
unknown
https://fundingchoicesmessages.google.com/f/AGSKWxWxKOVGKRYlIeAjy0KgmIugEZqYHHbxflheHb3kYmK2-GRTE5OmURhJDNYX2_sihhrk3QmG8RI2FqgBs3F04WjQdsyQ7pehzyvla7MtvP6cFphwjsx7-lcuTecoJBTxtQoTBsy_NQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NzY5NDU0LDQwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuY3V0ZXBkZi1lZGl0b3IuY29tL3N1cHBvcnQvd3JpdGVyLmFzcCIsbnVsbCxbWzgsIlo3ZnhWeldjSEs0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
142.250.181.238
https://cct.google/taggy/agent.js
unknown
http://www.CutePDF.comInstallLocationDisplayIconPublisherAcro
unknown
http://www.winzip.comThis
unknown
https://www.google.com/adsense/search/async-ads.js
142.250.185.228
http://crl.godaddy.com/gdroot-g2.crl0F
unknown
https://www.cutepdf-editor.com/support/writerhelp.aspnsck
unknown
https://s0.2mdn.net/simgad/2285381732942077146
142.250.186.166
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNazkvECEJ-FufYCGNC28p0CMAE&v=APEucNXmPXckh3PdZo2VQwXvMO3GHBevelDMoGlDcjr7MkT-ba1gWikCm4unvzC4vU4hfFO05-KjAYSkwIiGKB-9suj1MTB2-A
142.250.186.162
https://www.cutepdf-editor.com/Images/space.gif
64.34.201.144
https://www.cutepdf.com/Products/CutePDF/Pro.asphttps://www.cutepdf-editor.com/support/writerhelp.as
unknown
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhj1-o3eATAB&v=APEucNU3JcGq3kKl_K7TWcE7OHlegV1VKBJ7kJQB_7DGw8rmFddxUHg6Sk8GvSChIeyqnqRrKvYJUyVWlYjeo7kJ8BBRH8L4gg
142.250.186.162
http://download.acrosoftware.com/download/converter.asp?V=P1
unknown
http://googleads.g.doubleclick.net
unknown
https://www.cutepdf-editor.comShortcut
unknown
http://www.xfa.org/schema/xfa-data/1.0/dataNodedataGroupdataValueexclGroupsubform#subformfieldoccuri
unknown
https://www.CutePDF.com
unknown
http://crl.godaddy.com/gdig2s5-1.crl0S
unknown
https://fundingchoicesmessages.google.com/f/AGSKWxWoYFKd5aKei7TQb9ZXgtN3CyQwRkITwF8-cH4mwraQ0wI6sEFZ8qGFO-Lhe1cUJ73nnP1OxJHKm7ghMIYZuzm7S0Emzwr4q3Fm2hGF6x8qlWJP-GtVjx4arvb3ww_56TwZ8kFdNA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NzY5NDYwLDc5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuY3V0ZXBkZi1lZGl0b3IuY29tL3N1cHBvcnQvd3JpdGVyLmFzcCIsbnVsbCxbWzgsIlo3ZnhWeldjSEs0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
142.250.181.238
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6555658820068848&output=html&h=600&slotname=8138180617&adk=373269726&adf=126291155&pi=t.ma~as.8138180617&w=160&abgtt=9&lmt=1729769448&format=160x600&url=https%3A%2F%2Fwww.cutepdf-editor.com%2Fsupport%2Fwriter.asp&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTE3LjAuNTkzOC4xMzQiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjExNy4wLjU5MzguMTM0Il0sWyJOb3Q7QT1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTE3LjAuNTkzOC4xMzQiXV0sMF0.&dt=1729769444536&bpp=1&bdt=2361&idt=3515&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90&correlator=1252293065082&frm=20&pv=1&u_tz=-240&u_his=1&u_h=1024&u_w=1280&u_ah=984&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=744&ady=420&biw=1017&bih=870&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088192%2C95342016%2C95344190%2C95345270%2C95345280%2C95344978&oid=2&pvsid=1819047191693950&tmod=229837596&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1280%2C0%2C1050%2C964%2C1034%2C870&vis=1&rsz=d%7C%7CoeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1.02&td=1&tdf=0&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=3522
142.250.186.162
http://download.cutepdf.com/download/converter2.asp
unknown
https://www.CutePDF.com/Support
unknown
http://download.cutepdf.com/
unknown
https://www.cutepdf-editor.com/ca
unknown
http://certificates.godaddy.com/repository/0
unknown
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
https://www.cutepdf-editor.com/images/headerbg.gif
64.34.201.144
https://ep2.adtrafficquality.google/sodar/sodar2.js
142.250.185.129
https://www.cutepdf-editor.com/images/htabs2.gif
64.34.201.144
http://certificates.godaddy.com/repository100.
unknown
https://www.cutepdf-editor.com/support/writerhelp.aspD
unknown
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNazkvECEJ-FufYCGJ2x8p0CMAE&v=APEucNUO3Xfv768h9NJ6JYA2DJK1GIj950CjvejuQ8NPpM4U0fFvl74aLaryFY5P5qn3xrTJFvrpnUFgeg18_9kLOsBFpWDtwA
142.250.186.162
https://www.cutepdf-editor.com/Images/PDF_Editor.GIF
64.34.201.144
https://www.cutepdf-editor.com/editor.asp
unknown
http://crl3.digi
unknown
https://www.google.com/recaptcha/api2/aframe
142.250.181.228
http://certificates.godaddy.com/repository/gdroot.crl0K
unknown
https://fundingchoicesmessages.google.com/i/ca-pub-6555658820068848?href=https%3A%2F%2Fwww.cutepdf-editor.com%2Fsupport%2Fwriter.asp&ers=2
142.250.181.238
https://ad.doubleclick.net/.well-known/attribution-reporting/debug/verbose
172.217.16.134
http://www.artifex.com
unknown
https://ep1.adtrafficquality.google/bg/
unknown
https://www.cutepdf-editor.com/support/writerhelp.aspb
unknown
http://www.urwpp.de
unknown
https://www.cutepdf-editor.com/support/writerhelp.aspk
unknown
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNazkvECEJ-FufYCGPWj7Z0CMAE&v=APEucNVTTguKp20X8dAunnm_TQf6VnYFFtc3ryUzj6GNKBIZzVUuDt8d7mdZplTaZ7RTtBHHqk_8xwj_-8RisEYgKVCiuxAXnA
142.250.186.162
http://www.xfa.org/schema/xfa-data/1.0/
unknown
https://ep2.adtrafficquality.google/sodar/
unknown
http://www.cutepdf.com
unknown
https://www.cutepdf-editor.com/images/DocProp.png
64.34.201.144
http://download.cutepdf.com/download/converter2.aspS
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
download.cutepdf.com
64.34.201.145
 malicious
googleads.g.doubleclick.net
216.58.206.34
www3.l.google.com
142.250.181.238
ep1.adtrafficquality.google
216.58.206.34
ad.doubleclick.net
142.250.184.230
syndicatedsearch.goog
216.58.212.142
www.google.com
142.250.185.164
ep2.adtrafficquality.google
142.250.185.129
cutepdf-editor.com
64.34.201.144
s0.2mdn.net
142.250.186.166
www.cutepdf-editor.com
unknown
fundingchoicesmessages.google.com
unknown
There are 2 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.6
unknown
unknown
malicious
64.34.201.145
download.cutepdf.com
Canada
malicious
172.217.16.134
unknown
United States
142.250.185.228
unknown
United States
142.250.185.129
ep2.adtrafficquality.google
United States
216.58.212.142
syndicatedsearch.goog
United States
142.250.186.174
unknown
United States
142.250.181.230
unknown
United States
142.250.185.166
unknown
United States
142.250.181.238
www3.l.google.com
United States
142.250.185.164
www.google.com
United States
142.250.185.161
unknown
United States
142.250.74.198
unknown
United States
142.250.184.230
ad.doubleclick.net
United States
142.250.186.38
unknown
United States
142.250.186.162
unknown
United States
64.34.201.144
cutepdf-editor.com
Canada
239.255.255.250
unknown
Reserved
142.250.185.230
unknown
United States
142.250.181.228
unknown
United States
142.250.186.166
s0.2mdn.net
United States
142.250.186.100
unknown
United States
172.217.16.198
unknown
United States
There are 13 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\Acro Software Inc\CutePDF Writer
Port Name
HKEY_LOCAL_MACHINE\SOFTWARE\Acro Software Inc\CutePDF Writer
Printer Name
HKEY_LOCAL_MACHINE\SOFTWARE\Acro Software Inc\CutePDF Writer
Destination Folder
HKEY_LOCAL_MACHINE\SOFTWARE\Acro Software Inc\CutePDF Writer
Programmatic Access
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Acro Software Inc\CutePDF Writer
Destination Folder
HKEY_CURRENT_USER\Printers\DevModes2
CutePDF Writer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
DisplayIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\Acro Software Inc\CutePDF Writer\CPW4:
Destination Folder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GPL Ghostscript\9.06
GS_LIB
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GPL Ghostscript\9.06
GS_DLL
There are 11 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
284E000
stack
page read and write
414000
unkown
page readonly
8EA000
heap
page read and write
19F000
stack
page read and write
2347000
direct allocation
page read and write
400000
unkown
page readonly
961000
heap
page read and write
DC000
stack
page read and write
EA5000
heap
page read and write
26CE000
stack
page read and write
73E000
stack
page read and write
6D8000
heap
page read and write
420000
unkown
page read and write
27CF000
stack
page read and write
E10000
heap
page read and write
6DB000
heap
page read and write
490000
heap
page read and write
61E000
stack
page read and write
33B0000
heap
page read and write
CEB000
heap
page read and write
6D3000
heap
page read and write
6D8000
heap
page read and write
41C000
unkown
page read and write
401000
unkown
page execute read
4C0000
heap
page read and write
24A0000
unkown
page read and write
374F000
stack
page read and write
800000
heap
page read and write
748000
heap
page read and write
24EE000
stack
page read and write
473F000
stack
page read and write
830000
direct allocation
page read and write
40A000
unkown
page write copy
14B000
stack
page read and write
23B9000
heap
page read and write
708000
heap
page read and write
6D8000
heap
page read and write
971000
heap
page read and write
419000
unkown
page read and write
9A000
stack
page read and write
3330000
heap
page read and write
21D4000
heap
page read and write
406000
unkown
page read and write
2154000
direct allocation
page read and write
360D000
stack
page read and write
401000
unkown
page execute read
CCF000
heap
page read and write
2350000
direct allocation
page read and write
408000
unkown
page readonly
C94000
heap
page read and write
217F000
stack
page read and write
2670000
heap
page read and write
2358000
direct allocation
page read and write
2B90000
trusted library allocation
page read and write
908000
heap
page read and write
400000
unkown
page readonly
62B6000
direct allocation
page read and write
600000
heap
page read and write
644000
heap
page read and write
CC6000
heap
page read and write
7A0000
heap
page read and write
41E000
unkown
page read and write
5F20000
direct allocation
page read and write
620000
heap
page read and write
8A8000
heap
page read and write
773000
heap
page read and write
404000
unkown
page readonly
546000
heap
page read and write
400000
unkown
page readonly
830000
direct allocation
page read and write
40B000
unkown
page write copy
580000
heap
page read and write
4C0000
heap
page read and write
1B0000
heap
page read and write
90B000
heap
page read and write
681F000
stack
page read and write
EA9000
heap
page read and write
24B5000
heap
page read and write
19C000
stack
page read and write
2168000
direct allocation
page read and write
400000
unkown
page readonly
CD4000
heap
page read and write
252E000
stack
page read and write
40D000
unkown
page write copy
2378000
direct allocation
page read and write
350E000
stack
page read and write
400000
unkown
page readonly
3D03000
heap
page read and write
408000
unkown
page write copy
49A000
unkown
page write copy
410000
heap
page read and write
400000
unkown
page readonly
748000
heap
page read and write
408000
unkown
page readonly
765000
heap
page read and write
24B9000
heap
page read and write
91E000
heap
page read and write
3D02000
heap
page read and write
364E000
stack
page read and write
40B000
unkown
page read and write
5F10000
heap
page read and write
5F59000
direct allocation
page read and write
401000
unkown
page execute read
E6F000
stack
page read and write
423000
heap
page read and write
32B0000
direct allocation
page read and write
711000
heap
page read and write
9A000
stack
page read and write
150000
heap
page read and write
66E000
stack
page read and write
90F000
heap
page read and write
41B000
unkown
page write copy
420000
heap
page read and write
721000
heap
page read and write
49C000
unkown
page read and write
237C000
direct allocation
page read and write
765000
heap
page read and write
4D5000
heap
page read and write
28AE000
stack
page read and write
2440000
heap
page read and write
19D000
stack
page read and write
706000
heap
page read and write
40D000
unkown
page readonly
180000
heap
page read and write
206F000
stack
page read and write
705000
heap
page read and write
6D0000
heap
page read and write
401000
unkown
page execute read
8ED000
heap
page read and write
3CFF000
stack
page read and write
C90000
heap
page read and write
32B0000
heap
page read and write
408000
unkown
page read and write
42C000
heap
page read and write
CD4000
heap
page read and write
5EAD000
stack
page read and write
2340000
direct allocation
page read and write
EA0000
heap
page read and write
CEA000
heap
page read and write
2161000
direct allocation
page read and write
21F0000
heap
page read and write
49A000
unkown
page read and write
1F0000
heap
page read and write
407000
unkown
page readonly
414000
unkown
page readonly
971000
heap
page read and write
91B000
heap
page read and write
8DE000
heap
page read and write
2168000
direct allocation
page read and write
2161000
direct allocation
page read and write
6D8000
heap
page read and write
6B6000
heap
page read and write
23B0000
direct allocation
page read and write
40A000
unkown
page readonly
2390000
direct allocation
page read and write
5DE000
stack
page read and write
1F0000
heap
page read and write
1B6000
heap
page read and write
335A000
heap
page read and write
95C000
heap
page read and write
971000
heap
page read and write
CC4000
heap
page read and write
3D09000
heap
page read and write
401000
unkown
page execute read
27C0000
heap
page read and write
54C000
heap
page read and write
400000
unkown
page readonly
CBC000
heap
page read and write
2348000
direct allocation
page read and write
540000
heap
page read and write
400000
unkown
page readonly
63DF000
direct allocation
page read and write
400000
unkown
page readonly
3E40000
trusted library allocation
page read and write
409000
unkown
page readonly
140000
heap
page read and write
18C000
stack
page read and write
40A000
unkown
page readonly
910000
heap
page read and write
401000
unkown
page execute read
493F000
stack
page read and write
6B7000
heap
page read and write
2354000
direct allocation
page read and write
3D00000
heap
page read and write
262D000
stack
page read and write
95C000
heap
page read and write
917000
heap
page read and write
2428000
heap
page read and write
CD4000
heap
page read and write
404000
unkown
page readonly
7B0000
heap
page read and write
420000
heap
page read and write
840000
heap
page read and write
8BC000
heap
page read and write
23EE000
stack
page read and write
91000
stack
page read and write
41B000
unkown
page write copy
2164000
direct allocation
page read and write
430000
heap
page read and write
40A000
unkown
page readonly
8D3000
heap
page read and write
34B0000
direct allocation
page read and write
7F0000
heap
page read and write
23B0000
direct allocation
page read and write
3D06000
heap
page read and write
8FA000
heap
page read and write
7DE000
stack
page read and write
8A0000
heap
page read and write
407000
unkown
page readonly
401000
unkown
page execute read
411000
unkown
page readonly
277E000
stack
page read and write
2844000
heap
page read and write
2354000
direct allocation
page read and write
90A000
heap
page read and write
4AC000
unkown
page readonly
21D0000
heap
page read and write
E8F000
stack
page read and write
401000
unkown
page execute read
335A000
heap
page read and write
7B8000
heap
page read and write
7C0000
direct allocation
page execute and read and write
68E000
stack
page read and write
2150000
direct allocation
page read and write
6A0000
heap
page read and write
401000
unkown
page execute read
190000
heap
page read and write
7BE000
stack
page read and write
CCF000
heap
page read and write
83F000
stack
page read and write
2970000
trusted library allocation
page read and write
2840000
heap
page read and write
CCF000
heap
page read and write
6B0000
heap
page read and write
2370000
direct allocation
page read and write
630000
heap
page read and write
70F000
stack
page read and write
401000
unkown
page execute read
915000
heap
page read and write
1B0000
heap
page read and write
810000
heap
page read and write
2260000
heap
page read and write
3D06000
heap
page read and write
99000
stack
page read and write
CCF000
heap
page read and write
19A000
stack
page read and write
5840000
trusted library allocation
page read and write
401000
unkown
page execute read
2203000
heap
page read and write
4D0000
heap
page read and write
5EEE000
stack
page read and write
32B0000
direct allocation
page read and write
6EE000
heap
page read and write
E5E000
stack
page read and write
401000
unkown
page execute read
49E000
unkown
page write copy
960000
heap
page read and write
8DC000
heap
page read and write
2174000
direct allocation
page read and write
724000
heap
page read and write
711000
heap
page read and write
2370000
direct allocation
page read and write
6BE000
heap
page read and write
971000
heap
page read and write
844000
heap
page read and write
234C000
direct allocation
page read and write
B9F000
stack
page read and write
40A000
unkown
page read and write
706000
heap
page read and write
CBF000
heap
page read and write
1FE000
stack
page read and write
915000
heap
page read and write
8B0000
heap
page read and write
908000
heap
page read and write
6D8000
heap
page read and write
280E000
stack
page read and write
237F000
direct allocation
page read and write
2374000
direct allocation
page read and write
49B000
unkown
page write copy
640000
heap
page read and write
6A0000
heap
page read and write
411000
unkown
page readonly
2224000
direct allocation
page read and write
773000
heap
page read and write
6D7000
heap
page read and write
409000
unkown
page readonly
400000
unkown
page readonly
CD4000
heap
page read and write
9B000
stack
page read and write
47E000
stack
page read and write
419000
unkown
page write copy
130000
heap
page read and write
6AA000
heap
page read and write
903000
heap
page read and write
335E000
heap
page read and write
234C000
direct allocation
page read and write
400000
unkown
page readonly
2348000
direct allocation
page read and write
4AC000
unkown
page readonly
24B0000
heap
page read and write
8D4000
heap
page read and write
8D0000
heap
page read and write
6464000
direct allocation
page read and write
A9F000
stack
page read and write
95C000
heap
page read and write
CD1000
heap
page read and write
69F000
stack
page read and write
711000
heap
page read and write
8B4000
heap
page read and write
400000
unkown
page readonly
5DAC000
stack
page read and write
40D000
unkown
page readonly
CC3000
heap
page read and write
5B20000
heap
page read and write
2301000
heap
page read and write
6D8000
heap
page read and write
42C000
heap
page read and write
48E000
stack
page read and write
962000
heap
page read and write
963000
heap
page read and write
53E000
stack
page read and write
483F000
stack
page read and write
5C5E000
stack
page read and write
708000
heap
page read and write
E70000
heap
page read and write
690000
heap
page read and write
2358000
direct allocation
page read and write
33B1000
heap
page read and write
6D8000
heap
page read and write
CA6000
heap
page read and write
5D5F000
stack
page read and write
There are 321 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
https://www.cutepdf-editor.com/support/writer.asp
 malicious
https://www.cutepdf-editor.com/support/writer.asp
 malicious
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
https://www.cutepdf-editor.com/support/writer.asp
There are 9 hidden doms, click here to show them.