IOC Report
074kFuPFv8.exe

loading gif

Files

File Path
Type
Category
Malicious
074kFuPFv8.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Program Files (x86)\CPU Guardian\CPUGuardian.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\CPUGuardian.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ComponentFactory.Krypton.Toolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Helper.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\InstAct.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\InstAct.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Interop.IWshRuntimeLibrary.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Interop.Shell32.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Logging.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Microsoft.Win32.TaskScheduler.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Setup.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Splash.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Uninst000.CA.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\Uninst000.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ar\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ar\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ar\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bo.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bs-Cyrl-BA\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bs-Cyrl-BA\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bs-Cyrl-BA\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bs-Latn-BA\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bs-Latn-BA\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\bs-Latn-BA\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\da\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\da\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\da\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\de\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\de\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\de\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\es\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\es\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\es\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\fil-PH\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\fil-PH\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\fil-PH\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\fr\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\fr\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\fr\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\he\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\he\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\he\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\hr-HR\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\hr-HR\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\hr-HR\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\it\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\it\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\it\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ja\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ja\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ja\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\nl\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\nl\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\nl\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\no\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\no\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\no\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\pt\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\pt\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\pt\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ru\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ru\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\ru\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\se-FI\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\se-FI\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\se-FI\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sr-Cyrl-RS\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sr-Cyrl-RS\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sr-Cyrl-RS\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sr-Latn-RS\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sr-Latn-RS\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sr-Latn-RS\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sv\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sv\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\sv\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\th-TH\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\th-TH\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\th-TH\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\tr-TR\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\tr-TR\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\tr-TR\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Program Files (x86)\CPU Guardian\updater.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\CPUGuardian.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ComponentFactory.Krypton.Toolkit.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Helper.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\InstAct.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Interop.IWshRuntimeLibrary.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Interop.Shell32.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Logging.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Microsoft.Win32.TaskScheduler.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Setup.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Splash.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Uninst000.CA.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Uninst000.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ar\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ar\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ar\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bo.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bs-Cyrl-BA\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bs-Cyrl-BA\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bs-Cyrl-BA\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bs-Latn-BA\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bs-Latn-BA\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bs-Latn-BA\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\da\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\da\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\da\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\de\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\de\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\de\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\es\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\es\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\es\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\fil-PH\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\fil-PH\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\fil-PH\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\fr\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\fr\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\fr\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\he\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\he\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\he\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\hr-HR\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\hr-HR\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\hr-HR\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\it\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\it\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\it\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ja\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ja\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ja\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\nl\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\nl\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\nl\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\no\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\no\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\no\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\pt\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\pt\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\pt\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ru\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ru\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\ru\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\se-FI\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\se-FI\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\se-FI\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sr-Cyrl-RS\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sr-Cyrl-RS\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sr-Cyrl-RS\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sr-Latn-RS\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sr-Latn-RS\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sr-Latn-RS\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sv\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sv\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\sv\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\th-TH\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\th-TH\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\th-TH\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\tr-TR\CPUGuardian.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\tr-TR\Splash.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\tr-TR\Uninst000.resources.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\updater.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\decoder.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI5FAF.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI5FFE.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI601F.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI608E.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI60DD.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI612C.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI63DD.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI65C2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI70B0.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Windows\Installer\MSI7247.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\$Recycle.Bin\S-1-5-18\desktop.ini
Windows desktop.ini
modified
C:\Config.Msi\5d5e3a.rbs
data
dropped
C:\Program Files (x86)\CPU Guardian\Helper.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Program Files (x86)\CPU Guardian\Logging.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Program Files (x86)\CPU Guardian\Microsoft.Deployment.WindowsInstaller.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Program Files (x86)\CPU Guardian\Setup.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Program Files (x86)\CPU Guardian\Splash.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Program Files (x86)\CPU Guardian\bo.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Program Files (x86)\CPU Guardian\updater.ini
ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU Guardian\CPU Guardian.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Fri Apr 17 04:34:14 2015, mtime=Wed Oct 30 15:36:05 2024, atime=Fri Apr 17 04:34:14 2015, length=5139432, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU Guardian\Uninstall.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Sat Dec 7 08:10:02 2019, mtime=Wed Oct 30 15:36:02 2024, atime=Sat Dec 7 08:10:02 2019, length=59904, window=hide
dropped
C:\Users\Public\Desktop\CPU Guardian.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Fri Apr 17 04:34:14 2015, mtime=Wed Oct 30 15:36:05 2024, atime=Fri Apr 17 04:34:14 2015, length=5139432, window=hide
dropped
C:\Users\user\AppData\Local\CPU_Guardian\CPUGuardian.exe_Url_iwid41inmr3ot3ooc1a1q3rf4b4cgitj\2.6.1.0\4dijbbh5.newcfg
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\CPU_Guardian\CPUGuardian.exe_Url_iwid41inmr3ot3ooc1a1q3rf4b4cgitj\2.6.1.0\j2je5pbx.newcfg
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\CPU_Guardian\CPUGuardian.exe_Url_iwid41inmr3ot3ooc1a1q3rf4b4cgitj\2.6.1.0\user.config (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\CPUGuardian.exe.log
ASCII text, with CRLF line terminators
modified
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\InstAct.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\AIBB_7964.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\AI_ResourceCleanerLog.txt
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\{C7F8B9FC-A653-4074-A59A-3A17D9B805FE}.bat
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\CPUGuardian.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\CPUGuardian.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Title: Installation Database, Keywords: Installer, MSI, Database, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Number of Pages: 200, Security: 0, Code page: 1252, Revision Number: {19B047E6-8562-4C6B-BBED-1F83ED1824A4}, Number of Words: 0, Subject: CPU Guardian, Author: CPU Guardian, Name of Creating Application: Advanced Installer 11.5.1 build 60347, Template: ;1033, Comments: This installer database contains the logic and data required to install CPU Guardian.
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Helper.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\InstAct.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Logging.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Microsoft.Deployment.WindowsInstaller.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Setup.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\Splash.exe.config
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\bo.dll.config
XML 1.0 document, Unicode text, UTF-8 (with BOM) text
dropped
C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\holder0.aiph
data
dropped
C:\Users\user\Documents\CPUGuardian\errors
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\Documents\CPUGuardian\errors_data
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\Documents\CPUGuardian\fileerrors
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\Documents\CPUGuardian\fileerrors_data
XML 1.0 document, ASCII text, with CRLF line terminators
modified
C:\Users\user\Documents\CPUGuardian\log.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\Documents\CPUGuardian\logerror.txt
Unicode text, UTF-8 text, with CRLF line terminators
dropped
C:\Windows\Installer\5d5e38.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Title: Installation Database, Keywords: Installer, MSI, Database, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Number of Pages: 200, Security: 0, Code page: 1252, Revision Number: {19B047E6-8562-4C6B-BBED-1F83ED1824A4}, Number of Words: 0, Subject: CPU Guardian, Author: CPU Guardian, Name of Creating Application: Advanced Installer 11.5.1 build 60347, Template: ;1033, Comments: This installer database contains the logic and data required to install CPU Guardian.
dropped
C:\Windows\Installer\5d5e3b.msi
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Title: Installation Database, Keywords: Installer, MSI, Database, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Number of Pages: 200, Security: 0, Code page: 1252, Revision Number: {19B047E6-8562-4C6B-BBED-1F83ED1824A4}, Number of Words: 0, Subject: CPU Guardian, Author: CPU Guardian, Name of Creating Application: Advanced Installer 11.5.1 build 60347, Template: ;1033, Comments: This installer database contains the logic and data required to install CPU Guardian.
dropped
C:\Windows\Installer\MSI607D.tmp
data
dropped
C:\Windows\Installer\SourceHash{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\inprogressinstallinfo.ipi
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Installer\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}\SystemFoldermsiexec.exe
MS Windows icon resource - 8 icons, 32x32, 16 colors, 4 bits/pixel, 24x24, 16 colors, 4 bits/pixel
dropped
C:\Windows\Installer\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}\icon.exe
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Windows\Temp\~DF0069EE55F1D0BB5B.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF3BD4D7D1E6482870.TMP
data
dropped
C:\Windows\Temp\~DF454C9B42DBCEE293.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF5579851029B889B0.TMP
data
dropped
C:\Windows\Temp\~DF5C35BE9A740F4393.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF85CD5FF8267D805A.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF969A2937E765D5E8.TMP
data
dropped
C:\Windows\Temp\~DF99AE2353FA8378E8.TMP
data
dropped
C:\Windows\Temp\~DF9B0768747831CAE4.TMP
Composite Document File V2 Document, Cannot read section info
dropped
C:\Windows\Temp\~DF9F1F63144348FFA9.TMP
data
dropped
C:\Windows\Temp\~DFE2BCD8FBFED7B386.TMP
data
dropped
C:\Windows\Temp\~DFE2E45FC4C4068BE2.TMP
data
dropped
There are 220 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\074kFuPFv8.exe
"C:\Users\user\Desktop\074kFuPFv8.exe"
 malicious
C:\Windows\SysWOW64\msiexec.exe
"C:\Windows\system32\msiexec.exe" /i "C:\Users\user\AppData\Roaming\CPU Guardian\CPU Guardian 2.6.1\install\1652F6D\CPUGuardian.msi" /qn AI_SETUPEXEPATH=C:\Users\user\Desktop\074kFuPFv8.exe SETUPEXEDIR=C:\Users\user\Desktop\ EXE_CMD_LINE="/exenoupdates /exelang 0 /noprereqs "
malicious
C:\Windows\System32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
 malicious
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 6861D10B1BBFC1725672A78A114343A0
 malicious
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 51546B5E421AAA8415620B734ACBBF40 E Global\MSI0000
 malicious
C:\Program Files (x86)\CPU Guardian\CPUGuardian.exe
"C:\Program Files (x86)\CPU Guardian\CPUGuardian.exe" true
 malicious
C:\Program Files (x86)\CPU Guardian\InstAct.exe
"C:\Program Files (x86)\CPU Guardian\InstAct.exe" install 1 0
 malicious
C:\Program Files (x86)\CPU Guardian\CPUGuardian.exe
"C:\Program Files (x86)\CPU Guardian\CPUGuardian.exe" true
 malicious
C:\Program Files (x86)\CPU Guardian\InstAct.exe
"C:\Program Files (x86)\CPU Guardian\InstAct.exe" installurl
 malicious
C:\Windows\SysWOW64\cmd.exe
/C "C:\Users\user\AppData\Local\Temp\{C7F8B9FC-A653-4074-A59A-3A17D9B805FE}.bat"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
/C "C:\Users\user\AppData\Local\Temp\{C7F8B9FC-A653-4074-A59A-3A17D9B805FE}.bat"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 3 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://www.apache.org/licenses/LICENSE-2.0
unknown
http://www.fontbureau.com
unknown
http://www.fontbureau.com/designersG
unknown
http://www.fontbureau.com/designers/?
unknown
https://safecart.com/cpuguardian/.cpu-guardian-35
unknown
http://www.founder.com.cn/cn/bThe
unknown
http://schemas.xmlsoap.org/soap/encoding/
unknown
http://www.fontbureau.com/designers?
unknown
http://ocsp.thawte.com0
unknown
http://label.shieldapps.biz
unknown
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
unknown
http://www.advancedinstaller.com0
unknown
http://www.tiro.com
unknown
http://www.fontbureau.com/designers
unknown
http://wixtoolset.org/news/
unknown
http://www.goodfont.co.kr
unknown
http://www.symauth.com/cps0(
unknown
http://www.carterandcone.coml
unknown
http://label.shieldapps.biz/callback/bo.php
149.210.147.77
http://www.sajatypeworks.com
unknown
http://www.typography.netD
unknown
http://www.fontbureau.com/designers/cabarga.htmlN
unknown
http://www.founder.com.cn/cn/cThe
unknown
http://www.galapagosdesign.com/staff/dennis.htm
unknown
http://www.founder.com.cn/cn
unknown
http://www.fontbureau.com/designers/frere-user.html
unknown
http://cs-g2-crl.thawte.com/ThawteCSG2.crl0
unknown
http://crl.thawte.com/ThawteTimestampingCA.crl0
unknown
http://s3.amazonaws.com/guardian-cdn/tip2.jpg
unknown
http://crl.thawte.com/ThawtePCA.crl0
unknown
http://www.symauth.com/rpa00
unknown
http://www.jiyu-kobo.co.jp/
unknown
http://s3.amazonaws.com/guardian-cdn/tip.jpg
52.216.184.133
http://www.galapagosdesign.com/DPlease
unknown
http://www.fontbureau.com/designers8
unknown
http://setup.shieldapps.biz/registry/cpuguardian/s/updates.txt
unknown
http://www.fonts.com
unknown
http://www.sandoll.co.kr
unknown
http://www.urwpp.deDPlease
unknown
http://www.zhongyicts.com.cn
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://www.sakkal.com
unknown
There are 32 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
label.shieldapps.biz
149.210.147.77
s3.amazonaws.com
52.216.184.133

IPs

IP
Domain
Country
Malicious
52.216.184.133
s3.amazonaws.com
United States
149.210.147.77
label.shieldapps.biz
Netherlands

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer
GlobalAssocChangedCounter
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Config.Msi\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\5d5e3a.rbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
C:\Config.Msi\5d5e3a.rbsLow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEE0BA1317113954DAE2D11358E3B017
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0ABD8BAD6149D6342BDE45B891FEB944
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C9CF7163566E74A8F6DD61DBCED034
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B702585CF0A9FFA45A361780E92E53B4
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E3FF366CE9234499945BE78E7AC291
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFD4774D5FB7CF54A8AC045ED53D976F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C0B629EEAE31CDF49A9F4D7ABE4CD05D
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C0A1D6288F7D40A0CB4920314D17A
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3825945580CB93849B1183475C0EBE13
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FE23FB98D3D8A04418A0244A3A635679
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CAB0FBC2B0D6E8B429EF25C68437BA3F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2664F136FEE019A48A997FAAF1D258B0
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA4454DB764C01846B4AFFF46BD75266
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA0CDDA0E074CD44FA99EDA05D24FAF8
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\39BF2197AD1F0F747B8BF41EA01787D8
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D82594240B0BAC48AC905492738C86B
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2FA4B035F0AF8842BF45776D348790D
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D7A8885539C71C48BA8D865B00D0C05
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E68C047C43878C2469248F7404D2B02F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C2007F58AB8C747458CDC86F1D3D32C3
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22D3239CB1D1FAF46B930F5A5B9A7E36
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7AB637BE8EA57544C8232EF9BEF1766C
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8DEDDB4102F1A849A225EC057C04439
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DE9279CFC23135449C33E25A6422E58
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A44FFB52DA584CC478D768E020B1EF4F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\345BC2C77FB77CA40AB4E4DCF8583787
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F521ABCDA1FCF7041933D6D3E03448F3
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\21D230080890AA7478455EC16F27F27A
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CE42A0B05A794E4DAECF06BA2F340B6
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6ADCFFA94C6DE844E8A28C2910FF5249
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\083161D227A726E4288F84F480776C49
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E00A729A64B024E418099846B2867338
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F26F0B73D3B790641A10B8D877637D54
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E7CA088B269A964CA371C25C9A889AD
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1179031E996A2B4C8F411CEA064ACD1
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83EC61629E6E729478300B72AE55E844
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\917DB2284DDC2644BBB68A96E302A96D
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB3550210ECF8A24EA8EDAF5F3339CB0
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ABC4F893B06E258438A98FC235818985
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E458A6E8769187A4189281ABB2D4BA61
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDB38A489E6000C48864832992AF2014
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75BB7C9341D70494CB1DD15B8523916F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32CF0C51D92468D418201C0ADEE42280
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B846409BE527F843B0F493BAA96DEEA
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D78533BF63CE886489A05035CD6E0ADC
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8181AFADD28E7FD4CB2E208FCE0AD6F3
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1826DA7D15341674AAA47BA1591AE3DA
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\249837F251ABE8F489B2DD04B3679F55
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EACD6756DB127E645BD640C89F24779A
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F56056DC8B33A2147A62F8625E718E2F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ABF3E785D55846147960C59DBC60A5AF
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5BA1E9230E917140B668490CC6FE847
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3362560281588884B8644CBCBC89F4DF
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\70D72F539341C3749B226B5A0C768143
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F3B2F96E154B35647BA530DD529AC00A
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C80F729DE502AF645806438775A8040C
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\800782AA27B0936409C88A9E33ABAB4D
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2CA907BF5A2B864EA6458024B3EF5A9
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6CCE10F232C465944A262BA8B4D9E09F
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DA11D1B27FBFF545BA284D6DAD24FC9
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FE0AB28F99296044B4FE4FD6CE971A6
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3AC7C1DFA8BA499488DEDB75E317038C
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0570537446DB32443A200093A0483EBD
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\857E68928A411CC41814B6D610579307
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE08277123D0A584A95128C1D9B2708B
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F198C6ADE086301488F44AF586CCFBF6
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C4D1E18BBE4E922488A7FF08C838A854
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B05CDA12F68D0F140B31B99DCFEE9826
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34498DFB92DB68A429D7CD7C5645FA0E
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2A8493ED8B9839468F18604A431A2A5
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A1D1A919CEDBB8248A0E5B722D17E369
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFB98A41865C614BBCB603F1FD0CA4A
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF96528487A6D2142AEE653DEE634B55
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922DFF051AC15EB4E9931447FB4F7F72
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A45435C7A6417D438CEF240A8C402C8
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4BDD6C214FF75E41932CF2D45D0359E
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\033C2180EAAD14944A1514E75DA4ECCC
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26C869D8419EA4440BA01CAC6C0C65A0
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F353B7F84C658C1408A88D9DD6E16CFF
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A7A2B6AF95EB01240B6259EB6AA4BE40
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC8C50BB2FAF7EB4FB934C97B4D94329
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0ACCBA4601F2B154094D460D3E2B943C
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C2AE4124B6861949992F90F24392275
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CF8D7666F3B207F49B3C26C831962DB8
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C923E9F1CAFEA044B7DD0AF5144F52D
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0D0C6D39847BC7345B7080FA5663811B
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B078813B691177449D18704446CBC90
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1459F33EF1C51AC4F9538558C03C8C09
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU Guardian\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\ar\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\bs-Cyrl-BA\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\bs-Latn-BA\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\da\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\de\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\es\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\fil-PH\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\fr\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\he\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\hr-HR\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\it\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\ja\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\nl\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\no\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\se-FI\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\sr-Cyrl-RS\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\sr-Latn-RS\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\sv\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\th-TH\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\tr-TR\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\pt\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Program Files (x86)\CPU Guardian\ru\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
C:\Windows\Installer\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}\
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CPU Guardian\CPU Guardian
Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CPU Guardian\CPU Guardian
Path
HKEY_CURRENT_USER\SOFTWARE\CPU Guardian\CPU Guardian
Custom1
HKEY_CURRENT_USER\SOFTWARE\CPU Guardian\CPU Guardian
Custom2
HKEY_CURRENT_USER\SOFTWARE\CPU Guardian\CPU Guardian
ResName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
LocalPackage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Size
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
AuthorizedCDFPrefix
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Comments
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Contact
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
HelpTelephone
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
InstallSource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
ModifyPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Readme
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
EstimatedSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
WindowsInstaller
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\6867B48316010F045B46248378806BA3
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\InstallProperties
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87D8CFC2-0E35-4BF0-81BC-C5B3D1652F6D}
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\2CFC8D7853E00FB418CB5C3B1D56F2D6
MainFeature
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\Features
MainFeature
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\Patches
AllPatches
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
ProductName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
PackageCode
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
Language
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
Assignment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
AdvertiseFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
ProductIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
InstanceType
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
AuthorizedLUAApp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
DeploymentFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\6867B48316010F045B46248378806BA3
2CFC8D7853E00FB418CB5C3B1D56F2D6
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\SourceList
PackageName
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\SourceList\Net
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\SourceList\Media
DiskPrompt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\SourceList\Media
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6
Clients
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2CFC8D7853E00FB418CB5C3B1D56F2D6\SourceList
LastUsedSource
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Blob
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Blob
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MUI\StringCacheSettings
StringCacheGeneration
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer
TelemetrySalt
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\Volume\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}
MaxCapacity
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\Volume\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}
NukeOnDelete
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\25\417C44EB
@%SystemRoot%\system32\dnsapi.dll,-103
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\25\417C44EB
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\CPUGuardian_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\CPUGuardianLanguage
lang
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\InstAct_RASMANCS
FileDirectory
There are 225 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
8530000
trusted library allocation
page execute and read and write
7960000
trusted library allocation
page read and write
5DA3000
heap
page read and write
1820000
heap
page read and write
28AC000
stack
page read and write
37D0000
heap
page read and write
5788000
heap
page read and write
85F0000
trusted library allocation
page read and write
FBEF000
heap
page read and write
5270000
trusted library allocation
page read and write
10709000
heap
page read and write
27B0000
heap
page read and write
D310000
trusted library allocation
page execute and read and write
34D0000
heap
page read and write
331000
unkown
page readonly
18BE000
heap
page read and write
8A5D000
stack
page read and write
2B53000
trusted library allocation
page execute and read and write
2AC4000
trusted library allocation
page read and write
2E6E000
trusted library allocation
page read and write
8942000
heap
page read and write
27F0000
heap
page read and write
567C000
trusted library allocation
page read and write
2ECF000
trusted library allocation
page read and write
FD0C000
heap
page read and write
2E58000
trusted library allocation
page read and write
88B5000
heap
page read and write
2B60000
trusted library allocation
page read and write
70F8000
heap
page read and write
FD0E000
heap
page read and write
1028000
heap
page read and write
5B02000
heap
page read and write
16A0000
heap
page read and write
FF2A000
heap
page read and write
FD34000
heap
page read and write
29F6000
heap
page read and write
2B66000
trusted library allocation
page read and write
70E0000
heap
page read and write
35DE000
stack
page read and write
9B0000
heap
page read and write
11C05000
trusted library allocation
page read and write
DD0000
heap
page read and write
2FBE000
stack
page read and write
100F5000
heap
page read and write
1870000
heap
page read and write
AB2000
unkown
page readonly
9FBE000
stack
page read and write
1DF0000
heap
page read and write
87D0000
heap
page read and write
56B0000
trusted library allocation
page read and write
8852000
heap
page read and write
5E1C000
heap
page read and write
7E4000
stack
page read and write
3790000
trusted library allocation
page read and write
FB1D000
heap
page read and write
FDDF000
heap
page read and write
96F4000
trusted library allocation
page read and write
8AF0000
trusted library allocation
page execute and read and write
8482000
unkown
page readonly
569D000
trusted library allocation
page read and write
230000
unkown
page readonly
63A0000
trusted library allocation
page execute and read and write
E23000
trusted library allocation
page execute and read and write
CE0E000
trusted library allocation
page read and write
E3D000
trusted library allocation
page execute and read and write
9CAE000
trusted library allocation
page read and write
CD5000
heap
page read and write
1ADD000
trusted library allocation
page execute and read and write
13C0000
heap
page read and write
6520000
trusted library allocation
page read and write
138B000
trusted library allocation
page execute and read and write
1370000
trusted library allocation
page read and write
564C000
stack
page read and write
13630000
trusted library allocation
page read and write
88AD000
heap
page read and write
5D2E000
heap
page read and write
BEBE000
trusted library allocation
page read and write
7F490000
trusted library allocation
page execute and read and write
DD5000
heap
page read and write
5380000
heap
page execute and read and write
1010C000
heap
page read and write
28B0000
heap
page read and write
E50000
trusted library allocation
page read and write
55D5000
trusted library allocation
page read and write
815E000
stack
page read and write
5E43000
heap
page read and write
1047E000
heap
page read and write
1DFC000
heap
page read and write
83D0000
trusted library allocation
page execute and read and write
A735000
trusted library allocation
page read and write
1044E000
heap
page read and write
6A0E000
stack
page read and write
321F000
stack
page read and write
5A9B000
heap
page read and write
5C80000
trusted library allocation
page read and write
3CD0000
heap
page read and write
6FA0000
trusted library allocation
page execute and read and write
1085000
heap
page read and write
105BA000
heap
page read and write
E46000
trusted library allocation
page execute and read and write
9A44000
trusted library allocation
page read and write
5346000
heap
page read and write
2E4E000
trusted library allocation
page read and write
7DD4000
heap
page read and write
2B5D000
trusted library allocation
page execute and read and write
8420000
trusted library allocation
page read and write
542E000
stack
page read and write
2E7A000
trusted library allocation
page read and write
891E000
stack
page read and write
E87C000
stack
page read and write
83BC000
stack
page read and write
57CE000
stack
page read and write
1A80000
heap
page read and write
12E30000
heap
page read and write
3500000
heap
page read and write
2B00000
direct allocation
page execute and read and write
1045D000
heap
page read and write
2B8B000
trusted library allocation
page execute and read and write
5600000
trusted library allocation
page read and write
96F0000
trusted library allocation
page read and write
7E33000
heap
page read and write
8B62000
trusted library allocation
page read and write
FC81000
heap
page read and write
FBE000
stack
page read and write
FE88000
heap
page read and write
A3FD000
trusted library allocation
page read and write
A404000
trusted library allocation
page read and write
FD18000
heap
page read and write
3CD0000
heap
page read and write
BBB4000
trusted library allocation
page read and write
1660000
trusted library allocation
page read and write
18D9000
heap
page read and write
EF8000
stack
page read and write
93EE000
trusted library allocation
page read and write
E80000
heap
page read and write
109A000
heap
page read and write
2E76000
trusted library allocation
page read and write
E5B000
trusted library allocation
page execute and read and write
FD05000
heap
page read and write
AB0000
unkown
page readonly
5ECF000
heap
page read and write
4F6E000
stack
page read and write
2E21000
trusted library allocation
page read and write
104BA000
heap
page read and write
FEA1000
heap
page read and write
88F0000
heap
page read and write
C1E1000
trusted library allocation
page read and write
3E21000
trusted library allocation
page read and write
A400000
trusted library allocation
page read and write
690E000
stack
page read and write
11631000
trusted library allocation
page read and write
18A0000
heap
page read and write
281D000
heap
page read and write
6270000
trusted library allocation
page read and write
1AFB000
trusted library allocation
page execute and read and write
7982000
trusted library allocation
page read and write
82D0000
trusted library allocation
page read and write
8D60000
trusted library allocation
page read and write
2F03000
trusted library allocation
page read and write
567F000
trusted library allocation
page read and write
FC35000
heap
page read and write
10F0000
heap
page read and write
FF3E000
heap
page read and write
2E32000
heap
page read and write
1002B000
heap
page read and write
572C000
stack
page read and write
8924000
heap
page read and write
FFC4000
heap
page read and write
10517000
heap
page read and write
28D3000
heap
page read and write
9D63000
trusted library allocation
page read and write
8B50000
trusted library allocation
page read and write
2CF0000
trusted library allocation
page read and write
3410000
trusted library allocation
page read and write
FD20000
heap
page read and write
2D3E000
stack
page read and write
1075000
heap
page read and write
FF21000
heap
page read and write
FBA000
heap
page read and write
FBE0000
heap
page read and write
5E09000
heap
page read and write
5ED7000
heap
page read and write
574E000
stack
page read and write
85E0000
trusted library allocation
page execute and read and write
9A48000
trusted library allocation
page read and write
81F0000
heap
page read and write
6410000
trusted library allocation
page read and write
EDE000
heap
page read and write
FD69000
heap
page read and write
60E0000
trusted library allocation
page read and write
8AB0000
trusted library allocation
page read and write
62A0000
heap
page read and write
8D62000
trusted library allocation
page read and write
12750000
heap
page read and write
2E84000
trusted library allocation
page read and write
3E8D000
heap
page read and write
13B0000
trusted library allocation
page execute and read and write
3E40000
heap
page read and write
F5A000
heap
page read and write
5FFE000
trusted library allocation
page read and write
3FC0000
heap
page read and write
7E52000
heap
page read and write
107E000
heap
page read and write
F59000
heap
page read and write
E52000
trusted library allocation
page read and write
83C0000
trusted library allocation
page read and write
2A52000
unkown
page readonly
9062000
trusted library allocation
page read and write
A2D0000
trusted library allocation
page read and write
9620000
trusted library allocation
page execute and read and write
3E81000
trusted library allocation
page read and write
10527000
heap
page read and write
5ADD000
heap
page read and write
554E000
stack
page read and write
FC16000
heap
page read and write
E3B000
stack
page read and write
1AC0000
trusted library allocation
page read and write
5CAA000
heap
page read and write
5311000
trusted library allocation
page read and write
E1C000
trusted library allocation
page read and write
5684000
trusted library allocation
page read and write
8510000
heap
page read and write
270000
unkown
page readonly
541E000
stack
page read and write
FD11000
heap
page read and write
FBB1000
heap
page read and write
6020000
unkown
page readonly
5D41000
heap
page read and write
5798000
heap
page read and write
6B42000
unkown
page readonly
625E000
trusted library allocation
page read and write
1387000
trusted library allocation
page execute and read and write
9A40000
trusted library allocation
page read and write
2B50000
trusted library allocation
page read and write
556E000
stack
page read and write
6052000
heap
page read and write
F30000
heap
page read and write
64D0000
heap
page read and write
600D000
trusted library allocation
page read and write
FD70000
heap
page read and write
6420000
trusted library allocation
page execute and read and write
6001000
trusted library allocation
page read and write
3EFA000
heap
page read and write
2B70000
trusted library allocation
page read and write
8D0E000
stack
page read and write
667D000
stack
page read and write
10578000
heap
page read and write
794C000
stack
page read and write
5330000
trusted library allocation
page read and write
3FAE000
heap
page read and write
B89E000
trusted library allocation
page read and write
104D9000
heap
page read and write
9A3D000
trusted library allocation
page read and write
FF37000
heap
page read and write
6250000
trusted library allocation
page read and write
331000
unkown
page readonly
5440000
heap
page read and write
D320000
trusted library allocation
page execute and read and write
5FEB000
trusted library allocation
page read and write
231000
unkown
page execute read
6510000
trusted library section
page readonly
E10000
trusted library allocation
page read and write
1272C000
heap
page read and write
3E45000
heap
page read and write
FF33000
heap
page read and write
119BE000
trusted library allocation
page read and write
1353000
trusted library allocation
page execute and read and write
88E2000
heap
page read and write
638E000
stack
page read and write
2CC0000
heap
page read and write
FBD1000
heap
page read and write
CFA000
stack
page read and write
87CA000
heap
page read and write
2C40000
heap
page read and write
FBFF000
heap
page read and write
8899000
heap
page read and write
1066C000
heap
page read and write
12709000
heap
page read and write
FB1000
heap
page read and write
5D8E000
heap
page read and write
60E3000
trusted library allocation
page read and write
1296F000
heap
page read and write
BE0000
heap
page read and write
568E000
trusted library allocation
page read and write
57EF000
heap
page read and write
FEF5000
heap
page read and write
6390000
trusted library allocation
page read and write
7900000
trusted library allocation
page execute and read and write
52F0000
trusted library allocation
page read and write
62E8000
stack
page read and write
1056000
heap
page read and write
8BA0000
trusted library allocation
page read and write
60C7000
trusted library allocation
page read and write
6560000
heap
page read and write
29FE000
stack
page read and write
8AE0000
trusted library allocation
page execute and read and write
6801000
heap
page read and write
5A9E000
stack
page read and write
68CE000
stack
page read and write
AB5E000
trusted library allocation
page read and write
3BC1000
heap
page read and write
FE71000
heap
page read and write
BC0000
heap
page read and write
60BA000
stack
page read and write
FFBB000
heap
page read and write
126D9000
heap
page read and write
5C3E000
stack
page read and write
2E40000
trusted library allocation
page read and write
1082D000
heap
page read and write
12E6C000
heap
page read and write
14BB000
stack
page read and write
CAFE000
trusted library allocation
page read and write
580D000
stack
page read and write
FCF4000
heap
page read and write
11922000
trusted library allocation
page read and write
2E46000
trusted library allocation
page read and write
654E000
stack
page read and write
2E7E000
stack
page read and write
E8D000
heap
page read and write
888B000
heap
page read and write
5DDE000
heap
page read and write
2B87000
trusted library allocation
page execute and read and write
1AEA000
trusted library allocation
page execute and read and write
634B000
unkown
page read and write
5E72000
heap
page read and write
EF8000
heap
page read and write
7F1D0000
trusted library allocation
page execute and read and write
3B4B000
trusted library allocation
page read and write
FC90000
heap
page read and write
5343000
heap
page read and write
2A80000
trusted library allocation
page read and write
1AE6000
trusted library allocation
page execute and read and write
9AD1000
trusted library allocation
page read and write
677D000
stack
page read and write
2BEE000
stack
page read and write
128A2000
heap
page read and write
F97000
heap
page read and write
2CE0000
heap
page read and write
9A79000
trusted library allocation
page read and write
5E37000
heap
page read and write
10799000
heap
page read and write
6EDE000
stack
page read and write
8844000
heap
page read and write
1AC4000
trusted library allocation
page read and write
2BA0000
trusted library allocation
page read and write
96F7000
trusted library allocation
page read and write
70FE000
heap
page read and write
9A0000
heap
page read and write
5410000
trusted library allocation
page read and write
15B8000
stack
page read and write
F79000
heap
page read and write
FDF9000
heap
page read and write
6290000
trusted library allocation
page read and write
2FBD000
stack
page read and write
2E1F000
stack
page read and write
60C0000
trusted library allocation
page read and write
1AF7000
trusted library allocation
page execute and read and write
8AC0000
trusted library allocation
page read and write
6570000
heap
page read and write
3FD6000
heap
page read and write
5B0E000
heap
page read and write
106EA000
heap
page read and write
1282B000
heap
page read and write
1296B000
heap
page read and write
28E0000
trusted library allocation
page execute and read and write
A2C0000
trusted library allocation
page read and write
1079F000
heap
page read and write
5A7A000
heap
page read and write
506E000
stack
page read and write
12E62000
heap
page read and write
3380000
heap
page read and write
E70000
trusted library allocation
page read and write
FF9F000
heap
page read and write
10669000
heap
page read and write
2AF1000
trusted library allocation
page read and write
3E25000
trusted library allocation
page read and write
FE54000
heap
page read and write
2E66000
trusted library allocation
page read and write
5688000
trusted library allocation
page read and write
3E36000
heap
page read and write
64F0000
trusted library allocation
page execute and read and write
60F0000
heap
page read and write
1AD3000
trusted library allocation
page read and write
29F0000
heap
page read and write
2C49000
heap
page read and write
8B00000
trusted library allocation
page read and write
550B000
unkown
page read and write
10508000
heap
page read and write
7DC5000
heap
page read and write
1033000
heap
page read and write
FD15000
heap
page read and write
3220000
heap
page read and write
87BA000
heap
page read and write
12974000
heap
page read and write
62B0000
heap
page read and write
11C15000
trusted library allocation
page read and write
BB0000
heap
page read and write
9FC0000
unkown
page readonly
108A9000
trusted library allocation
page read and write
2B3E000
stack
page read and write
C819000
trusted library allocation
page read and write
F77000
heap
page read and write
FBC0000
heap
page read and write
B4B000
stack
page read and write
2B72000
trusted library allocation
page read and write
36DF000
stack
page read and write
5D55000
heap
page read and write
FF5E000
heap
page read and write
2B82000
trusted library allocation
page read and write
F70000
heap
page read and write
FFE2000
heap
page read and write
4F1D000
stack
page read and write
2C30000
trusted library allocation
page execute and read and write
34BE000
stack
page read and write
88E5000
heap
page read and write
9378000
trusted library allocation
page read and write
5D9E000
stack
page read and write
6F00000
trusted library allocation
page read and write
5FE0000
trusted library allocation
page read and write
63F0000
heap
page read and write
8570000
trusted library allocation
page execute and read and write
5316000
trusted library allocation
page read and write
3BC0000
heap
page read and write
1014C000
heap
page read and write
FB2000
heap
page read and write
FD60000
heap
page read and write
36FF000
stack
page read and write
3F54000
heap
page read and write
1DD0000
trusted library allocation
page read and write
10671000
heap
page read and write
14CF000
stack
page read and write
104E8000
heap
page read and write
8836000
heap
page read and write
7950000
trusted library allocation
page read and write
6040000
unkown
page readonly
EDA000
heap
page read and write
127AE000
heap
page read and write
56D1000
trusted library allocation
page read and write
C40000
heap
page read and write
9694000
trusted library allocation
page read and write
F93000
heap
page read and write
2EDC000
trusted library allocation
page read and write
668D000
stack
page read and write
81D0000
heap
page read and write
3AF1000
trusted library allocation
page read and write
350B000
heap
page read and write
875E000
stack
page read and write
8A1F000
stack
page read and write
8BC0000
trusted library allocation
page read and write
230000
unkown
page readonly
5390000
trusted library allocation
page read and write
27C0000
heap
page read and write
28D0000
heap
page read and write
F97000
heap
page read and write
5850000
heap
page execute and read and write
1046E000
heap
page read and write
5A58000
heap
page read and write
10720000
heap
page read and write
57C2000
heap
page read and write
62C0000
heap
page read and write
F05000
heap
page read and write
135D000
trusted library allocation
page execute and read and write
12704000
heap
page read and write
351D000
heap
page read and write
884B000
heap
page read and write
137A000
trusted library allocation
page execute and read and write
10569000
heap
page read and write
10DB000
heap
page read and write
2AE0000
heap
page execute and read and write
101E000
stack
page read and write
ED0000
heap
page read and write
5E9E000
stack
page read and write
105F7000
heap
page read and write
FFB2000
heap
page read and write
6110000
trusted library allocation
page execute and read and write
337E000
stack
page read and write
FC26000
heap
page read and write
8AB7000
trusted library allocation
page read and write
93A000
stack
page read and write
8874000
heap
page read and write
5C7E000
stack
page read and write
100E0000
heap
page read and write
5DFE000
stack
page read and write
FB3B000
heap
page read and write
5808000
heap
page read and write
6FB0000
trusted library allocation
page read and write
10145000
heap
page read and write
67CE000
stack
page read and write
10EE000
heap
page read and write
1354000
trusted library allocation
page read and write
104CA000
heap
page read and write
899E000
stack
page read and write
29FA000
heap
page read and write
10545000
heap
page read and write
1DE0000
trusted library allocation
page read and write
5C90000
heap
page read and write
530E000
trusted library allocation
page read and write
584E000
stack
page read and write
58BC000
stack
page read and write
5691000
trusted library allocation
page read and write
10634000
heap
page read and write
12728000
heap
page read and write
1AF2000
trusted library allocation
page read and write
566E000
stack
page read and write
93C7000
trusted library allocation
page read and write
FFCD000
heap
page read and write
1052C000
heap
page read and write
E6E0000
trusted library allocation
page execute and read and write
370000
unkown
page read and write
88D5000
heap
page read and write
5320000
heap
page read and write
651C000
stack
page read and write
A31E000
trusted library allocation
page read and write
5A70000
heap
page read and write
2B80000
trusted library allocation
page read and write
10803000
heap
page read and write
2EF1000
trusted library allocation
page read and write
5672000
trusted library allocation
page read and write
84CE000
stack
page read and write
FD4E000
heap
page read and write
578C000
heap
page read and write
1274B000
heap
page read and write
564F000
stack
page read and write
8854000
heap
page read and write
2D00000
trusted library allocation
page read and write
198F000
heap
page read and write
A3CE000
trusted library allocation
page read and write
E20000
trusted library allocation
page read and write
FD03000
heap
page read and write
5D9F000
stack
page read and write
5780000
heap
page read and write
2AC0000
trusted library allocation
page read and write
105C9000
heap
page read and write
5750000
trusted library allocation
page read and write
60CE000
trusted library allocation
page read and write
7955000
trusted library allocation
page read and write
2B54000
trusted library allocation
page read and write
96C9000
trusted library allocation
page read and write
5260000
trusted library allocation
page read and write
94C3000
trusted library allocation
page read and write
8887000
heap
page read and write
2E60000
trusted library allocation
page read and write
2E26000
trusted library allocation
page read and write
126BC000
heap
page read and write
6780000
heap
page read and write
5383000
heap
page execute and read and write
FFE000
heap
page read and write
2A50000
unkown
page readonly
FF0000
heap
page read and write
2ED7000
trusted library allocation
page read and write
FD07000
heap
page read and write
552E000
stack
page read and write
104AB000
heap
page read and write
6054000
unkown
page readonly
F5E000
heap
page read and write
E40000
trusted library allocation
page read and write
544E000
heap
page read and write
C4DE000
trusted library allocation
page read and write
FD9C000
heap
page read and write
93E4000
trusted library allocation
page read and write
3BE0000
heap
page read and write
56D7000
trusted library allocation
page read and write
6DB6000
unkown
page readonly
5674000
trusted library allocation
page read and write
882D000
heap
page read and write
D8A0000
trusted library allocation
page execute and read and write
8760000
heap
page read and write
C8E000
stack
page read and write
33B0000
heap
page read and write
8956000
heap
page read and write
6791000
heap
page read and write
FF45000
heap
page read and write
FE74000
heap
page read and write
27D0000
heap
page read and write
8B30000
trusted library allocation
page read and write
96FA000
trusted library allocation
page read and write
106F7000
heap
page read and write
67A9000
heap
page read and write
6480000
trusted library section
page read and write
5794000
heap
page read and write
64B0000
trusted library allocation
page read and write
FC0000
heap
page read and write
2B20000
heap
page read and write
56A2000
trusted library allocation
page read and write
105E8000
heap
page read and write
2A70000
trusted library allocation
page execute and read and write
FEC3000
heap
page read and write
FD0000
heap
page read and write
29FE000
unkown
page read and write
5811000
heap
page read and write
106FB000
heap
page read and write
8ABD000
trusted library allocation
page read and write
5CF6000
heap
page read and write
8AD0000
trusted library allocation
page execute and read and write
FD5000
heap
page read and write
CD0000
heap
page read and write
311E000
stack
page read and write
370000
unkown
page write copy
1043F000
heap
page read and write
55E0000
trusted library allocation
page read and write
10F5000
heap
page read and write
2E56000
trusted library allocation
page read and write
64EB000
stack
page read and write
B48E000
trusted library allocation
page read and write
5EDE000
stack
page read and write
5834000
heap
page read and write
61E0000
heap
page read and write
FE5E000
heap
page read and write
AD9F000
trusted library allocation
page read and write
FE41000
heap
page read and write
280D000
heap
page read and write
5696000
trusted library allocation
page read and write
105D8000
heap
page read and write
F50000
heap
page read and write
12789000
heap
page read and write
FE68000
heap
page read and write
5A74000
heap
page read and write
5FE4000
trusted library allocation
page read and write
2E6A000
trusted library allocation
page read and write
1380000
trusted library allocation
page read and write
FD5C000
heap
page read and write
6240000
trusted library allocation
page execute and read and write
1065D000
heap
page read and write
C81F000
trusted library allocation
page read and write
3D3E000
heap
page read and write
3746000
trusted library allocation
page read and write
3E4C000
heap
page read and write
ECE000
stack
page read and write
1300000
heap
page read and write
10430000
heap
page read and write
8834000
heap
page read and write
2CFE000
stack
page read and write
2C40000
heap
page read and write
8540000
trusted library allocation
page read and write
9FC2000
unkown
page readonly
106E2000
heap
page read and write
B084000
trusted library allocation
page read and write
6012000
trusted library allocation
page read and write
2A5C000
unkown
page readonly
5420000
heap
page read and write
FCFD000
heap
page read and write
3330000
heap
page read and write
1360000
trusted library allocation
page read and write
FEAB000
heap
page read and write
12754000
heap
page read and write
D340000
trusted library allocation
page execute and read and write
5CE3000
heap
page read and write
1055A000
heap
page read and write
88D0000
trusted library allocation
page read and write
E55000
trusted library allocation
page execute and read and write
105AB000
heap
page read and write
33C0000
trusted library allocation
page read and write
7D60000
heap
page read and write
1059C000
heap
page read and write
5A56000
heap
page read and write
2E48000
trusted library allocation
page read and write
265D000
stack
page read and write
6006000
trusted library allocation
page read and write
5C9E000
stack
page read and write
1AF0000
trusted library allocation
page read and write
12981000
heap
page read and write
C30000
heap
page read and write
647B000
stack
page read and write
F1F000
stack
page read and write
534E000
heap
page read and write
373E000
trusted library allocation
page read and write
2EBD000
stack
page read and write
5B9E000
stack
page read and write
E24000
trusted library allocation
page read and write
2B70000
heap
page read and write
5340000
heap
page read and write
D73E000
stack
page read and write
2B40000
trusted library allocation
page read and write
FAEF000
heap
page read and write
900E000
stack
page read and write
A22E000
stack
page read and write
5343000
heap
page read and write
57BB000
stack
page read and write
7E42000
heap
page read and write
2AB0000
trusted library allocation
page read and write
5C10000
heap
page read and write
6FC0000
heap
page read and write
5770000
trusted library allocation
page execute and read and write
1075E000
heap
page read and write
275D000
stack
page read and write
63B0000
trusted library allocation
page read and write
5D1B000
heap
page read and write
93E7000
trusted library allocation
page read and write
6100000
trusted library allocation
page read and write
2D70000
heap
page execute and read and write
2CE0000
heap
page read and write
34C0000
trusted library allocation
page read and write
805B000
stack
page read and write
27FB000
heap
page read and write
C7EE000
trusted library allocation
page read and write
1049000
heap
page read and write
28F0000
heap
page read and write
8D89000
trusted library allocation
page read and write
885B000
heap
page read and write
5550000
trusted library allocation
page read and write
FDB6000
heap
page read and write
5264000
trusted library allocation
page read and write
D370000
trusted library allocation
page read and write
12E67000
heap
page read and write
18CB000
heap
page read and write
376E000
trusted library allocation
page read and write
10119000
heap
page read and write
2B76000
heap
page read and write
E57000
trusted library allocation
page execute and read and write
F93000
heap
page read and write
F13000
heap
page read and write
12E72000
heap
page read and write
2D10000
heap
page execute and read and write
2C2B000
stack
page read and write
FC62000
heap
page read and write
2B7A000
heap
page read and write
650E000
stack
page read and write
3E30000
heap
page read and write
53DE000
stack
page read and write
1B20000
trusted library allocation
page execute and read and write
FEA6000
heap
page read and write
70D0000
heap
page read and write
1377000
trusted library allocation
page execute and read and write
FD40000
heap
page read and write
10CF000
heap
page read and write
531D000
trusted library allocation
page read and write
E1E000
stack
page read and write
2B24000
heap
page read and write
7D86000
heap
page read and write
5DF1000
heap
page read and write
10E4000
heap
page read and write
FB0E000
heap
page read and write
231000
unkown
page execute read
12EF000
stack
page read and write
93EB000
trusted library allocation
page read and write
1B30000
heap
page read and write
3422000
unkown
page readonly
1020000
heap
page read and write
3420000
unkown
page readonly
8D20000
trusted library allocation
page read and write
AA3E000
trusted library allocation
page read and write
C200000
trusted library allocation
page read and write
FE8D000
heap
page read and write
FE83000
heap
page read and write
AB4F000
trusted library allocation
page read and write
680C000
heap
page read and write
6580000
trusted library section
page readonly
1AE2000
trusted library allocation
page read and write
A2B0000
trusted library allocation
page read and write
1875000
heap
page read and write
FC72000
heap
page read and write
2EF0000
trusted library allocation
page read and write
578D000
stack
page read and write
1C3F000
stack
page read and write
12941000
heap
page read and write
129E000
stack
page read and write
2C3F000
stack
page read and write
5CBD000
heap
page read and write
FB91000
heap
page read and write
1678000
heap
page read and write
8300000
trusted library allocation
page execute and read and write
6560000
heap
page execute and read and write
F9E000
heap
page read and write
2E50000
trusted library allocation
page read and write
3FC6000
heap
page read and write
2B76000
trusted library allocation
page execute and read and write
5266000
trusted library allocation
page read and write
6120000
trusted library allocation
page read and write
FD1C000
heap
page read and write
36F2000
trusted library allocation
page read and write
5FEE000
trusted library allocation
page read and write
C37000
heap
page read and write
FE59000
heap
page read and write
352D000
heap
page read and write
FD0A000
heap
page read and write
5A85000
heap
page read and write
2B7A000
trusted library allocation
page execute and read and write
6230000
trusted library allocation
page execute and read and write
28F8000
heap
page read and write
1670000
heap
page read and write
3430000
heap
page execute and read and write
13A0000
trusted library allocation
page read and write
34BF000
unkown
page read and write
280D000
heap
page read and write
56A5000
trusted library allocation
page read and write
5D09000
heap
page read and write
1270D000
heap
page read and write
88EC000
heap
page read and write
E33000
trusted library allocation
page read and write
574C000
stack
page read and write
186E000
stack
page read and write
93B9000
trusted library allocation
page read and write
1086E000
trusted library allocation
page read and write
5C93000
heap
page read and write
10E7000
heap
page read and write
3D10000
heap
page read and write
12630000
heap
page read and write
FBA0000
heap
page read and write
AD74000
trusted library allocation
page read and write
FE92000
heap
page read and write
10624000
heap
page read and write
29D0000
heap
page read and write
347E000
stack
page read and write
FAE0000
heap
page read and write
6022000
unkown
page readonly
590C000
stack
page read and write
FC44000
heap
page read and write
6030000
trusted library allocation
page read and write
2EE7000
trusted library allocation
page read and write
106F3000
heap
page read and write
8B20000
trusted library allocation
page read and write
57CA000
heap
page read and write
5C00000
heap
page execute and read and write
12684000
heap
page read and write
FD00000
heap
page read and write
5D68000
heap
page read and write
D30C000
stack
page read and write
1680000
trusted library allocation
page read and write
5FDF000
stack
page read and write
FB2C000
heap
page read and write
2A60000
trusted library allocation
page execute and read and write
2EE4000
trusted library allocation
page read and write
DDE000
stack
page read and write
55D0000
trusted library allocation
page read and write
2AA0000
trusted library allocation
page read and write
272000
unkown
page readonly
8C00000
trusted library allocation
page execute and read and write
6042000
unkown
page readonly
5EFE000
stack
page read and write
539E000
stack
page read and write
8A1E000
stack
page read and write
2E81000
trusted library allocation
page read and write
6EF0000
trusted library allocation
page execute and read and write
10494000
heap
page read and write
10D2000
heap
page read and write
29BE000
stack
page read and write
1340000
trusted library allocation
page read and write
1048D000
heap
page read and write
10606000
heap
page read and write
60C5000
trusted library allocation
page read and write
1AC3000
trusted library allocation
page execute and read and write
10C1000
heap
page read and write
1382000
trusted library allocation
page read and write
FE79000
heap
page read and write
34D8000
heap
page read and write
FFA9000
heap
page read and write
37A000
unkown
page readonly
5BDD000
stack
page read and write
AF8000
stack
page read and write
FE9C000
heap
page read and write
8480000
unkown
page readonly
1016B000
heap
page read and write
5DCB000
heap
page read and write
5340000
trusted library allocation
page read and write
93E0000
trusted library allocation
page read and write
FE7E000
heap
page read and write
9510000
heap
page read and write
8470000
trusted library allocation
page read and write
8A9F000
stack
page read and write
FFD6000
heap
page read and write
5CD0000
heap
page read and write
FE63000
heap
page read and write
88F6000
heap
page read and write
5D7B000
heap
page read and write
281D000
heap
page read and write
2C60000
heap
page read and write
46E1000
trusted library allocation
page read and write
1969000
heap
page read and write
FDAD000
heap
page read and write
5676000
trusted library allocation
page read and write
55C0000
trusted library allocation
page execute and read and write
F39000
stack
page read and write
12658000
heap
page read and write
664E000
stack
page read and write
36E1000
trusted library allocation
page read and write
FE6D000
heap
page read and write
1AE0000
trusted library allocation
page read and write
281D000
heap
page read and write
1935000
heap
page read and write
4BED000
stack
page read and write
B50000
heap
page read and write
56E0000
heap
page read and write
6200000
trusted library allocation
page read and write
531E000
stack
page read and write
3800000
heap
page read and write
88E9000
heap
page read and write
12700000
heap
page read and write
106D4000
heap
page read and write
1190000
heap
page read and write
12891000
heap
page read and write
657E000
heap
page read and write
6B40000
unkown
page readonly
1025000
heap
page read and write
A3F6000
trusted library allocation
page read and write
10066000
heap
page read and write
3320000
heap
page read and write
A3FA000
trusted library allocation
page read and write
1AB0000
trusted library allocation
page read and write
9AF0000
trusted library allocation
page read and write
1880000
heap
page read and write
8B59000
trusted library allocation
page read and write
FD0000
heap
page read and write
FE37000
heap
page read and write
10615000
heap
page read and write
5C82000
heap
page read and write
5B90000
trusted library allocation
page read and write
FC53000
heap
page read and write
795B000
trusted library allocation
page read and write
2EED000
trusted library allocation
page read and write
7DE3000
heap
page read and write
52DE000
stack
page read and write
883D000
heap
page read and write
3BCF000
heap
page read and write
3BE0000
heap
page read and write
1058C000
heap
page read and write
5DB6000
heap
page read and write
6140000
heap
page execute and read and write
8909000
heap
page read and write
1ACD000
trusted library allocation
page execute and read and write
2960000
heap
page read and write
FD13000
heap
page read and write
FCE0000
heap
page read and write
1DD4000
trusted library allocation
page read and write
113E000
stack
page read and write
999E000
trusted library allocation
page read and write
E2D000
trusted library allocation
page execute and read and write
12939000
heap
page read and write
106E4000
heap
page read and write
8B90000
trusted library allocation
page execute and read and write
6FCE000
heap
page read and write
2ED2000
trusted library allocation
page read and write
1DF8000
heap
page read and write
2AFF000
unkown
page read and write
2E30000
heap
page read and write
FAFE000
heap
page read and write
1690000
heap
page read and write
61F0000
trusted library allocation
page read and write
2F00000
trusted library allocation
page read and write
8520000
trusted library allocation
page execute and read and write
5C97000
heap
page read and write
2E5E000
trusted library allocation
page read and write
1298D000
heap
page read and write
8BB0000
trusted library allocation
page execute and read and write
2E72000
trusted library allocation
page read and write
6570000
heap
page read and write
501E000
stack
page read and write
D330000
trusted library allocation
page execute and read and write
37A000
unkown
page readonly
1B10000
trusted library allocation
page read and write
280D000
heap
page read and write
333E000
unkown
page read and write
10A9000
heap
page read and write
6210000
trusted library allocation
page read and write
8D87000
trusted library allocation
page read and write
5340000
heap
page read and write
FD1A000
heap
page read and write
FE15000
heap
page read and write
FE97000
heap
page read and write
678E000
stack
page read and write
FD3D000
heap
page read and write
6400000
trusted library allocation
page read and write
FB82000
heap
page read and write
9500000
heap
page read and write
There are 953 hidden memdumps, click here to show them.