C:\Users\Shane\Documents\Visual Studio 2012\Projects\CCEnhancer\CCEnhancer\obj\Release\CCEnhancer.pdb
Overview
overview
7Static
static
3CCleaner.v...97.exe
windows7-x64
7CCleaner.v...97.exe
windows10-2004-x64
7$EXEDIR/CC...er.exe
windows7-x64
1$EXEDIR/CC...er.exe
windows10-2004-x64
1$EXEDIR/CC...er.exe
windows7-x64
6$EXEDIR/CC...er.exe
windows10-2004-x64
1$EXEDIR/CC...64.exe
windows7-x64
7$EXEDIR/CC...64.exe
windows10-2004-x64
1$EXEDIR/CC...ng.dll
windows7-x64
1$EXEDIR/CC...ng.dll
windows10-2004-x64
1$EXEDIR/CC...49.dll
windows7-x64
1$EXEDIR/CC...49.dll
windows10-2004-x64
1$EXEDIR/CC...58.dll
windows7-x64
1$EXEDIR/CC...58.dll
windows10-2004-x64
1$EXEDIR/CC...er.exe
windows7-x64
1$EXEDIR/CC...er.exe
windows10-2004-x64
1$EXEDIR/CC...er.exe
windows7-x64
6$EXEDIR/CC...er.exe
windows10-2004-x64
1$EXEDIR/CC...64.exe
windows7-x64
7$EXEDIR/CC...64.exe
windows10-2004-x64
1$EXEDIR/CC...49.dll
windows7-x64
1$EXEDIR/CC...49.dll
windows10-2004-x64
1$EXEDIR/CC...58.dll
windows7-x64
1$EXEDIR/CC...58.dll
windows10-2004-x64
1$EXEDIR/CC...er.exe
windows7-x64
1$EXEDIR/CC...er.exe
windows10-2004-x64
1$EXEDIR/CC...er.exe
windows7-x64
6$EXEDIR/CC...er.exe
windows10-2004-x64
1$EXEDIR/CC...64.exe
windows7-x64
7$EXEDIR/CC...64.exe
windows10-2004-x64
1$EXEDIR/CC...ng.dll
windows7-x64
1$EXEDIR/CC...ng.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
CCleaner.v4.04.4197.exe
Resource
win7-20240221-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
CCleaner.v4.04.4197.exe
Resource
win10v2004-20240319-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral3
Sample
$EXEDIR/CCleaner Business/CCEnhancer.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
$EXEDIR/CCleaner Business/CCEnhancer.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
$EXEDIR/CCleaner Business/CCleaner.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
$EXEDIR/CCleaner Business/CCleaner.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral7
Sample
$EXEDIR/CCleaner Business/CCleaner64.exe
Resource
win7-20240221-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral8
Sample
$EXEDIR/CCleaner Business/CCleaner64.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
$EXEDIR/CCleaner Business/branding.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
$EXEDIR/CCleaner Business/branding.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
$EXEDIR/CCleaner Business/lang-1049.dll
Resource
win7-20240319-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
$EXEDIR/CCleaner Business/lang-1049.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
$EXEDIR/CCleaner Business/lang-1058.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
$EXEDIR/CCleaner Business/lang-1058.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
$EXEDIR/CCleaner Free/CCEnhancer.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
$EXEDIR/CCleaner Free/CCEnhancer.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
$EXEDIR/CCleaner Free/CCleaner.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral18
Sample
$EXEDIR/CCleaner Free/CCleaner.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral19
Sample
$EXEDIR/CCleaner Free/CCleaner64.exe
Resource
win7-20240221-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral20
Sample
$EXEDIR/CCleaner Free/CCleaner64.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral21
Sample
$EXEDIR/CCleaner Free/lang-1049.dll
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral22
Sample
$EXEDIR/CCleaner Free/lang-1049.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral23
Sample
$EXEDIR/CCleaner Free/lang-1058.dll
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral24
Sample
$EXEDIR/CCleaner Free/lang-1058.dll
Resource
win10v2004-20240319-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral25
Sample
$EXEDIR/CCleaner Professional/CCEnhancer.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral26
Sample
$EXEDIR/CCleaner Professional/CCEnhancer.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral27
Sample
$EXEDIR/CCleaner Professional/CCleaner.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral28
Sample
$EXEDIR/CCleaner Professional/CCleaner.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral29
Sample
$EXEDIR/CCleaner Professional/CCleaner64.exe
Resource
win7-20240221-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral30
Sample
$EXEDIR/CCleaner Professional/CCleaner64.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral31
Sample
$EXEDIR/CCleaner Professional/branding.dll
Resource
win7-20240215-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral32
Sample
$EXEDIR/CCleaner Professional/branding.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
CCleaner.v4.04.4197.exe
-
Size
3.0MB
-
MD5
641290aa3e40d617e7e7967b84c167f5
-
SHA1
6364021d3b3efaac7112cb33f1baae05a9f498a7
-
SHA256
a6a0cf55d8736aa6210c1d2c8616c748323c7bd53a9c5dd7cdd228403ee988e7
-
SHA512
01c303291b337c57c253313899ec06a92be1c0e9536c944f599a0d9867dd44466db667cb13192382eee802636deba068b5faa08dbef980f295bb6bedc465e196
-
SSDEEP
49152:BWK488vAzCjUg+ioa/B78g+pYLIvSM9s3SyzbGsP+JOll4CjFCgHZSzZk7YP/Y7/:LnzCjU7i/ugMcIqws3Pblm4llbFCNZkX
Score
3/10
Malware Config
Signatures
-
Unsigned PE 14 IoCs
Checks for missing Authenticode signature.
resource CCleaner.v4.04.4197.exe unpack001/$EXEDIR/CCleaner Business/CCEnhancer.exe unpack001/$EXEDIR/CCleaner Business/lang-1049.dll unpack001/$EXEDIR/CCleaner Business/lang-1058.dll unpack001/$EXEDIR/CCleaner Free/CCEnhancer.exe unpack001/$EXEDIR/CCleaner Free/lang-1049.dll unpack001/$EXEDIR/CCleaner Free/lang-1058.dll unpack001/$EXEDIR/CCleaner Professional/CCEnhancer.exe unpack001/$EXEDIR/CCleaner Professional/lang-1049.dll unpack001/$EXEDIR/CCleaner Professional/lang-1058.dll unpack001/$PLUGINSDIR/nsProcess.dll unpack001/CCEnhancer.exe unpack001/lang-1049.dll unpack001/lang-1058.dll
Files
-
CCleaner.v4.04.4197.exe.exe windows:5 windows x86 arch:x86
32f3282581436269b3a75b6675fe3e08
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA
user32
GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation
advapi32
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 415KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 1.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/CCEnhancer.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 182KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 312B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/CCleaner.dat
-
$EXEDIR/CCleaner Business/CCleaner.exe.exe windows:4 windows x86 arch:x86
8791d6a590c87ff6e76fc4b4d4e1c9ac
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
dd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Signer
Actual PE Digestdd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\Release\CCleaner.pdb
Imports
kernel32
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
ReleaseSemaphore
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LocalAlloc
SetFileTime
CreateFileA
InitializeCriticalSection
HeapReAlloc
GetDiskFreeSpaceA
UnlockFileEx
GetTickCount
GetFullPathNameA
DeleteFileA
HeapValidate
LockFile
AreFileApisANSI
HeapCreate
UnlockFile
GetTempPathA
GetFileAttributesA
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetLogicalDrives
ExitThread
CreateThread
RtlUnwind
LCMapStringA
GetStdHandle
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
GetCommandLineW
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
MulDiv
WriteFile
InterlockedCompareExchange
GetCurrentProcessId
HeapDestroy
LockFileEx
HeapSize
UnmapViewOfFile
MapViewOfFile
lstrcmpA
SetProcessWorkingSetSize
lstrlenA
SetEndOfFile
MoveFileExW
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetUserDefaultLangID
FindClose
GetCurrentThread
GetThreadLocale
GetLocalTime
GetSystemTimeAsFileTime
GetModuleFileNameA
OutputDebugStringA
GetSystemInfo
GetVersionExA
VerifyVersionInfoW
VerSetConditionMask
GlobalMemoryStatus
FlushFileBuffers
LocalFree
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
BackupSeek
ReadFile
GetFileSize
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualProtect
Sleep
GetProcessTimes
LoadLibraryA
CompareStringA
GetModuleHandleA
DeviceIoControl
SetFilePointerEx
GetCompressedFileSizeW
BackupRead
CreateWaitableTimerA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
InterlockedExchange
RaiseException
SetLastError
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetLastError
LoadResource
LockResource
SizeofResource
CloseHandle
WaitForSingleObject
GetCurrentProcess
FlushInstructionCache
OpenProcess
HeapFree
GetProcessHeap
SetEvent
TerminateProcess
HeapAlloc
CreateEventA
FormatMessageA
ResetEvent
advapi32
AllocateAndInitializeSid
OpenProcessToken
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
LookupPrivilegeNameW
RegNotifyChangeKeyValue
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameW
CopySid
GetLengthSid
LookupAccountSidW
FreeSid
EqualSid
OpenThreadToken
GetTokenInformation
user32
DestroyWindow
GetWindowRect
EndDialog
SetWindowPos
GetParent
GetWindow
UnregisterClassA
SetClipboardData
CharLowerA
EmptyClipboard
ExitWindowsEx
WaitForInputIdle
GetWindowThreadProcessId
MonitorFromWindow
CallNextHookEx
UnhookWindowsHookEx
GetMenuItemID
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetDesktopWindow
GetDlgItemInt
GetForegroundWindow
GetNextDlgTabItem
CloseClipboard
OpenClipboard
IsDlgButtonChecked
PostQuitMessage
IsZoomed
SetActiveWindow
LockWindowUpdate
SetMenuDefaultItem
GetComboBoxInfo
AdjustWindowRectEx
GetMenu
GetScrollPos
SetScrollPos
GetScrollInfo
ScrollWindowEx
GetClientRect
EnableMenuItem
GetSystemMenu
KillTimer
SetTimer
UpdateWindow
MoveWindow
SetRectEmpty
SetCursorPos
TrackPopupMenu
IsWindowEnabled
DestroyMenu
IsChild
CreatePopupMenu
DispatchMessageA
ChildWindowFromPoint
GetMessageA
GetSysColorBrush
BringWindowToTop
MsgWaitForMultipleObjects
GetDlgCtrlID
GetCursorPos
GetMessagePos
SetScrollInfo
TranslateMessage
GetDC
GetWindowDC
GetIconInfo
DrawEdge
IsWindow
DrawFocusRect
DestroyCursor
DestroyIcon
FrameRect
FillRect
ScreenToClient
CopyRect
GetFocus
GetKeyState
GetSysColor
OffsetRect
InflateRect
ReleaseDC
PtInRect
EndPaint
ReleaseCapture
WindowFromPoint
BeginPaint
ClientToScreen
InvalidateRect
RedrawWindow
SetCapture
GetCapture
SetRect
SetCursor
EnumWindows
SetForegroundWindow
OpenIcon
ShowWindow
IsWindowVisible
GetActiveWindow
SetFocus
IsIconic
GetDlgItem
MapWindowPoints
gdi32
PolylineTo
Ellipse
GetClipBox
RestoreDC
GetDeviceCaps
CreatePatternBrush
SaveDC
CreateBitmap
GetStockObject
PatBlt
CreateDIBSection
CreateRectRgn
StrokeAndFillPath
EndPath
CreatePen
BeginPath
LineTo
MoveToEx
CreateSolidBrush
ExcludeClipRect
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
SetBkColor
CreateCompatibleDC
DeleteDC
GetDIBColorTable
StretchBlt
BitBlt
SetTextColor
SetBkMode
DeleteObject
SelectObject
CreateCompatibleBitmap
SetViewportOrgEx
GetClipRgn
rpcrt4
UuidFromStringA
ole32
OleUninitialize
CoCreateInstance
OleInitialize
CoTaskMemRealloc
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
CoTaskMemAlloc
DoDragDrop
CoInitializeSecurity
PropVariantClear
CoInitialize
CoUninitialize
CoInitializeEx
CLSIDFromString
CoSetProxyBlanket
CoTaskMemFree
RegisterDragDrop
oleaut32
VarBstrFromR8
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocString
VarUI4FromStr
SysFreeString
shlwapi
PathIsUNCW
PathFindExtensionW
PathUnquoteSpacesW
PathRemoveArgsW
StrRetToStrW
SHStrDupW
PathCombineW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathStripPathA
PathIsURLW
PathSkipRootW
PathGetDriveNumberW
PathCompactPathW
PathIsDirectoryW
PathAppendW
PathFileExistsW
PathMatchSpecW
PathFindFileNameW
PathIsDirectoryEmptyW
PathAddExtensionW
PathIsRelativeW
PathRemoveBackslashW
PathStripToRootW
PathCreateFromUrlW
PathStripPathW
comctl32
ImageList_Draw
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Replace
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_LoadImageW
ImageList_SetImageCount
ImageList_Remove
ImageList_GetIconSize
_TrackMouseEvent
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptDecodeObject
CryptMsgClose
CertCloseStore
CryptQueryObject
wintrust
WinVerifyTrust
esent
JetGetDatabaseFileInfo
JetCloseTable
JetCloseDatabase
JetEndSession
JetTerm2
JetDeleteTable
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetBeginSession
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 674KB - Virtual size: 673KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 173KB - Virtual size: 194KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/CCleaner64.exe.exe windows:4 windows x64 arch:x64
1c17128061f193a20f625b0310607e0f
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Signer
Actual PE Digest52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\x64\Release\CCleaner64.pdb
Imports
rpcrt4
UuidFromStringA
kernel32
GetTickCount
GetFullPathNameA
GetTempPathA
UnlockFileEx
AreFileApisANSI
CreateFileMappingW
FormatMessageA
DeleteFileA
HeapReAlloc
CreateFileA
GetDiskFreeSpaceA
MapViewOfFile
UnmapViewOfFile
SetFileTime
WaitForSingleObject
CreateDirectoryW
BackupSeek
BackupRead
GetCompressedFileSizeW
DeviceIoControl
GetDiskFreeSpaceExW
SetFilePointerEx
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
HeapSetInformation
RtlVirtualUnwind
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
RtlLookupFunctionEntry
RtlUnwindEx
CreateThread
ExitThread
GetLogicalDrives
ExitProcess
GetModuleHandleA
RtlPcToFileHeader
RtlCaptureContext
IsDebuggerPresent
UnhandledExceptionFilter
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
GetLocaleInfoA
GetACP
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
OpenProcess
CreateEventA
CloseHandle
FlushInstructionCache
TerminateProcess
CreateEventW
SetEvent
ResetEvent
HeapAlloc
GetProcessHeap
GetCurrentProcess
HeapFree
FindResourceExW
GetModuleFileNameW
SetLastError
RaiseException
CreateMutexW
WideCharToMultiByte
GetLastError
EnterCriticalSection
FindResourceW
GetCurrentThreadId
LeaveCriticalSection
lstrlenW
GetFileAttributesW
SizeofResource
LockResource
LoadResource
LoadLibraryW
FreeLibrary
GetModuleHandleW
MultiByteToWideChar
InitializeCriticalSection
lstrcmpiW
LoadLibraryExW
GetStartupInfoW
DeleteCriticalSection
CreateProcessW
GetCommandLineW
GetCurrentDirectoryW
SetCurrentDirectoryW
QueryPerformanceFrequency
MulDiv
QueryPerformanceCounter
GetProcAddress
CreateFileW
FlushFileBuffers
WriteFile
GetVersionExW
FormatMessageW
LocalFree
GetPrivateProfileStringW
DeleteFileW
CompareStringW
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
ReadFile
GetFileSize
SetFilePointer
GetLongPathNameW
IsBadReadPtr
VirtualProtect
GetWindowsDirectoryW
SetUnhandledExceptionFilter
GetProcessTimes
Sleep
GlobalMemoryStatus
VerSetConditionMask
VerifyVersionInfoW
GetVersionExA
GetSystemInfo
OutputDebugStringA
GetModuleFileNameA
GetLocalTime
GetSystemTimeAsFileTime
GetThreadLocale
GetLocaleInfoW
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
lstrcpyW
GetEnvironmentVariableW
GetCurrentProcessId
HeapValidate
LockFile
HeapCreate
GetFileAttributesA
UnlockFile
HeapDestroy
GetDiskFreeSpaceW
LockFileEx
GetFileAttributesExW
HeapSize
lstrcmpA
SetProcessWorkingSetSize
SetEndOfFile
lstrlenA
MoveFileExW
SystemTimeToFileTime
GetSystemTime
MoveFileW
LoadLibraryA
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
WritePrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
SetThreadPriority
CopyFileW
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
SetFileAttributesW
GetVolumeInformationW
GetDriveTypeW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
IsBadStringPtrW
GetUserDefaultLangID
FindNextFileW
FindFirstFileW
GetFullPathNameW
FindClose
SetErrorMode
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetCurrentThread
user32
GetWindowLongW
GetParent
GetActiveWindow
DialogBoxParamW
IsWindowVisible
GetMenuItemID
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetMonitorInfoW
MonitorFromWindow
GetWindowThreadProcessId
EnumDisplaySettingsW
WaitForInputIdle
ExitWindowsEx
SetWindowPos
GetWindowRect
SetWindowLongPtrW
SetWindowTextW
PostMessageW
EndDialog
GetDlgItem
SetWindowLongW
MapWindowPoints
GetClientRect
GetDesktopWindow
UnregisterClassA
GetWindow
IsDialogMessageW
SetActiveWindow
PostQuitMessage
IsDlgButtonChecked
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
SetDlgItemTextW
GetNextDlgTabItem
DrawTextExW
GetForegroundWindow
GetDlgItemInt
GetSystemMetrics
GetWindowPlacement
FindWindowExW
LockWindowUpdate
SetMenuDefaultItem
IsZoomed
LoadIconW
AdjustWindowRectEx
GetComboBoxInfo
GetMenu
GetScrollPos
AppendMenuW
ScrollWindowEx
SetScrollInfo
SetScrollPos
GetScrollInfo
CreateDialogParamW
MsgWaitForMultipleObjects
SetCursorPos
SendMessageTimeoutW
EmptyClipboard
GetClassNameW
ShowWindow
OpenIcon
SetForegroundWindow
SendMessageW
IsIconic
GetWindowTextW
FindWindowW
SetFocus
EnumWindows
RegisterWindowMessageW
InvalidateRect
CreateWindowExW
UnregisterClassW
CharLowerW
CharLowerA
GetDlgItemTextW
SetClipboardData
SystemParametersInfoA
GetSysColorBrush
SetRectEmpty
InsertMenuW
TrackPopupMenu
IsWindowEnabled
BringWindowToTop
DestroyMenu
IsChild
SystemParametersInfoW
RedrawWindow
BeginPaint
ChildWindowFromPoint
GetCursorPos
GetDlgCtrlID
CreatePopupMenu
UpdateWindow
MoveWindow
EnableMenuItem
GetSystemMenu
GetMessagePos
KillTimer
DispatchMessageA
SetTimer
GetMessageA
EnableWindow
IsWindowUnicode
MessageBoxW
RegisterClassW
GetClassInfoW
PeekMessageW
DestroyWindow
GetMessageW
TranslateMessage
ClientToScreen
DrawTextW
EndPaint
CallWindowProcW
WindowFromPoint
ReleaseCapture
PtInRect
SetCursor
LoadCursorW
DefWindowProcW
SetRect
GetWindowLongPtrW
GetCapture
SetCapture
GetWindowTextLengthW
LoadImageW
GetIconInfo
DispatchMessageW
CharNextW
GetClassLongPtrW
IsWindow
OffsetRect
InflateRect
ReleaseDC
CopyRect
GetFocus
GetDC
GetKeyState
ScreenToClient
DestroyCursor
GetWindowDC
DestroyIcon
DrawEdge
GetSysColor
DrawFocusRect
DrawStateW
FrameRect
FillRect
GetClassInfoExW
RegisterClassExW
gdi32
PolylineTo
Ellipse
GetTextMetricsW
GetClipBox
RestoreDC
SaveDC
GetTextExtentPoint32W
GetDeviceCaps
GetStockObject
CreatePatternBrush
CreateDIBSection
CreateBitmap
PatBlt
ExtTextOutW
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
StrokeAndFillPath
EndPath
BeginPath
CreateRectRgn
CreatePen
LineTo
MoveToEx
ExcludeClipRect
SelectClipRgn
GetClipRgn
SetBkColor
CreateCompatibleDC
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleBitmap
SetTextColor
SetBkMode
SetViewportOrgEx
GetDIBColorTable
SelectObject
StretchBlt
TextOutW
BitBlt
CreateFontIndirectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
OpenProcessToken
GetTokenInformation
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
AllocateAndInitializeSid
OpenThreadToken
EqualSid
FreeSid
LookupAccountSidW
GetLengthSid
CopySid
LookupAccountNameW
IsValidSid
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetFileSecurityW
DuplicateToken
MapGenericMask
AccessCheck
RegLoadKeyW
RegUnLoadKeyW
LookupPrivilegeNameW
RegNotifyChangeKeyValue
shell32
ShellExecuteW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHEmptyRecycleBinA
ExtractIconExW
SHGetFileInfoW
SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteExW
DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CoSetProxyBlanket
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
PropVariantClear
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
ReleaseStgMedium
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
oleaut32
VariantInit
SysFreeString
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysAllocString
VarBstrFromR8
VariantClear
VarUI4FromStr
shlwapi
PathCombineW
PathStripPathW
PathRemoveArgsW
PathUnquoteSpacesW
PathFindExtensionW
PathStripPathA
PathIsUNCW
PathIsRelativeW
PathIsURLW
PathCreateFromUrlW
StrRetToStrW
PathFindFileNameW
PathIsDirectoryEmptyW
SHStrDupW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathAddExtensionW
PathStripToRootW
PathSkipRootW
PathRemoveBackslashW
PathGetDriveNumberW
PathCompactPathW
PathFileExistsW
PathIsDirectoryW
PathMatchSpecW
PathAppendW
comctl32
ImageList_Remove
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
ImageList_Duplicate
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_Replace
msimg32
TransparentBlt
AlphaBlend
uxtheme
DrawThemeEdge
GetThemeInt
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
GetThemeMargins
DrawThemeText
GetThemeColor
IsThemeActive
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CryptQueryObject
CertGetNameStringW
CertCloseStore
CryptMsgClose
CertFindCertificateInStore
CryptMsgGetParam
CertFreeCertificateContext
CryptDecodeObject
wintrust
WinVerifyTrust
esent
JetEndSession
JetTerm2
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetCloseDatabase
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
JetDeleteTable
JetCloseTable
JetGetDatabaseFileInfo
JetBeginSession
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
wininet
DeleteUrlCacheEntryW
DeleteUrlCacheEntryA
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
Sections
.text Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 175KB - Virtual size: 199KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 277KB - Virtual size: 277KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/branding.dll.dll windows:4 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
5c:af:21:e8:cd:69:22:44:a0:59:5f:36:69:79:e2:4c:44:44:0c:6aSigner
Actual PE Digest5c:af:21:e8:cd:69:22:44:a0:59:5f:36:69:79:e2:4c:44:44:0c:6aDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/cc_config.ini
-
$EXEDIR/CCleaner Business/ccleaner.ini
-
$EXEDIR/CCleaner Business/lang-1049.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/lang-1058.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Business/locales/lang.Russian.locale
-
$EXEDIR/CCleaner Business/portable.dat
-
$EXEDIR/CCleaner Business/winapp2.ini
-
$EXEDIR/CCleaner Free/CCEnhancer.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Shane\Documents\Visual Studio 2012\Projects\CCEnhancer\CCEnhancer\obj\Release\CCEnhancer.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 182KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 312B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Free/CCleaner.dat
-
$EXEDIR/CCleaner Free/CCleaner.exe.exe windows:4 windows x86 arch:x86
8791d6a590c87ff6e76fc4b4d4e1c9ac
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
dd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Signer
Actual PE Digestdd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\Release\CCleaner.pdb
Imports
kernel32
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
ReleaseSemaphore
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LocalAlloc
SetFileTime
CreateFileA
InitializeCriticalSection
HeapReAlloc
GetDiskFreeSpaceA
UnlockFileEx
GetTickCount
GetFullPathNameA
DeleteFileA
HeapValidate
LockFile
AreFileApisANSI
HeapCreate
UnlockFile
GetTempPathA
GetFileAttributesA
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetLogicalDrives
ExitThread
CreateThread
RtlUnwind
LCMapStringA
GetStdHandle
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
GetCommandLineW
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
MulDiv
WriteFile
InterlockedCompareExchange
GetCurrentProcessId
HeapDestroy
LockFileEx
HeapSize
UnmapViewOfFile
MapViewOfFile
lstrcmpA
SetProcessWorkingSetSize
lstrlenA
SetEndOfFile
MoveFileExW
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetUserDefaultLangID
FindClose
GetCurrentThread
GetThreadLocale
GetLocalTime
GetSystemTimeAsFileTime
GetModuleFileNameA
OutputDebugStringA
GetSystemInfo
GetVersionExA
VerifyVersionInfoW
VerSetConditionMask
GlobalMemoryStatus
FlushFileBuffers
LocalFree
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
BackupSeek
ReadFile
GetFileSize
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualProtect
Sleep
GetProcessTimes
LoadLibraryA
CompareStringA
GetModuleHandleA
DeviceIoControl
SetFilePointerEx
GetCompressedFileSizeW
BackupRead
CreateWaitableTimerA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
InterlockedExchange
RaiseException
SetLastError
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetLastError
LoadResource
LockResource
SizeofResource
CloseHandle
WaitForSingleObject
GetCurrentProcess
FlushInstructionCache
OpenProcess
HeapFree
GetProcessHeap
SetEvent
TerminateProcess
HeapAlloc
CreateEventA
FormatMessageA
ResetEvent
advapi32
AllocateAndInitializeSid
OpenProcessToken
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
LookupPrivilegeNameW
RegNotifyChangeKeyValue
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameW
CopySid
GetLengthSid
LookupAccountSidW
FreeSid
EqualSid
OpenThreadToken
GetTokenInformation
user32
DestroyWindow
GetWindowRect
EndDialog
SetWindowPos
GetParent
GetWindow
UnregisterClassA
SetClipboardData
CharLowerA
EmptyClipboard
ExitWindowsEx
WaitForInputIdle
GetWindowThreadProcessId
MonitorFromWindow
CallNextHookEx
UnhookWindowsHookEx
GetMenuItemID
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetDesktopWindow
GetDlgItemInt
GetForegroundWindow
GetNextDlgTabItem
CloseClipboard
OpenClipboard
IsDlgButtonChecked
PostQuitMessage
IsZoomed
SetActiveWindow
LockWindowUpdate
SetMenuDefaultItem
GetComboBoxInfo
AdjustWindowRectEx
GetMenu
GetScrollPos
SetScrollPos
GetScrollInfo
ScrollWindowEx
GetClientRect
EnableMenuItem
GetSystemMenu
KillTimer
SetTimer
UpdateWindow
MoveWindow
SetRectEmpty
SetCursorPos
TrackPopupMenu
IsWindowEnabled
DestroyMenu
IsChild
CreatePopupMenu
DispatchMessageA
ChildWindowFromPoint
GetMessageA
GetSysColorBrush
BringWindowToTop
MsgWaitForMultipleObjects
GetDlgCtrlID
GetCursorPos
GetMessagePos
SetScrollInfo
TranslateMessage
GetDC
GetWindowDC
GetIconInfo
DrawEdge
IsWindow
DrawFocusRect
DestroyCursor
DestroyIcon
FrameRect
FillRect
ScreenToClient
CopyRect
GetFocus
GetKeyState
GetSysColor
OffsetRect
InflateRect
ReleaseDC
PtInRect
EndPaint
ReleaseCapture
WindowFromPoint
BeginPaint
ClientToScreen
InvalidateRect
RedrawWindow
SetCapture
GetCapture
SetRect
SetCursor
EnumWindows
SetForegroundWindow
OpenIcon
ShowWindow
IsWindowVisible
GetActiveWindow
SetFocus
IsIconic
GetDlgItem
MapWindowPoints
gdi32
PolylineTo
Ellipse
GetClipBox
RestoreDC
GetDeviceCaps
CreatePatternBrush
SaveDC
CreateBitmap
GetStockObject
PatBlt
CreateDIBSection
CreateRectRgn
StrokeAndFillPath
EndPath
CreatePen
BeginPath
LineTo
MoveToEx
CreateSolidBrush
ExcludeClipRect
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
SetBkColor
CreateCompatibleDC
DeleteDC
GetDIBColorTable
StretchBlt
BitBlt
SetTextColor
SetBkMode
DeleteObject
SelectObject
CreateCompatibleBitmap
SetViewportOrgEx
GetClipRgn
rpcrt4
UuidFromStringA
ole32
OleUninitialize
CoCreateInstance
OleInitialize
CoTaskMemRealloc
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
CoTaskMemAlloc
DoDragDrop
CoInitializeSecurity
PropVariantClear
CoInitialize
CoUninitialize
CoInitializeEx
CLSIDFromString
CoSetProxyBlanket
CoTaskMemFree
RegisterDragDrop
oleaut32
VarBstrFromR8
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocString
VarUI4FromStr
SysFreeString
shlwapi
PathIsUNCW
PathFindExtensionW
PathUnquoteSpacesW
PathRemoveArgsW
StrRetToStrW
SHStrDupW
PathCombineW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathStripPathA
PathIsURLW
PathSkipRootW
PathGetDriveNumberW
PathCompactPathW
PathIsDirectoryW
PathAppendW
PathFileExistsW
PathMatchSpecW
PathFindFileNameW
PathIsDirectoryEmptyW
PathAddExtensionW
PathIsRelativeW
PathRemoveBackslashW
PathStripToRootW
PathCreateFromUrlW
PathStripPathW
comctl32
ImageList_Draw
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Replace
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_LoadImageW
ImageList_SetImageCount
ImageList_Remove
ImageList_GetIconSize
_TrackMouseEvent
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptDecodeObject
CryptMsgClose
CertCloseStore
CryptQueryObject
wintrust
WinVerifyTrust
esent
JetGetDatabaseFileInfo
JetCloseTable
JetCloseDatabase
JetEndSession
JetTerm2
JetDeleteTable
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetBeginSession
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 674KB - Virtual size: 673KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 173KB - Virtual size: 194KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Free/CCleaner64.exe.exe windows:4 windows x64 arch:x64
1c17128061f193a20f625b0310607e0f
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Signer
Actual PE Digest52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\x64\Release\CCleaner64.pdb
Imports
rpcrt4
UuidFromStringA
kernel32
GetTickCount
GetFullPathNameA
GetTempPathA
UnlockFileEx
AreFileApisANSI
CreateFileMappingW
FormatMessageA
DeleteFileA
HeapReAlloc
CreateFileA
GetDiskFreeSpaceA
MapViewOfFile
UnmapViewOfFile
SetFileTime
WaitForSingleObject
CreateDirectoryW
BackupSeek
BackupRead
GetCompressedFileSizeW
DeviceIoControl
GetDiskFreeSpaceExW
SetFilePointerEx
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
HeapSetInformation
RtlVirtualUnwind
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
RtlLookupFunctionEntry
RtlUnwindEx
CreateThread
ExitThread
GetLogicalDrives
ExitProcess
GetModuleHandleA
RtlPcToFileHeader
RtlCaptureContext
IsDebuggerPresent
UnhandledExceptionFilter
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
GetLocaleInfoA
GetACP
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
OpenProcess
CreateEventA
CloseHandle
FlushInstructionCache
TerminateProcess
CreateEventW
SetEvent
ResetEvent
HeapAlloc
GetProcessHeap
GetCurrentProcess
HeapFree
FindResourceExW
GetModuleFileNameW
SetLastError
RaiseException
CreateMutexW
WideCharToMultiByte
GetLastError
EnterCriticalSection
FindResourceW
GetCurrentThreadId
LeaveCriticalSection
lstrlenW
GetFileAttributesW
SizeofResource
LockResource
LoadResource
LoadLibraryW
FreeLibrary
GetModuleHandleW
MultiByteToWideChar
InitializeCriticalSection
lstrcmpiW
LoadLibraryExW
GetStartupInfoW
DeleteCriticalSection
CreateProcessW
GetCommandLineW
GetCurrentDirectoryW
SetCurrentDirectoryW
QueryPerformanceFrequency
MulDiv
QueryPerformanceCounter
GetProcAddress
CreateFileW
FlushFileBuffers
WriteFile
GetVersionExW
FormatMessageW
LocalFree
GetPrivateProfileStringW
DeleteFileW
CompareStringW
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
ReadFile
GetFileSize
SetFilePointer
GetLongPathNameW
IsBadReadPtr
VirtualProtect
GetWindowsDirectoryW
SetUnhandledExceptionFilter
GetProcessTimes
Sleep
GlobalMemoryStatus
VerSetConditionMask
VerifyVersionInfoW
GetVersionExA
GetSystemInfo
OutputDebugStringA
GetModuleFileNameA
GetLocalTime
GetSystemTimeAsFileTime
GetThreadLocale
GetLocaleInfoW
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
lstrcpyW
GetEnvironmentVariableW
GetCurrentProcessId
HeapValidate
LockFile
HeapCreate
GetFileAttributesA
UnlockFile
HeapDestroy
GetDiskFreeSpaceW
LockFileEx
GetFileAttributesExW
HeapSize
lstrcmpA
SetProcessWorkingSetSize
SetEndOfFile
lstrlenA
MoveFileExW
SystemTimeToFileTime
GetSystemTime
MoveFileW
LoadLibraryA
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
WritePrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
SetThreadPriority
CopyFileW
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
SetFileAttributesW
GetVolumeInformationW
GetDriveTypeW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
IsBadStringPtrW
GetUserDefaultLangID
FindNextFileW
FindFirstFileW
GetFullPathNameW
FindClose
SetErrorMode
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetCurrentThread
user32
GetWindowLongW
GetParent
GetActiveWindow
DialogBoxParamW
IsWindowVisible
GetMenuItemID
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetMonitorInfoW
MonitorFromWindow
GetWindowThreadProcessId
EnumDisplaySettingsW
WaitForInputIdle
ExitWindowsEx
SetWindowPos
GetWindowRect
SetWindowLongPtrW
SetWindowTextW
PostMessageW
EndDialog
GetDlgItem
SetWindowLongW
MapWindowPoints
GetClientRect
GetDesktopWindow
UnregisterClassA
GetWindow
IsDialogMessageW
SetActiveWindow
PostQuitMessage
IsDlgButtonChecked
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
SetDlgItemTextW
GetNextDlgTabItem
DrawTextExW
GetForegroundWindow
GetDlgItemInt
GetSystemMetrics
GetWindowPlacement
FindWindowExW
LockWindowUpdate
SetMenuDefaultItem
IsZoomed
LoadIconW
AdjustWindowRectEx
GetComboBoxInfo
GetMenu
GetScrollPos
AppendMenuW
ScrollWindowEx
SetScrollInfo
SetScrollPos
GetScrollInfo
CreateDialogParamW
MsgWaitForMultipleObjects
SetCursorPos
SendMessageTimeoutW
EmptyClipboard
GetClassNameW
ShowWindow
OpenIcon
SetForegroundWindow
SendMessageW
IsIconic
GetWindowTextW
FindWindowW
SetFocus
EnumWindows
RegisterWindowMessageW
InvalidateRect
CreateWindowExW
UnregisterClassW
CharLowerW
CharLowerA
GetDlgItemTextW
SetClipboardData
SystemParametersInfoA
GetSysColorBrush
SetRectEmpty
InsertMenuW
TrackPopupMenu
IsWindowEnabled
BringWindowToTop
DestroyMenu
IsChild
SystemParametersInfoW
RedrawWindow
BeginPaint
ChildWindowFromPoint
GetCursorPos
GetDlgCtrlID
CreatePopupMenu
UpdateWindow
MoveWindow
EnableMenuItem
GetSystemMenu
GetMessagePos
KillTimer
DispatchMessageA
SetTimer
GetMessageA
EnableWindow
IsWindowUnicode
MessageBoxW
RegisterClassW
GetClassInfoW
PeekMessageW
DestroyWindow
GetMessageW
TranslateMessage
ClientToScreen
DrawTextW
EndPaint
CallWindowProcW
WindowFromPoint
ReleaseCapture
PtInRect
SetCursor
LoadCursorW
DefWindowProcW
SetRect
GetWindowLongPtrW
GetCapture
SetCapture
GetWindowTextLengthW
LoadImageW
GetIconInfo
DispatchMessageW
CharNextW
GetClassLongPtrW
IsWindow
OffsetRect
InflateRect
ReleaseDC
CopyRect
GetFocus
GetDC
GetKeyState
ScreenToClient
DestroyCursor
GetWindowDC
DestroyIcon
DrawEdge
GetSysColor
DrawFocusRect
DrawStateW
FrameRect
FillRect
GetClassInfoExW
RegisterClassExW
gdi32
PolylineTo
Ellipse
GetTextMetricsW
GetClipBox
RestoreDC
SaveDC
GetTextExtentPoint32W
GetDeviceCaps
GetStockObject
CreatePatternBrush
CreateDIBSection
CreateBitmap
PatBlt
ExtTextOutW
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
StrokeAndFillPath
EndPath
BeginPath
CreateRectRgn
CreatePen
LineTo
MoveToEx
ExcludeClipRect
SelectClipRgn
GetClipRgn
SetBkColor
CreateCompatibleDC
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleBitmap
SetTextColor
SetBkMode
SetViewportOrgEx
GetDIBColorTable
SelectObject
StretchBlt
TextOutW
BitBlt
CreateFontIndirectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
OpenProcessToken
GetTokenInformation
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
AllocateAndInitializeSid
OpenThreadToken
EqualSid
FreeSid
LookupAccountSidW
GetLengthSid
CopySid
LookupAccountNameW
IsValidSid
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetFileSecurityW
DuplicateToken
MapGenericMask
AccessCheck
RegLoadKeyW
RegUnLoadKeyW
LookupPrivilegeNameW
RegNotifyChangeKeyValue
shell32
ShellExecuteW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHEmptyRecycleBinA
ExtractIconExW
SHGetFileInfoW
SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteExW
DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CoSetProxyBlanket
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
PropVariantClear
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
ReleaseStgMedium
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
oleaut32
VariantInit
SysFreeString
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysAllocString
VarBstrFromR8
VariantClear
VarUI4FromStr
shlwapi
PathCombineW
PathStripPathW
PathRemoveArgsW
PathUnquoteSpacesW
PathFindExtensionW
PathStripPathA
PathIsUNCW
PathIsRelativeW
PathIsURLW
PathCreateFromUrlW
StrRetToStrW
PathFindFileNameW
PathIsDirectoryEmptyW
SHStrDupW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathAddExtensionW
PathStripToRootW
PathSkipRootW
PathRemoveBackslashW
PathGetDriveNumberW
PathCompactPathW
PathFileExistsW
PathIsDirectoryW
PathMatchSpecW
PathAppendW
comctl32
ImageList_Remove
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
ImageList_Duplicate
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_Replace
msimg32
TransparentBlt
AlphaBlend
uxtheme
DrawThemeEdge
GetThemeInt
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
GetThemeMargins
DrawThemeText
GetThemeColor
IsThemeActive
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CryptQueryObject
CertGetNameStringW
CertCloseStore
CryptMsgClose
CertFindCertificateInStore
CryptMsgGetParam
CertFreeCertificateContext
CryptDecodeObject
wintrust
WinVerifyTrust
esent
JetEndSession
JetTerm2
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetCloseDatabase
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
JetDeleteTable
JetCloseTable
JetGetDatabaseFileInfo
JetBeginSession
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
wininet
DeleteUrlCacheEntryW
DeleteUrlCacheEntryA
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
Sections
.text Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 175KB - Virtual size: 199KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 277KB - Virtual size: 277KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Free/cc_config.ini
-
$EXEDIR/CCleaner Free/ccleaner.ini
-
$EXEDIR/CCleaner Free/lang-1049.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Free/lang-1058.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Free/locales/lang.Russian.locale
-
$EXEDIR/CCleaner Free/portable.dat
-
$EXEDIR/CCleaner Free/winapp2.ini
-
$EXEDIR/CCleaner Professional/CCEnhancer.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Shane\Documents\Visual Studio 2012\Projects\CCEnhancer\CCEnhancer\obj\Release\CCEnhancer.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 182KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 312B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Professional/CCleaner.dat
-
$EXEDIR/CCleaner Professional/CCleaner.exe.exe windows:4 windows x86 arch:x86
8791d6a590c87ff6e76fc4b4d4e1c9ac
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
dd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Signer
Actual PE Digestdd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\Release\CCleaner.pdb
Imports
kernel32
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
ReleaseSemaphore
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LocalAlloc
SetFileTime
CreateFileA
InitializeCriticalSection
HeapReAlloc
GetDiskFreeSpaceA
UnlockFileEx
GetTickCount
GetFullPathNameA
DeleteFileA
HeapValidate
LockFile
AreFileApisANSI
HeapCreate
UnlockFile
GetTempPathA
GetFileAttributesA
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetLogicalDrives
ExitThread
CreateThread
RtlUnwind
LCMapStringA
GetStdHandle
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
GetCommandLineW
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
MulDiv
WriteFile
InterlockedCompareExchange
GetCurrentProcessId
HeapDestroy
LockFileEx
HeapSize
UnmapViewOfFile
MapViewOfFile
lstrcmpA
SetProcessWorkingSetSize
lstrlenA
SetEndOfFile
MoveFileExW
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetUserDefaultLangID
FindClose
GetCurrentThread
GetThreadLocale
GetLocalTime
GetSystemTimeAsFileTime
GetModuleFileNameA
OutputDebugStringA
GetSystemInfo
GetVersionExA
VerifyVersionInfoW
VerSetConditionMask
GlobalMemoryStatus
FlushFileBuffers
LocalFree
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
BackupSeek
ReadFile
GetFileSize
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualProtect
Sleep
GetProcessTimes
LoadLibraryA
CompareStringA
GetModuleHandleA
DeviceIoControl
SetFilePointerEx
GetCompressedFileSizeW
BackupRead
CreateWaitableTimerA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
InterlockedExchange
RaiseException
SetLastError
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetLastError
LoadResource
LockResource
SizeofResource
CloseHandle
WaitForSingleObject
GetCurrentProcess
FlushInstructionCache
OpenProcess
HeapFree
GetProcessHeap
SetEvent
TerminateProcess
HeapAlloc
CreateEventA
FormatMessageA
ResetEvent
advapi32
AllocateAndInitializeSid
OpenProcessToken
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
LookupPrivilegeNameW
RegNotifyChangeKeyValue
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameW
CopySid
GetLengthSid
LookupAccountSidW
FreeSid
EqualSid
OpenThreadToken
GetTokenInformation
user32
DestroyWindow
GetWindowRect
EndDialog
SetWindowPos
GetParent
GetWindow
UnregisterClassA
SetClipboardData
CharLowerA
EmptyClipboard
ExitWindowsEx
WaitForInputIdle
GetWindowThreadProcessId
MonitorFromWindow
CallNextHookEx
UnhookWindowsHookEx
GetMenuItemID
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetDesktopWindow
GetDlgItemInt
GetForegroundWindow
GetNextDlgTabItem
CloseClipboard
OpenClipboard
IsDlgButtonChecked
PostQuitMessage
IsZoomed
SetActiveWindow
LockWindowUpdate
SetMenuDefaultItem
GetComboBoxInfo
AdjustWindowRectEx
GetMenu
GetScrollPos
SetScrollPos
GetScrollInfo
ScrollWindowEx
GetClientRect
EnableMenuItem
GetSystemMenu
KillTimer
SetTimer
UpdateWindow
MoveWindow
SetRectEmpty
SetCursorPos
TrackPopupMenu
IsWindowEnabled
DestroyMenu
IsChild
CreatePopupMenu
DispatchMessageA
ChildWindowFromPoint
GetMessageA
GetSysColorBrush
BringWindowToTop
MsgWaitForMultipleObjects
GetDlgCtrlID
GetCursorPos
GetMessagePos
SetScrollInfo
TranslateMessage
GetDC
GetWindowDC
GetIconInfo
DrawEdge
IsWindow
DrawFocusRect
DestroyCursor
DestroyIcon
FrameRect
FillRect
ScreenToClient
CopyRect
GetFocus
GetKeyState
GetSysColor
OffsetRect
InflateRect
ReleaseDC
PtInRect
EndPaint
ReleaseCapture
WindowFromPoint
BeginPaint
ClientToScreen
InvalidateRect
RedrawWindow
SetCapture
GetCapture
SetRect
SetCursor
EnumWindows
SetForegroundWindow
OpenIcon
ShowWindow
IsWindowVisible
GetActiveWindow
SetFocus
IsIconic
GetDlgItem
MapWindowPoints
gdi32
PolylineTo
Ellipse
GetClipBox
RestoreDC
GetDeviceCaps
CreatePatternBrush
SaveDC
CreateBitmap
GetStockObject
PatBlt
CreateDIBSection
CreateRectRgn
StrokeAndFillPath
EndPath
CreatePen
BeginPath
LineTo
MoveToEx
CreateSolidBrush
ExcludeClipRect
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
SetBkColor
CreateCompatibleDC
DeleteDC
GetDIBColorTable
StretchBlt
BitBlt
SetTextColor
SetBkMode
DeleteObject
SelectObject
CreateCompatibleBitmap
SetViewportOrgEx
GetClipRgn
rpcrt4
UuidFromStringA
ole32
OleUninitialize
CoCreateInstance
OleInitialize
CoTaskMemRealloc
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
CoTaskMemAlloc
DoDragDrop
CoInitializeSecurity
PropVariantClear
CoInitialize
CoUninitialize
CoInitializeEx
CLSIDFromString
CoSetProxyBlanket
CoTaskMemFree
RegisterDragDrop
oleaut32
VarBstrFromR8
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocString
VarUI4FromStr
SysFreeString
shlwapi
PathIsUNCW
PathFindExtensionW
PathUnquoteSpacesW
PathRemoveArgsW
StrRetToStrW
SHStrDupW
PathCombineW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathStripPathA
PathIsURLW
PathSkipRootW
PathGetDriveNumberW
PathCompactPathW
PathIsDirectoryW
PathAppendW
PathFileExistsW
PathMatchSpecW
PathFindFileNameW
PathIsDirectoryEmptyW
PathAddExtensionW
PathIsRelativeW
PathRemoveBackslashW
PathStripToRootW
PathCreateFromUrlW
PathStripPathW
comctl32
ImageList_Draw
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Replace
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_LoadImageW
ImageList_SetImageCount
ImageList_Remove
ImageList_GetIconSize
_TrackMouseEvent
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptDecodeObject
CryptMsgClose
CertCloseStore
CryptQueryObject
wintrust
WinVerifyTrust
esent
JetGetDatabaseFileInfo
JetCloseTable
JetCloseDatabase
JetEndSession
JetTerm2
JetDeleteTable
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetBeginSession
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 674KB - Virtual size: 673KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 173KB - Virtual size: 194KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Professional/CCleaner64.exe.exe windows:4 windows x64 arch:x64
1c17128061f193a20f625b0310607e0f
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Signer
Actual PE Digest52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\x64\Release\CCleaner64.pdb
Imports
rpcrt4
UuidFromStringA
kernel32
GetTickCount
GetFullPathNameA
GetTempPathA
UnlockFileEx
AreFileApisANSI
CreateFileMappingW
FormatMessageA
DeleteFileA
HeapReAlloc
CreateFileA
GetDiskFreeSpaceA
MapViewOfFile
UnmapViewOfFile
SetFileTime
WaitForSingleObject
CreateDirectoryW
BackupSeek
BackupRead
GetCompressedFileSizeW
DeviceIoControl
GetDiskFreeSpaceExW
SetFilePointerEx
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
HeapSetInformation
RtlVirtualUnwind
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
RtlLookupFunctionEntry
RtlUnwindEx
CreateThread
ExitThread
GetLogicalDrives
ExitProcess
GetModuleHandleA
RtlPcToFileHeader
RtlCaptureContext
IsDebuggerPresent
UnhandledExceptionFilter
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
GetLocaleInfoA
GetACP
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
OpenProcess
CreateEventA
CloseHandle
FlushInstructionCache
TerminateProcess
CreateEventW
SetEvent
ResetEvent
HeapAlloc
GetProcessHeap
GetCurrentProcess
HeapFree
FindResourceExW
GetModuleFileNameW
SetLastError
RaiseException
CreateMutexW
WideCharToMultiByte
GetLastError
EnterCriticalSection
FindResourceW
GetCurrentThreadId
LeaveCriticalSection
lstrlenW
GetFileAttributesW
SizeofResource
LockResource
LoadResource
LoadLibraryW
FreeLibrary
GetModuleHandleW
MultiByteToWideChar
InitializeCriticalSection
lstrcmpiW
LoadLibraryExW
GetStartupInfoW
DeleteCriticalSection
CreateProcessW
GetCommandLineW
GetCurrentDirectoryW
SetCurrentDirectoryW
QueryPerformanceFrequency
MulDiv
QueryPerformanceCounter
GetProcAddress
CreateFileW
FlushFileBuffers
WriteFile
GetVersionExW
FormatMessageW
LocalFree
GetPrivateProfileStringW
DeleteFileW
CompareStringW
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
ReadFile
GetFileSize
SetFilePointer
GetLongPathNameW
IsBadReadPtr
VirtualProtect
GetWindowsDirectoryW
SetUnhandledExceptionFilter
GetProcessTimes
Sleep
GlobalMemoryStatus
VerSetConditionMask
VerifyVersionInfoW
GetVersionExA
GetSystemInfo
OutputDebugStringA
GetModuleFileNameA
GetLocalTime
GetSystemTimeAsFileTime
GetThreadLocale
GetLocaleInfoW
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
lstrcpyW
GetEnvironmentVariableW
GetCurrentProcessId
HeapValidate
LockFile
HeapCreate
GetFileAttributesA
UnlockFile
HeapDestroy
GetDiskFreeSpaceW
LockFileEx
GetFileAttributesExW
HeapSize
lstrcmpA
SetProcessWorkingSetSize
SetEndOfFile
lstrlenA
MoveFileExW
SystemTimeToFileTime
GetSystemTime
MoveFileW
LoadLibraryA
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
WritePrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
SetThreadPriority
CopyFileW
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
SetFileAttributesW
GetVolumeInformationW
GetDriveTypeW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
IsBadStringPtrW
GetUserDefaultLangID
FindNextFileW
FindFirstFileW
GetFullPathNameW
FindClose
SetErrorMode
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetCurrentThread
user32
GetWindowLongW
GetParent
GetActiveWindow
DialogBoxParamW
IsWindowVisible
GetMenuItemID
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetMonitorInfoW
MonitorFromWindow
GetWindowThreadProcessId
EnumDisplaySettingsW
WaitForInputIdle
ExitWindowsEx
SetWindowPos
GetWindowRect
SetWindowLongPtrW
SetWindowTextW
PostMessageW
EndDialog
GetDlgItem
SetWindowLongW
MapWindowPoints
GetClientRect
GetDesktopWindow
UnregisterClassA
GetWindow
IsDialogMessageW
SetActiveWindow
PostQuitMessage
IsDlgButtonChecked
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
SetDlgItemTextW
GetNextDlgTabItem
DrawTextExW
GetForegroundWindow
GetDlgItemInt
GetSystemMetrics
GetWindowPlacement
FindWindowExW
LockWindowUpdate
SetMenuDefaultItem
IsZoomed
LoadIconW
AdjustWindowRectEx
GetComboBoxInfo
GetMenu
GetScrollPos
AppendMenuW
ScrollWindowEx
SetScrollInfo
SetScrollPos
GetScrollInfo
CreateDialogParamW
MsgWaitForMultipleObjects
SetCursorPos
SendMessageTimeoutW
EmptyClipboard
GetClassNameW
ShowWindow
OpenIcon
SetForegroundWindow
SendMessageW
IsIconic
GetWindowTextW
FindWindowW
SetFocus
EnumWindows
RegisterWindowMessageW
InvalidateRect
CreateWindowExW
UnregisterClassW
CharLowerW
CharLowerA
GetDlgItemTextW
SetClipboardData
SystemParametersInfoA
GetSysColorBrush
SetRectEmpty
InsertMenuW
TrackPopupMenu
IsWindowEnabled
BringWindowToTop
DestroyMenu
IsChild
SystemParametersInfoW
RedrawWindow
BeginPaint
ChildWindowFromPoint
GetCursorPos
GetDlgCtrlID
CreatePopupMenu
UpdateWindow
MoveWindow
EnableMenuItem
GetSystemMenu
GetMessagePos
KillTimer
DispatchMessageA
SetTimer
GetMessageA
EnableWindow
IsWindowUnicode
MessageBoxW
RegisterClassW
GetClassInfoW
PeekMessageW
DestroyWindow
GetMessageW
TranslateMessage
ClientToScreen
DrawTextW
EndPaint
CallWindowProcW
WindowFromPoint
ReleaseCapture
PtInRect
SetCursor
LoadCursorW
DefWindowProcW
SetRect
GetWindowLongPtrW
GetCapture
SetCapture
GetWindowTextLengthW
LoadImageW
GetIconInfo
DispatchMessageW
CharNextW
GetClassLongPtrW
IsWindow
OffsetRect
InflateRect
ReleaseDC
CopyRect
GetFocus
GetDC
GetKeyState
ScreenToClient
DestroyCursor
GetWindowDC
DestroyIcon
DrawEdge
GetSysColor
DrawFocusRect
DrawStateW
FrameRect
FillRect
GetClassInfoExW
RegisterClassExW
gdi32
PolylineTo
Ellipse
GetTextMetricsW
GetClipBox
RestoreDC
SaveDC
GetTextExtentPoint32W
GetDeviceCaps
GetStockObject
CreatePatternBrush
CreateDIBSection
CreateBitmap
PatBlt
ExtTextOutW
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
StrokeAndFillPath
EndPath
BeginPath
CreateRectRgn
CreatePen
LineTo
MoveToEx
ExcludeClipRect
SelectClipRgn
GetClipRgn
SetBkColor
CreateCompatibleDC
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleBitmap
SetTextColor
SetBkMode
SetViewportOrgEx
GetDIBColorTable
SelectObject
StretchBlt
TextOutW
BitBlt
CreateFontIndirectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
OpenProcessToken
GetTokenInformation
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
AllocateAndInitializeSid
OpenThreadToken
EqualSid
FreeSid
LookupAccountSidW
GetLengthSid
CopySid
LookupAccountNameW
IsValidSid
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetFileSecurityW
DuplicateToken
MapGenericMask
AccessCheck
RegLoadKeyW
RegUnLoadKeyW
LookupPrivilegeNameW
RegNotifyChangeKeyValue
shell32
ShellExecuteW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHEmptyRecycleBinA
ExtractIconExW
SHGetFileInfoW
SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteExW
DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CoSetProxyBlanket
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
PropVariantClear
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
ReleaseStgMedium
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
oleaut32
VariantInit
SysFreeString
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysAllocString
VarBstrFromR8
VariantClear
VarUI4FromStr
shlwapi
PathCombineW
PathStripPathW
PathRemoveArgsW
PathUnquoteSpacesW
PathFindExtensionW
PathStripPathA
PathIsUNCW
PathIsRelativeW
PathIsURLW
PathCreateFromUrlW
StrRetToStrW
PathFindFileNameW
PathIsDirectoryEmptyW
SHStrDupW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathAddExtensionW
PathStripToRootW
PathSkipRootW
PathRemoveBackslashW
PathGetDriveNumberW
PathCompactPathW
PathFileExistsW
PathIsDirectoryW
PathMatchSpecW
PathAppendW
comctl32
ImageList_Remove
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
ImageList_Duplicate
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_Replace
msimg32
TransparentBlt
AlphaBlend
uxtheme
DrawThemeEdge
GetThemeInt
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
GetThemeMargins
DrawThemeText
GetThemeColor
IsThemeActive
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CryptQueryObject
CertGetNameStringW
CertCloseStore
CryptMsgClose
CertFindCertificateInStore
CryptMsgGetParam
CertFreeCertificateContext
CryptDecodeObject
wintrust
WinVerifyTrust
esent
JetEndSession
JetTerm2
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetCloseDatabase
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
JetDeleteTable
JetCloseTable
JetGetDatabaseFileInfo
JetBeginSession
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
wininet
DeleteUrlCacheEntryW
DeleteUrlCacheEntryA
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
Sections
.text Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 175KB - Virtual size: 199KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 277KB - Virtual size: 277KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Professional/branding.dll.dll windows:4 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
fd:4b:30:5e:ae:97:94:8f:2a:d1:7a:3d:26:8e:db:ab:4c:e1:10:f6Signer
Actual PE Digestfd:4b:30:5e:ae:97:94:8f:2a:d1:7a:3d:26:8e:db:ab:4c:e1:10:f6Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Professional/cc_config.ini
-
$EXEDIR/CCleaner Professional/ccleaner.ini
-
$EXEDIR/CCleaner Professional/lang-1049.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Professional/lang-1058.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$EXEDIR/CCleaner Professional/locales/lang.Russian.locale
-
$EXEDIR/CCleaner Professional/portable.dat
-
$EXEDIR/CCleaner Professional/winapp2.ini
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/nsProcess.dll.dll windows:5 windows x86 arch:x86
439074d1c01f7b16781bdf060930814a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc
user32
GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW
Exports
Exports
_CloseProcess
_FindProcess
_KillProcess
_Unload
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 927B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 254B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
CCEnhancer.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Shane\Documents\Visual Studio 2012\Projects\CCEnhancer\CCEnhancer\obj\Release\CCEnhancer.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 182KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 312B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
CCleaner.dat
-
CCleaner.exe.exe windows:4 windows x86 arch:x86
8791d6a590c87ff6e76fc4b4d4e1c9ac
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
dd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Signer
Actual PE Digestdd:f7:20:14:d3:7f:16:b4:43:e1:70:e0:8a:aa:ce:59:37:03:46:19Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\Release\CCleaner.pdb
Imports
kernel32
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
ReleaseSemaphore
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LocalAlloc
SetFileTime
CreateFileA
InitializeCriticalSection
HeapReAlloc
GetDiskFreeSpaceA
UnlockFileEx
GetTickCount
GetFullPathNameA
DeleteFileA
HeapValidate
LockFile
AreFileApisANSI
HeapCreate
UnlockFile
GetTempPathA
GetFileAttributesA
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetLogicalDrives
ExitThread
CreateThread
RtlUnwind
LCMapStringA
GetStdHandle
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
GetCommandLineW
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
MulDiv
WriteFile
InterlockedCompareExchange
GetCurrentProcessId
HeapDestroy
LockFileEx
HeapSize
UnmapViewOfFile
MapViewOfFile
lstrcmpA
SetProcessWorkingSetSize
lstrlenA
SetEndOfFile
MoveFileExW
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetUserDefaultLangID
FindClose
GetCurrentThread
GetThreadLocale
GetLocalTime
GetSystemTimeAsFileTime
GetModuleFileNameA
OutputDebugStringA
GetSystemInfo
GetVersionExA
VerifyVersionInfoW
VerSetConditionMask
GlobalMemoryStatus
FlushFileBuffers
LocalFree
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
BackupSeek
ReadFile
GetFileSize
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualProtect
Sleep
GetProcessTimes
LoadLibraryA
CompareStringA
GetModuleHandleA
DeviceIoControl
SetFilePointerEx
GetCompressedFileSizeW
BackupRead
CreateWaitableTimerA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
InterlockedExchange
RaiseException
SetLastError
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetLastError
LoadResource
LockResource
SizeofResource
CloseHandle
WaitForSingleObject
GetCurrentProcess
FlushInstructionCache
OpenProcess
HeapFree
GetProcessHeap
SetEvent
TerminateProcess
HeapAlloc
CreateEventA
FormatMessageA
ResetEvent
advapi32
AllocateAndInitializeSid
OpenProcessToken
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
LookupPrivilegeNameW
RegNotifyChangeKeyValue
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameW
CopySid
GetLengthSid
LookupAccountSidW
FreeSid
EqualSid
OpenThreadToken
GetTokenInformation
user32
DestroyWindow
GetWindowRect
EndDialog
SetWindowPos
GetParent
GetWindow
UnregisterClassA
SetClipboardData
CharLowerA
EmptyClipboard
ExitWindowsEx
WaitForInputIdle
GetWindowThreadProcessId
MonitorFromWindow
CallNextHookEx
UnhookWindowsHookEx
GetMenuItemID
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetDesktopWindow
GetDlgItemInt
GetForegroundWindow
GetNextDlgTabItem
CloseClipboard
OpenClipboard
IsDlgButtonChecked
PostQuitMessage
IsZoomed
SetActiveWindow
LockWindowUpdate
SetMenuDefaultItem
GetComboBoxInfo
AdjustWindowRectEx
GetMenu
GetScrollPos
SetScrollPos
GetScrollInfo
ScrollWindowEx
GetClientRect
EnableMenuItem
GetSystemMenu
KillTimer
SetTimer
UpdateWindow
MoveWindow
SetRectEmpty
SetCursorPos
TrackPopupMenu
IsWindowEnabled
DestroyMenu
IsChild
CreatePopupMenu
DispatchMessageA
ChildWindowFromPoint
GetMessageA
GetSysColorBrush
BringWindowToTop
MsgWaitForMultipleObjects
GetDlgCtrlID
GetCursorPos
GetMessagePos
SetScrollInfo
TranslateMessage
GetDC
GetWindowDC
GetIconInfo
DrawEdge
IsWindow
DrawFocusRect
DestroyCursor
DestroyIcon
FrameRect
FillRect
ScreenToClient
CopyRect
GetFocus
GetKeyState
GetSysColor
OffsetRect
InflateRect
ReleaseDC
PtInRect
EndPaint
ReleaseCapture
WindowFromPoint
BeginPaint
ClientToScreen
InvalidateRect
RedrawWindow
SetCapture
GetCapture
SetRect
SetCursor
EnumWindows
SetForegroundWindow
OpenIcon
ShowWindow
IsWindowVisible
GetActiveWindow
SetFocus
IsIconic
GetDlgItem
MapWindowPoints
gdi32
PolylineTo
Ellipse
GetClipBox
RestoreDC
GetDeviceCaps
CreatePatternBrush
SaveDC
CreateBitmap
GetStockObject
PatBlt
CreateDIBSection
CreateRectRgn
StrokeAndFillPath
EndPath
CreatePen
BeginPath
LineTo
MoveToEx
CreateSolidBrush
ExcludeClipRect
SelectClipRgn
CombineRgn
CreateRectRgnIndirect
SetBkColor
CreateCompatibleDC
DeleteDC
GetDIBColorTable
StretchBlt
BitBlt
SetTextColor
SetBkMode
DeleteObject
SelectObject
CreateCompatibleBitmap
SetViewportOrgEx
GetClipRgn
rpcrt4
UuidFromStringA
ole32
OleUninitialize
CoCreateInstance
OleInitialize
CoTaskMemRealloc
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
CoTaskMemAlloc
DoDragDrop
CoInitializeSecurity
PropVariantClear
CoInitialize
CoUninitialize
CoInitializeEx
CLSIDFromString
CoSetProxyBlanket
CoTaskMemFree
RegisterDragDrop
oleaut32
VarBstrFromR8
VariantClear
VariantInit
SysAllocStringLen
SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocString
VarUI4FromStr
SysFreeString
shlwapi
PathIsUNCW
PathFindExtensionW
PathUnquoteSpacesW
PathRemoveArgsW
StrRetToStrW
SHStrDupW
PathCombineW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathStripPathA
PathIsURLW
PathSkipRootW
PathGetDriveNumberW
PathCompactPathW
PathIsDirectoryW
PathAppendW
PathFileExistsW
PathMatchSpecW
PathFindFileNameW
PathIsDirectoryEmptyW
PathAddExtensionW
PathIsRelativeW
PathRemoveBackslashW
PathStripToRootW
PathCreateFromUrlW
PathStripPathW
comctl32
ImageList_Draw
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Replace
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_LoadImageW
ImageList_SetImageCount
ImageList_Remove
ImageList_GetIconSize
_TrackMouseEvent
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptDecodeObject
CryptMsgClose
CertCloseStore
CryptQueryObject
wintrust
WinVerifyTrust
esent
JetGetDatabaseFileInfo
JetCloseTable
JetCloseDatabase
JetEndSession
JetTerm2
JetDeleteTable
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetBeginSession
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 674KB - Virtual size: 673KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 173KB - Virtual size: 194KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
CCleaner64.exe.exe windows:4 windows x64 arch:x64
1c17128061f193a20f625b0310607e0f
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Signer
Actual PE Digest52:78:e2:39:68:4f:2e:0a:67:ca:ec:29:4f:15:2e:76:89:35:d5:59Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
h:\Piriform\CCleaner\trunk\src\CCleaner\x64\Release\CCleaner64.pdb
Imports
rpcrt4
UuidFromStringA
kernel32
GetTickCount
GetFullPathNameA
GetTempPathA
UnlockFileEx
AreFileApisANSI
CreateFileMappingW
FormatMessageA
DeleteFileA
HeapReAlloc
CreateFileA
GetDiskFreeSpaceA
MapViewOfFile
UnmapViewOfFile
SetFileTime
WaitForSingleObject
CreateDirectoryW
BackupSeek
BackupRead
GetCompressedFileSizeW
DeviceIoControl
GetDiskFreeSpaceExW
SetFilePointerEx
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
HeapSetInformation
RtlVirtualUnwind
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
GetStdHandle
GetCPInfo
LCMapStringW
LCMapStringA
RtlLookupFunctionEntry
RtlUnwindEx
CreateThread
ExitThread
GetLogicalDrives
ExitProcess
GetModuleHandleA
RtlPcToFileHeader
RtlCaptureContext
IsDebuggerPresent
UnhandledExceptionFilter
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
TlsSetValue
OpenEventA
TlsGetValue
TlsFree
TlsAlloc
GetLocaleInfoA
GetACP
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
InterlockedPushEntrySList
OpenProcess
CreateEventA
CloseHandle
FlushInstructionCache
TerminateProcess
CreateEventW
SetEvent
ResetEvent
HeapAlloc
GetProcessHeap
GetCurrentProcess
HeapFree
FindResourceExW
GetModuleFileNameW
SetLastError
RaiseException
CreateMutexW
WideCharToMultiByte
GetLastError
EnterCriticalSection
FindResourceW
GetCurrentThreadId
LeaveCriticalSection
lstrlenW
GetFileAttributesW
SizeofResource
LockResource
LoadResource
LoadLibraryW
FreeLibrary
GetModuleHandleW
MultiByteToWideChar
InitializeCriticalSection
lstrcmpiW
LoadLibraryExW
GetStartupInfoW
DeleteCriticalSection
CreateProcessW
GetCommandLineW
GetCurrentDirectoryW
SetCurrentDirectoryW
QueryPerformanceFrequency
MulDiv
QueryPerformanceCounter
GetProcAddress
CreateFileW
FlushFileBuffers
WriteFile
GetVersionExW
FormatMessageW
LocalFree
GetPrivateProfileStringW
DeleteFileW
CompareStringW
GetVersion
GlobalLock
GlobalUnlock
GlobalAlloc
ReadFile
GetFileSize
SetFilePointer
GetLongPathNameW
IsBadReadPtr
VirtualProtect
GetWindowsDirectoryW
SetUnhandledExceptionFilter
GetProcessTimes
Sleep
GlobalMemoryStatus
VerSetConditionMask
VerifyVersionInfoW
GetVersionExA
GetSystemInfo
OutputDebugStringA
GetModuleFileNameA
GetLocalTime
GetSystemTimeAsFileTime
GetThreadLocale
GetLocaleInfoW
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
lstrcpyW
GetEnvironmentVariableW
GetCurrentProcessId
HeapValidate
LockFile
HeapCreate
GetFileAttributesA
UnlockFile
HeapDestroy
GetDiskFreeSpaceW
LockFileEx
GetFileAttributesExW
HeapSize
lstrcmpA
SetProcessWorkingSetSize
SetEndOfFile
lstrlenA
MoveFileExW
SystemTimeToFileTime
GetSystemTime
MoveFileW
LoadLibraryA
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
WritePrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
SetThreadPriority
CopyFileW
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
SetFileAttributesW
GetVolumeInformationW
GetDriveTypeW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
IsBadStringPtrW
GetUserDefaultLangID
FindNextFileW
FindFirstFileW
GetFullPathNameW
FindClose
SetErrorMode
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetCurrentThread
user32
GetWindowLongW
GetParent
GetActiveWindow
DialogBoxParamW
IsWindowVisible
GetMenuItemID
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetMonitorInfoW
MonitorFromWindow
GetWindowThreadProcessId
EnumDisplaySettingsW
WaitForInputIdle
ExitWindowsEx
SetWindowPos
GetWindowRect
SetWindowLongPtrW
SetWindowTextW
PostMessageW
EndDialog
GetDlgItem
SetWindowLongW
MapWindowPoints
GetClientRect
GetDesktopWindow
UnregisterClassA
GetWindow
IsDialogMessageW
SetActiveWindow
PostQuitMessage
IsDlgButtonChecked
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
SetDlgItemTextW
GetNextDlgTabItem
DrawTextExW
GetForegroundWindow
GetDlgItemInt
GetSystemMetrics
GetWindowPlacement
FindWindowExW
LockWindowUpdate
SetMenuDefaultItem
IsZoomed
LoadIconW
AdjustWindowRectEx
GetComboBoxInfo
GetMenu
GetScrollPos
AppendMenuW
ScrollWindowEx
SetScrollInfo
SetScrollPos
GetScrollInfo
CreateDialogParamW
MsgWaitForMultipleObjects
SetCursorPos
SendMessageTimeoutW
EmptyClipboard
GetClassNameW
ShowWindow
OpenIcon
SetForegroundWindow
SendMessageW
IsIconic
GetWindowTextW
FindWindowW
SetFocus
EnumWindows
RegisterWindowMessageW
InvalidateRect
CreateWindowExW
UnregisterClassW
CharLowerW
CharLowerA
GetDlgItemTextW
SetClipboardData
SystemParametersInfoA
GetSysColorBrush
SetRectEmpty
InsertMenuW
TrackPopupMenu
IsWindowEnabled
BringWindowToTop
DestroyMenu
IsChild
SystemParametersInfoW
RedrawWindow
BeginPaint
ChildWindowFromPoint
GetCursorPos
GetDlgCtrlID
CreatePopupMenu
UpdateWindow
MoveWindow
EnableMenuItem
GetSystemMenu
GetMessagePos
KillTimer
DispatchMessageA
SetTimer
GetMessageA
EnableWindow
IsWindowUnicode
MessageBoxW
RegisterClassW
GetClassInfoW
PeekMessageW
DestroyWindow
GetMessageW
TranslateMessage
ClientToScreen
DrawTextW
EndPaint
CallWindowProcW
WindowFromPoint
ReleaseCapture
PtInRect
SetCursor
LoadCursorW
DefWindowProcW
SetRect
GetWindowLongPtrW
GetCapture
SetCapture
GetWindowTextLengthW
LoadImageW
GetIconInfo
DispatchMessageW
CharNextW
GetClassLongPtrW
IsWindow
OffsetRect
InflateRect
ReleaseDC
CopyRect
GetFocus
GetDC
GetKeyState
ScreenToClient
DestroyCursor
GetWindowDC
DestroyIcon
DrawEdge
GetSysColor
DrawFocusRect
DrawStateW
FrameRect
FillRect
GetClassInfoExW
RegisterClassExW
gdi32
PolylineTo
Ellipse
GetTextMetricsW
GetClipBox
RestoreDC
SaveDC
GetTextExtentPoint32W
GetDeviceCaps
GetStockObject
CreatePatternBrush
CreateDIBSection
CreateBitmap
PatBlt
ExtTextOutW
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
StrokeAndFillPath
EndPath
BeginPath
CreateRectRgn
CreatePen
LineTo
MoveToEx
ExcludeClipRect
SelectClipRgn
GetClipRgn
SetBkColor
CreateCompatibleDC
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleBitmap
SetTextColor
SetBkMode
SetViewportOrgEx
GetDIBColorTable
SelectObject
StretchBlt
TextOutW
BitBlt
CreateFontIndirectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
OpenProcessToken
GetTokenInformation
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetUserNameW
GetSidSubAuthority
AllocateAndInitializeSid
OpenThreadToken
EqualSid
FreeSid
LookupAccountSidW
GetLengthSid
CopySid
LookupAccountNameW
IsValidSid
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetFileSecurityW
DuplicateToken
MapGenericMask
AccessCheck
RegLoadKeyW
RegUnLoadKeyW
LookupPrivilegeNameW
RegNotifyChangeKeyValue
shell32
ShellExecuteW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHEmptyRecycleBinA
ExtractIconExW
SHGetFileInfoW
SHGetSpecialFolderLocation
Shell_NotifyIconW
ShellExecuteExW
DragFinish
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CoSetProxyBlanket
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
PropVariantClear
DoDragDrop
RegisterDragDrop
RevokeDragDrop
OleDuplicateData
ReleaseStgMedium
OleUninitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
oleaut32
VariantInit
SysFreeString
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
SysAllocString
VarBstrFromR8
VariantClear
VarUI4FromStr
shlwapi
PathCombineW
PathStripPathW
PathRemoveArgsW
PathUnquoteSpacesW
PathFindExtensionW
PathStripPathA
PathIsUNCW
PathIsRelativeW
PathIsURLW
PathCreateFromUrlW
StrRetToStrW
PathFindFileNameW
PathIsDirectoryEmptyW
SHStrDupW
PathRemoveExtensionA
PathRemoveFileSpecW
PathRemoveExtensionW
PathAddExtensionW
PathStripToRootW
PathSkipRootW
PathRemoveBackslashW
PathGetDriveNumberW
PathCompactPathW
PathFileExistsW
PathIsDirectoryW
PathMatchSpecW
PathAppendW
comctl32
ImageList_Remove
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
ImageList_Duplicate
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_Replace
msimg32
TransparentBlt
AlphaBlend
uxtheme
DrawThemeEdge
GetThemeInt
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
GetThemeMargins
DrawThemeText
GetThemeColor
IsThemeActive
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
netapi32
NetApiBufferFree
NetLocalGroupGetMembers
crypt32
CryptQueryObject
CertGetNameStringW
CertCloseStore
CryptMsgClose
CertFindCertificateInStore
CryptMsgGetParam
CertFreeCertificateContext
CryptDecodeObject
wintrust
WinVerifyTrust
esent
JetEndSession
JetTerm2
JetSetSystemParameter
JetCreateInstance2
JetInit2
JetCloseDatabase
JetCreateDatabase2
JetAttachDatabase2
JetOpenDatabase
JetOpenTable
JetSetCurrentIndex4
JetMove
JetEnumerateColumns
JetBeginTransaction
JetDelete
JetCommitTransaction
JetRollback
JetDeleteTable
JetCloseTable
JetGetDatabaseFileInfo
JetBeginSession
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
wininet
DeleteUrlCacheEntryW
DeleteUrlCacheEntryA
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
FindCloseUrlCache
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
Sections
.text Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 175KB - Virtual size: 199KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 277KB - Virtual size: 277KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 453KB - Virtual size: 452KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
branding.dll.dll windows:4 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
74:1d:34:07:93:30:6a:ca:84:fa:b3:ab:bb:15:67:ceCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before06-07-2011 00:00Not After22-08-2013 23:59SubjectCN=Piriform Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Piriform Ltd,L=London,ST=London,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
5c:af:21:e8:cd:69:22:44:a0:59:5f:36:69:79:e2:4c:44:44:0c:6aSigner
Actual PE Digest5c:af:21:e8:cd:69:22:44:a0:59:5f:36:69:79:e2:4c:44:44:0c:6aDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cc_config.ini
-
ccleaner.ini
-
lang-1049.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
lang-1058.dll.dll windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
locales/lang.Russian.locale
-
portable.dat
-
winapp2.ini