OffercastInstaller_AVR_U-0363-01-P_.exe
This report is generated from a file or URL submitted to this webservice on February 26th 2016 17:50:08 (UTC)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by
Falcon Sandbox v3.30 © Hybrid Analysis
Incident Response
Risk Assessment
- Spyware/Leak
- POSTs files to a webserver
- Fingerprint
-
Reads the active computer name
Reads the cryptographic machine GUID - Network Behavior
- Contacts 3 domains and 1 host. View all details
Additional Context
Related Sandbox Artifacts
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Malicious Indicators 5
-
External Systems
-
Sample was identified as malicious by a trusted Antivirus engine
- details
- No specific details available
- source
- Anti-Virus Test Result
- relevance
- 5/10
-
Sample was identified as malicious by at least one Antivirus engine
- details
- 8/56 Antivirus vendors marked sample as malicious (14% detection rate)
- source
- Anti-Virus Test Result
- relevance
- 8/10
-
Sample was identified as malicious by a trusted Antivirus engine
-
Installation/Persistance
-
Allocates virtual memory in foreign process
- details
- "<Input Sample>" allocated memory in "C:\OffercastInstaller_AVR_U_0363_01_P_.exe"
- source
- API Call
- relevance
- 7/10
-
Allocates virtual memory in foreign process
-
Network Related
-
Malicious artifacts seen in the context of a contacted host
- details
-
Found malicious artifacts related to "199.36.100.103" (ASN: 14829, Owner: Mindspark Interactive Network, Inc.): ...
URL: http://pipoffers.apnpartners.com/static/partners/generic/images/install.ico (AV positives: 1/67 scanned on 02/22/2016 15:04:36)
URL: http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id=ATU3&language=ko&version=2.6.1.0 (AV positives: 1/66 scanned on 02/10/2016 06:03:38)
URL: http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id=ASI2&language=ko&version=2.6.10.0 (AV positives: 1/66 scanned on 02/07/2016 18:34:42)
URL: http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id=SHD&language=ko&version=2.8.0.2 (AV positives: 1/66 scanned on 02/05/2016 21:39:10)
URL: http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id=FAS&language=ko&version=2.6.9.1 (AV positives: 1/66 scanned on 02/04/2016 23:24:44)
File SHA256: 13c8093cb8be19ccab01bd0db0fd4a2334617ef0d1b16324367654c25a7bf8f3 (AV positives: 17/56 scanned on 02/26/2016 22:15:16)
File SHA256: 44cd8c78c2e887b36092531cb32a1ba4f04a6948337e386f8ecea42b50af1f59 (AV positives: 17/56 scanned on 02/26/2016 19:02:44)
File SHA256: 0d09ae6f08e0d5642ae944f19e7e0f9d4c1c409c65619bca2b5d9e80f4cf1bad (AV positives: 10/56 scanned on 02/26/2016 17:24:43)
File SHA256: 40e7155ce6e7fb609a2a2b41365810e21207948eb6a1d453a9711fae40d91147 (AV positives: 15/56 scanned on 02/26/2016 10:34:40)
File SHA256: f7e74bb029c45b2406bb56a9651a471f70023ed8271b65ef1425e965b5e3d13e (AV positives: 15/56 scanned on 02/26/2016 10:34:35) - source
- Network Traffic
- relevance
- 10/10
-
Malicious artifacts seen in the context of a contacted host
-
Spyware/Information Retrieval
-
Accesses potentially sensitive information from local browsers
- details
-
"<Input Sample>" had access to "%APPDATA%\Microsoft\Windows\Cookies\index.dat" (Type: "FileHandle")
"<Input Sample>" had access to "%LOCALAPPDATA%\Microsoft\Windows\History\History.IE5\index.dat" (Type: "FileHandle") - source
- Touched Handle
- relevance
- 5/10
-
Accesses potentially sensitive information from local browsers
-
Suspicious Indicators 30
-
Anti-Detection/Stealthyness
-
Sets the process error mode to suppress error box
- details
- "<Input Sample>" set its error mode to SEM_NOOPENFILEERRORBOX
- source
- API Call
- relevance
- 8/10
-
Sets the process error mode to suppress error box
-
Anti-Reverse Engineering
-
Contains ability to register a top-level exception handler (often used as anti-debugging trick)
- details
-
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003276
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003596
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003596
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003596
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003596
SetUnhandledExceptionFilter@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 1/10
-
Contains ability to register a top-level exception handler (often used as anti-debugging trick)
-
Environment Awareness
-
Contains ability to query the machine version
- details
-
GetVersion@KERNEL32.dll at 2846-3665-00415477
GetVersionExW@KERNEL32.dll at 2846-3937-00449DD5
GetVersion@KERNEL32.DLL from PID 00003276
GetVersionExW@KERNEL32.DLL from PID 00003276
GetVersionExW@KERNEL32.DLL from PID 00003276
GetVersion@KERNEL32.DLL from PID 00003276
GetVersionExW@KERNEL32.DLL from PID 00003276
GetVersion@KERNEL32.DLL from PID 00003276
GetVersionExW@KERNEL32.DLL from PID 00003276
GetVersion@KERNEL32.DLL from PID 00003596
GetVersionExW@KERNEL32.DLL from PID 00003596
GetVersionExW@KERNEL32.DLL from PID 00003596
GetVersion@KERNEL32.DLL from PID 00003596
GetVersionExW@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 1/10
-
Makes a branch decision directly after calling an API that is environment aware
- details
-
Found API call GetVersion@KERNEL32.dll (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe.bin", Stream UID: "2846-3665-00415477")
which is directly followed by "cmp al, 06h" and "jc 00415685h". See related instructions: "...
+113 call 004439CDh
+118 xor eax, eax
+120 mov dword ptr [esp+30h], 00000007h
+128 mov dword ptr [esp+2Ch], ebx
+132 mov word ptr [esp+1Ch], ax
+137 mov dword ptr [esp+000000F0h], ebx
+144 call dword ptr [004971E4h] ;GetVersion
+150 cmp al, 06h
+152 jc 00415685h" ... at 2846-3665-00415477
Found API call GetLocalTime@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00012098-00003276-2630-329-009139CD")
which is directly followed by "cmp dword ptr [009905F4h], ebx" and "jne 00913A10h". See related instructions: "...
+35 lea eax, dword ptr [ebp-00000420h]
+41 push eax
+42 call dword ptr [009672A0h] ;GetLocalTime
+48 cmp dword ptr [009905F4h], ebx
+54 jne 00913A10h" ... from PID 00003276
Found API call GetVersion@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00012098-00003276-2630-1398-008E5477")
which is directly followed by "cmp al, 06h" and "jc 008E5685h". See related instructions: "...
+113 call 009139CDh
+118 xor eax, eax
+120 mov dword ptr [esp+30h], 00000007h
+128 mov dword ptr [esp+2Ch], ebx
+132 mov word ptr [esp+1Ch], ax
+137 mov dword ptr [esp+000000F0h], ebx
+144 call dword ptr [009671E4h] ;GetVersion
+150 cmp al, 06h
+152 jc 008E5685h" ... from PID 00003276
Found API call GetLocalTime@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00012098-00003276-18096-329-009139CD")
which is directly followed by "cmp dword ptr [009905F4h], ebx" and "jne 00913A10h". See related instructions: "...
+35 lea eax, dword ptr [ebp-00000420h]
+41 push eax
+42 call dword ptr [009672A0h] ;GetLocalTime
+48 cmp dword ptr [009905F4h], ebx
+54 jne 00913A10h" ... from PID 00003276
Found API call GetVersion@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00012098-00003276-18096-1398-008E5477")
which is directly followed by "cmp al, 06h" and "jc 008E5685h". See related instructions: "...
+113 call 009139CDh
+118 xor eax, eax
+120 mov dword ptr [esp+30h], 00000007h
+128 mov dword ptr [esp+2Ch], ebx
+132 mov word ptr [esp+1Ch], ax
+137 mov dword ptr [esp+000000F0h], ebx
+144 call dword ptr [009671E4h] ;GetVersion
+150 cmp al, 06h
+152 jc 008E5685h" ... from PID 00003276
Found API call GetLocalTime@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00012098-00003276-13519-329-009139CD")
which is directly followed by "cmp dword ptr [009905F4h], ebx" and "jne 00913A10h". See related instructions: "...
+35 lea eax, dword ptr [ebp-00000420h]
+41 push eax
+42 call dword ptr [009672A0h] ;GetLocalTime
+48 cmp dword ptr [009905F4h], ebx
+54 jne 00913A10h" ... from PID 00003276
Found API call GetVersion@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00012098-00003276-13519-1398-008E5477")
which is directly followed by "cmp al, 06h" and "jc 008E5685h". See related instructions: "...
+113 call 009139CDh
+118 xor eax, eax
+120 mov dword ptr [esp+30h], 00000007h
+128 mov dword ptr [esp+2Ch], ebx
+132 mov word ptr [esp+1Ch], ax
+137 mov dword ptr [esp+000000F0h], ebx
+144 call dword ptr [009671E4h] ;GetVersion
+150 cmp al, 06h
+152 jc 008E5685h" ... from PID 00003276
Found API call GetLocalTime@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00013032-00003596-10072-329-009139CD")
which is directly followed by "cmp dword ptr [009905F4h], ebx" and "jne 00913A10h". See related instructions: "...
+35 lea eax, dword ptr [ebp-00000420h]
+41 push eax
+42 call dword ptr [009672A0h] ;GetLocalTime
+48 cmp dword ptr [009905F4h], ebx
+54 jne 00913A10h" ... from PID 00003596
Found API call GetVersion@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00013032-00003596-10072-1398-008E5477")
which is directly followed by "cmp al, 06h" and "jc 008E5685h". See related instructions: "...
+113 call 009139CDh
+118 xor eax, eax
+120 mov dword ptr [esp+30h], 00000007h
+128 mov dword ptr [esp+2Ch], ebx
+132 mov word ptr [esp+1Ch], ax
+137 mov dword ptr [esp+000000F0h], ebx
+144 call dword ptr [009671E4h] ;GetVersion
+150 cmp al, 06h
+152 jc 008E5685h" ... from PID 00003596
Found API call GetLocalTime@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00013032-00003596-21860-329-009139CD")
which is directly followed by "cmp dword ptr [009905F4h], ebx" and "jne 00913A10h". See related instructions: "...
+35 lea eax, dword ptr [ebp-00000420h]
+41 push eax
+42 call dword ptr [009672A0h] ;GetLocalTime
+48 cmp dword ptr [009905F4h], ebx
+54 jne 00913A10h" ... from PID 00003596
Found API call GetVersion@KERNEL32.DLL (Target: "OffercastInstaller_AVR_U_0363_01_P_.exe", Stream UID: "00013032-00003596-21860-1398-008E5477")
which is directly followed by "cmp al, 06h" and "jc 008E5685h". See related instructions: "...
+113 call 009139CDh
+118 xor eax, eax
+120 mov dword ptr [esp+30h], 00000007h
+128 mov dword ptr [esp+2Ch], ebx
+132 mov word ptr [esp+1Ch], ax
+137 mov dword ptr [esp+000000F0h], ebx
+144 call dword ptr [009671E4h] ;GetVersion
+150 cmp al, 06h
+152 jc 008E5685h" ... from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 10/10
-
Possibly tries to detect the presence of a debugger
- details
-
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003276
GetProcessHeap@KERNEL32.DLL from PID 00003596
GetProcessHeap@KERNEL32.DLL from PID 00003596
GetProcessHeap@KERNEL32.DLL from PID 00003596
GetProcessHeap@KERNEL32.DLL from PID 00003596
GetProcessHeap@KERNEL32.DLL from PID 00003596
GetProcessHeap@KERNEL32.DLL from PID 00003596
GetProcessHeap@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 1/10
-
Reads the cryptographic machine GUID
- details
- "<Input Sample>" (Path: "HKLM\SOFTWARE\MICROSOFT\CRYPTOGRAPHY", Key: "MACHINEGUID")
- source
- Registry Access
- relevance
- 10/10
-
Contains ability to query the machine version
-
General
-
Contains ability to find and load resources of a specific module
- details
-
FindResourceW@KERNEL32.dll at 2846-3246-00402948
LockResource@KERNEL32.dll at 2846-3774-0041A76C
FindResourceW@KERNEL32.dll at 2846-3789-0041C434
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
LockResource@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
LockResource@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
LockResource@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003276
LockResource@KERNEL32.DLL from PID 00003276
FindResourceW@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 1/10
-
POSTs files to a webserver
- details
-
"POST /PIP/OfferAccept.jhtml HTTP/1.1
Content-Type: application/x-www-form-urlencoded" with no payload - source
- Network Traffic
- relevance
- 5/10
-
Reads configuration files
- details
- "<Input Sample>" read file "C:\Users\desktop.ini"
- source
- API Call
- relevance
- 4/10
-
Contains ability to find and load resources of a specific module
-
Installation/Persistance
-
Creates/touches files in windows directory
- details
-
"<Input Sample>" created file "C:\Windows\system32\tzres.dll"
"<Input Sample>" created file "C:\Windows\Globalization\Sorting\sortdefault.nls"
"<Input Sample>" created file "%APPDATA%\Microsoft\Windows\Cookies"
"<Input Sample>" created file "%APPDATA%\Microsoft\Windows\Cookies\index.dat"
"<Input Sample>" created file "%LOCALAPPDATA%\Microsoft\Windows\History\History.IE5\index.dat"
"<Input Sample>" created file "C:\Windows\system32\OLEACCRC.DLL"
"<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches"
"<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\cversions.1.db"
"<Input Sample>" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db"
"<Input Sample>" created file "C:\Windows\system32\en-US\MLANG.dll.mui"
"<Input Sample>" created file "C:\Windows\Fonts\staticcache.dat"
"<Input Sample>" created file "C:\Windows\system32\rsaenh.dll"
"<Input Sample>" created file "C:\Windows\system32\stdole2.tlb"
"<Input Sample>" created file "C:\Windows\system32\en-US\urlmon.dll.mui" - source
- API Call
- relevance
- 7/10
-
Creates/touches files in windows directory
-
Network Related
-
Found potential IP address in binary/memory
- details
-
"2.8.1.0"
"2.5.4.11" - source
- String
- relevance
- 3/10
-
Uses a User Agent typical for browsers, although no browser was ever launched
- details
- Found user agent(s): Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
- source
- Network Traffic
- relevance
- 10/10
-
Found potential IP address in binary/memory
-
Ransomware/Banking
-
Checks warning level of secure to non-secure traffic redirection
- details
- "<Input Sample>" (Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "WARNONHTTPSTOHTTPREDIRECT")
- source
- Registry Access
- relevance
- 7/10
-
Checks warning level of secure to non-secure traffic redirection
-
Spyware/Information Retrieval
-
Contains ability to enumerate processes/modules/threads
- details
-
CreateToolhelp32Snapshot@KERNEL32.dll at 2846-3847-0043136D
CreateToolhelp32Snapshot@KERNEL32.dll at 2846-3692-0045A0B6
CreateToolhelp32Snapshot@KERNEL32.dll at 2846-4084-0045959B
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003276
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003596
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003596
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003596
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003596
CreateToolhelp32Snapshot@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 5/10
-
Contains ability to enumerate processes/modules/threads
-
System Destruction
-
Marks file for deletion
- details
-
"C:\OffercastInstaller_AVR_U_0363_01_P_.exe" marked "%TEMP%\apn_pip_local\orchestrator.html" for deletion
"C:\OffercastInstaller_AVR_U_0363_01_P_.exe" marked "%TEMP%\apn_pip_local\rules.js" for deletion
"C:\OffercastInstaller_AVR_U_0363_01_P_.exe" marked "%TEMP%\apn_pip_local\objectmodel.js" for deletion
"C:\OffercastInstaller_AVR_U_0363_01_P_.exe" marked "%TEMP%\apn_pip_local\AveryError.png" for deletion
"C:\OffercastInstaller_AVR_U_0363_01_P_.exe" marked "%TEMP%\apn_pip_local" for deletion
"C:\OffercastInstaller_AVR_U_0363_01_P_.exe" marked "%TEMP%\APNAnalytics.xml" for deletion - source
- API Call
- relevance
- 10/10
-
Opens file with deletion access rights
- details
-
"<Input Sample>" opened "%TEMP%\apn_pip_local\orchestrator.html" with delete access
"<Input Sample>" opened "%TEMP%\apn_pip_local\rules.js" with delete access
"<Input Sample>" opened "%TEMP%\apn_pip_local\objectmodel.js" with delete access
"<Input Sample>" opened "%TEMP%\apn_pip_local\AveryError.png" with delete access
"<Input Sample>" opened "%TEMP%\apn_pip_local\" with delete access
"<Input Sample>" opened "%TEMP%\APNAnalytics.xml" with delete access - source
- API Call
- relevance
- 7/10
-
Marks file for deletion
-
System Security
-
Modifies proxy settings
- details
-
"<Input Sample>" (Access type: "DELETEVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP", Key: "PROXYBYPASS")
"<Input Sample>" (Access type: "DELETEVAL", Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP", Key: "PROXYBYPASS")
"<Input Sample>" (Access type: "SETVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYENABLE", Value: "00000000")
"<Input Sample>" (Access type: "DELETEVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYSERVER")
"<Input Sample>" (Access type: "DELETEVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYOVERRIDE") - source
- Registry Access
- relevance
- 10/10
-
Opens the Kernel Security Device Driver (KsecDD) of Windows
- details
- "<Input Sample>" opened "\Device\KsecDD"
- source
- API Call
- relevance
- 10/10
-
Queries sensitive IE security settings
- details
-
"<Input Sample>" (Path: "HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SECURITY", Key: "DISABLESECURITYSETTINGSCHECK")
"<Input Sample>" (Path: "HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SECURITY", Key: "DISABLESECURITYSETTINGSCHECK") - source
- Registry Access
- relevance
- 8/10
-
Queries the display settings of system associated file extensions
- details
-
"<Input Sample>" (Access type: "QUERYVAL", Path: "HKCR\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\.HTML", Key: "ALWAYSSHOWEXT")
"<Input Sample>" (Access type: "QUERYVAL", Path: "HKCR\SOFTWARE\CLASSES\SYSTEMFILEASSOCIATIONS\.HTML", Key: "NEVERSHOWEXT") - source
- Registry Access
- relevance
- 7/10
-
Modifies proxy settings
-
Unusual Characteristics
-
Imports suspicious APIs
- details
-
DeleteFileW
FindResourceExW
OutputDebugStringW
Sleep
CreateProcessW
OpenProcess
GetFileAttributesW
TerminateProcess
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OutputDebugStringA
WinExec
DeleteFileA
CreateFileW
CreateDirectoryW
GetTickCount
FindFirstFileW
FindNextFileW
WriteFile
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
VirtualProtect
VirtualAlloc
GetTempPathW
GetVersionExW
CreateFileA
CopyFileW
LoadLibraryW
FindResourceW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
CreateThread
LockResource
CreateFileMappingW
GetProcAddress
FindWindowW
GetWindowThreadProcessId
SetWindowsHookExW
OpenProcessToken
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
ShellExecuteW
InternetCloseHandle
HttpQueryInfoW
HttpSendRequestW
InternetConnectW
InternetReadFile
InternetCrackUrlW
InternetOpenW
URLDownloadToFileW
sendto (Ordinal #20)
socket (Ordinal #23)
WSAStartup (Ordinal #115)
recvfrom (Ordinal #17) - source
- Static Parser
- relevance
- 1/10
-
Installs hooks/patches the running process
- details
-
"<Input Sample>" wrote bytes "92e6987779a89d77be729d77d62d9d771de2987705a29d77bee39877616f9d7768419b7700509b7700000000ad3784778b2d8477b641847700000000" to virtual address "0x74FF1000" (part of module "WSHTCPIP.DLL")
"<Input Sample>" wrote bytes "c4ca6d7680bb6d7652ba6d769fbb6d7608bb6d7646ce6d7661386e76de2f6e76d0d96d7600000000177923764f9123767f6f2376f4f7237611f72376f2832376857e237600000000" to virtual address "0x6E201000" (part of module "MSIMG32.DLL")
"<Input Sample>" wrote bytes "7739997779a89d77be729d77d62d9d771de2987705a29d77c8689c7757d1a377bee39877616f9d7768419b7700509b7700000000ad3784778b2d8477b641847700000000" to virtual address "0x75501000" (part of module "WSHIP6.DLL")
"<Input Sample>" wrote bytes "40539b7758589c77186a9c77653c9d770000000000bf6d760000000056cc6d76000000007cca6d76000000003768b5756a2c9d77d62d9d77000000002069b5750000000029a66d7600000000a48db57500000000f70e6d7600000000" to virtual address "0x761E1000" (part of module "NSI.DLL")
"<Input Sample>" wrote bytes "94985e7651c15e76efb26476ee9c5e7675dc607690975e7610995e7600000000013d6e7638ed6e76cfcd6d7631236d76de2f6e76c4ca6d7680bb6d7652ba6d769fbb6d76707f6c7692bb6d7646ba6d760abf6d7600000000" to virtual address "0x70BA1000" (part of module "MSLS31.DLL") - source
- Hooks
- relevance
- 10/10
-
Reads information about supported languages
- details
-
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "AR")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "AR")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "AR-SA")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "AR-SA")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "BG")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "BG")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "BG-BG")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "BG-BG")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "CA")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "CA")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "CA-ES")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "CA-ES")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "ZH-HANS")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "ZH-HANS")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "ZH-CN")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "ZH-CN")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "CS")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "CS")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "CS-CZ")
"<Input Sample>" (Path: "HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "CS-CZ") - source
- Registry Access
- relevance
- 3/10
-
Imports suspicious APIs
-
Hiding 7 Suspicious Indicators
- All indicators are available only in the private webservice or standalone version
-
Informative 14
-
Environment Awareness
-
Contains ability to query machine time
- details
-
GetLocalTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003276
GetLocalTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003276
GetLocalTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003276
GetLocalTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003276
GetLocalTime@KERNEL32.DLL from PID 00003276
GetLocalTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003276
GetLocalTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003276
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003596
GetLocalTime@KERNEL32.DLL from PID 00003596
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003596
GetLocalTime@KERNEL32.DLL from PID 00003596
GetLocalTime@KERNEL32.DLL from PID 00003596
GetLocalTime@KERNEL32.DLL from PID 00003596
GetSystemTimeAsFileTime@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 1/10
-
Contains ability to query volume size
- details
-
GetDiskFreeSpaceExW@KERNEL32.DLL from PID 00003276
GetDiskFreeSpaceExW@KERNEL32.DLL from PID 00003596 - source
- StaticStream (Disassembly)
- relevance
- 3/10
-
Contains ability to query machine time
-
General
-
Contacts domains
- details
-
"ak.pipoffers.apnpartners.com"
"pipoffers.apnpartners.com"
"103.100.36.199.in-addr.arpa" - source
- Network Traffic
- relevance
- 1/10
-
Contacts server
- details
- "199.36.100.103:80"
- source
- Network Traffic
- relevance
- 1/10
-
Contains PDB pathways
- details
- "C:\.jenkins\jobs\PIP2.0_INSTALLER\workspace\release\AskInstaller_1_.pdb"
- source
- String
- relevance
- 1/10
-
Creates a writable file in a temporary directory
- details
-
"<Input Sample>" created file "%TEMP%\apn_pip_local\orchestrator.html"
"<Input Sample>" created file "%TEMP%\apn_pip_local\rules.js"
"<Input Sample>" created file "%TEMP%\apn_pip_local\objectmodel.js"
"<Input Sample>" created file "%TEMP%\apn_pip_local\AveryError.png"
"<Input Sample>" created file "%TEMP%\APNAnalytics.xml" - source
- API Call
- relevance
- 1/10
-
Creates mutants
- details
-
"\Sessions\1\BaseNamedObjects\IESQMMUTEX_0_208"
"\Sessions\1\BaseNamedObjects\Global\PIP_Mutex"
"\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"
"\Sessions\1\BaseNamedObjects\Local\c:!users!pspubws!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
"\Sessions\1\BaseNamedObjects\Local\c:!users!pspubws!appdata!roaming!microsoft!windows!cookies!"
"\Sessions\1\BaseNamedObjects\Local\c:!users!pspubws!appdata!local!microsoft!windows!history!history.ie5!"
"\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
"\Sessions\1\BaseNamedObjects\Local\!PrivacIE!SharedMemory!Mutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\DBWinMutex"
"\Sessions\1\BaseNamedObjects\RasPbFile"
"\Sessions\1\BaseNamedObjects\Local\!IETld!Mutex" - source
- Created Mutant
- relevance
- 3/10
-
Drops files marked as clean
- details
- Antivirus vendors marked dropped file "orchestrator.html.4256584812" as clean (type is "HTML document, ASCII text, with CRLF line terminators")
- source
- Dropped File
- relevance
- 10/10
-
GETs files from a webserver
- details
-
"GET /static/partners/AVR/APNAnalytics.xml HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
Host: ak.pipoffers.apnpartners.com
Connection: Keep-Alive" - source
- Network Traffic
- relevance
- 5/10
-
Sample shows a variety of benign indicators
- details
-
The file was not detected as malicious
drops clean files and is signed with a certificate - source
- Signature combinations
- relevance
- 10/10
-
The input sample is signed with a certificate
- details
-
The input sample is signed with a certificate issued by "CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA" (SHA1: 6C:07:45:3F:FD:DA:08:B8:37:07:C0:9B:82:FB:3D:15:F3:53:36:B1, see report for more information)
The input sample is signed with a certificate issued by "CN=Symantec Time Stamping Services CA - G2, O=Symantec Corporation, C=US" (SHA1: 65:43:99:29:B6:79:73:EB:19:2D:6F:F2:43:E6:76:7A:DF:08:34:E4, see report for more information)
The input sample is signed with a certificate issued by "CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa c10, OU=VeriSign Trust Network, O="VeriSign
Inc.", C=US" (SHA1: 6A:67:AE:A2:01:E7:6B:89:57:B8:37:D5:C2:06:45:B0:24:3F:DA:7E, see report for more information)
The input sample is signed with a certificate issued by "CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="c 2006 VeriSign
Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign
Inc.", C=US" (SHA1: 49:58:47:A9:31:87:CF:B8:C7:1F:84:0C:B7:B4:14:97:AD:95:C6:4F, see report for more information) - source
- Unknown
- relevance
- 10/10
-
Contacts domains
-
Installation/Persistance
-
Connects to LPC ports
- details
- "<Input Sample>" connecting to "\ThemeApiPort"
- source
- API Call
- relevance
- 1/10
-
Dropped files
- details
-
"APNAnalytics.xml.121766604" has type "XML document text"
"APNAnalytics[1].xml.2077236108" has type "XML document text"
"rules.js.3749633870" has type "ASCII text, with very long lines, with CRLF line terminators"
"AveryError.png.3752602598" has type "PNG image data, 594 x 360, 8-bit colormap, non-interlaced"
"objectmodel.js.3753185502" has type "ASCII text, with CRLF line terminators"
"orchestrator.html.4256584812" has type "HTML document, ASCII text, with CRLF line terminators" - source
- Dropped File
- relevance
- 3/10
-
Connects to LPC ports
-
Network Related
-
Found potential URL in binary/memory
- details
-
Heuristic match: "pipoffers.apnpartners.com"
Pattern match: "http://ocsp.thawte.com0"
Pattern match: "http://crl.thawte.com/ThawteTimestampingCA.crl0"
Pattern match: "http://ts-ocsp.ws.symantec.com07"
Pattern match: "http://ts-aia.ws.symantec.com/tss-ca-g2.cer0"
Pattern match: "http://ts-crl.ws.symantec.com/tss-ca-g2.crl0"
Pattern match: "https://www.verisign.com/rpa"
Pattern match: "http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D"
Pattern match: "https://www.verisign.com/rpa0"
Pattern match: "http://ocsp.verisign.com0"
Pattern match: "http://csc3-2010-aia.verisign.com/CSC3-2010.cer0"
Pattern match: "https://www.verisign.com/cps0*"
Pattern match: "http://logo.verisign.com/vslogo.gif04"
Pattern match: "http://crl.verisign.com/pca3-g5.crl04"
Pattern match: "sp.ask.com/en/docs/about/terms_of_service.shtml0"
Pattern match: "http://ak.pipoffers.apnpartners.com/static/partners/{partnerid}/APNAnalytics.xml"
Pattern match: "http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher"
Pattern match: "http://localhost/APNAnalytics.xml"
Pattern match: "http://localhost/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher" - source
- String
- relevance
- 10/10
-
Found potential URL in binary/memory
File Details
All Details:
OffercastInstaller_AVR_U-0363-01-P_.exe
- Filename
- OffercastInstaller_AVR_U-0363-01-P_.exe
- Size
- 1011KiB (1035696 bytes)
- Type
- peexe executable
- Description
- PE32 executable (GUI) Intel 80386, for MS Windows
- Architecture
- WINDOWS
- SHA256
- 64ffaae707cc563f06f9d43b50d2e6b9603bcad10b9e22e030db1743b5304a53
- MD5
- 302dd0119a39f3e726721bc6d82e29a4
- SHA1
- f42337e70886db01977319e632ffb4356003050e
- ssdeep
-
24576:eu8qWJEtGWgdbERu+Ta34Y0PxlU78SqIEtNgooj9Yo:eFXfdb0a34Y0PxlUoXIEtNQj9Yo
- imphash
-
5609d8d9ea7face6c6a7d1c3496d518a
- authentihash
-
2931fc8bf3ae59ef6a77cb26ff47bb0b47a59aec815f8dab7f6bdac6b7d61d4d
Resources
- Language
- CHINESE
- Icon
-
Visualization
- Input File (PortEx)
-
Version Info
- LegalCopyright
- 2010 (c) Ask.com. All rights reserved.
- InternalName
- AskInstaller.exe
- FileVersion
- 2.8.1.0
- CompanyName
- Ask.com
- ProductName
- Offercast - APN Install Manager
- ProductVersion
- 2.8.1.0
- FileDescription
- Offercast - APN Install Manager
- OriginalFilename
- AskInstaller.exe
- Translation
- 0x0409 0x04b0
Classification (TrID)
- 67.3% (.EXE) Win32 Executable MS Visual C++ (generic)
- 14.2% (.DLL) Win32 Dynamic Link Library (generic)
- 9.7% (.EXE) Win32 Executable (generic)
- 4.3% (.EXE) Generic Win/DOS Executable
- 4.3% (.EXE) DOS Executable Generic
File Sections
| Details | ||||||
|---|---|---|---|---|---|---|
File Imports
ConvertSidToStringSidW
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegNotifyChangeKeyValue
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
_TrackMouseEvent
ImageList_Destroy
ImageList_GetIconSize
InitCommonControlsEx
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam
CryptQueryObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreateSolidBrush
DeleteDC
DeleteObject
DPtoLP
GetBkColor
GetDeviceCaps
GetDIBColorTable
GetObjectW
GetStockObject
GetTextColor
SelectObject
SetBkColor
SetBkMode
SetDIBColorTable
SetTextColor
StretchBlt
GdipAlloc
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageI
GdipFree
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageWidth
GdiplusShutdown
GdiplusStartup
CancelWaitableTimer
CloseHandle
CompareFileTime
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateMutexW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
CreateWaitableTimerW
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FindClose
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FlushInstructionCache
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCPInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceExW
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesW
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
GetOEMCP
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
lstrcmpA
lstrcmpiW
lstrcmpW
lstrcpynW
lstrcpyW
lstrlenA
lstrlenW
MoveFileExW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
Process32FirstW
Process32NextW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW
ResumeThread
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SetWaitableTimer
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleW
WriteFile
No API names/ordinals defined for this module import
AlphaBlend
TransparentBlt
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoInitialize
CoInitializeEx
CoInitializeSecurity
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
ProgIDFromCLSID
StringFromGUID2
CreateErrorInfo (Ordinal #202)
DispCallFunc (Ordinal #146)
LoadRegTypeLib (Ordinal #162)
LoadTypeLib (Ordinal #161)
OleCreateFontIndirect (Ordinal #420)
SetErrorInfo (Ordinal #201)
SysAllocString (Ordinal #2)
SysAllocStringByteLen (Ordinal #150)
SysAllocStringLen (Ordinal #4)
SysFreeString (Ordinal #6)
SysStringByteLen (Ordinal #149)
SysStringLen (Ordinal #7)
VarBstrCmp (Ordinal #314)
VariantClear (Ordinal #9)
VariantCopy (Ordinal #10)
VariantInit (Ordinal #8)
VarUI4FromStr (Ordinal #277)
RpcStringFreeW
UuidCreate
UuidToStringW
Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHOpenFolderAndSelectItems
AssocQueryStringW
PathFileExistsW
StrCmpW
URLDownloadToFileW
AdjustWindowRectEx
AllowSetForegroundWindow
BeginPaint
CallWindowProcW
CharLowerBuffW
CharNextW
ClientToScreen
CreateAcceleratorTableW
CreateWindowExW
DefWindowProcW
DestroyAcceleratorTable
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageW
DrawFocusRect
DrawTextW
EnableWindow
EndDialog
EndPaint
FillRect
FindWindowW
GetActiveWindow
GetCapture
GetClassInfoExW
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetMenu
GetMessagePos
GetMonitorInfoW
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InvalidateRect
InvalidateRgn
IsChild
IsWindow
IsWindowEnabled
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadStringW
MapDialogRect
MapWindowPoints
MessageBoxW
MonitorFromWindow
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PtInRect
RedrawWindow
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageW
SendMessageW
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetRectEmpty
SetTimer
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowsHookExW
SetWindowTextW
ShowWindow
SystemParametersInfoW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
SetWindowTheme
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
DeleteUrlCacheEntryW
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetCrackUrlW
InternetGetCookieW
InternetOpenW
InternetReadFile
InternetSetCookieW
InternetSetOptionW
WinVerifyTrust
gethostbyaddr (Ordinal #51)
gethostbyname (Ordinal #52)
getprotobyname (Ordinal #53)
inet_addr (Ordinal #11)
inet_ntoa (Ordinal #12)
recvfrom (Ordinal #17)
sendto (Ordinal #20)
setsockopt (Ordinal #21)
socket (Ordinal #23)
WSAGetLastError (Ordinal #111)
WSAStartup (Ordinal #115)
File Certificates
| Owner | Issuer | Validity | Hashes (MD5, SHA1) |
|---|---|---|---|
| CN=Symantec Time Stamping Services CA - G2, O=Symantec Corporation, C=US | CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA Serial: 7e93ebfb7cc64e59ea4b9a77d406fc3b |
12/20/2012 18:00:00 12/30/2020 17:59:59 |
7B:A3:69:EE:9A:BD:81:E0:FC:76:74:E9:70:9E:15:1D 6C:07:45:3F:FD:DA:08:B8:37:07:C0:9B:82:FB:3D:15:F3:53:36:B1 |
| CN=Symantec Time Stamping Services Signer - G4, O=Symantec Corporation, C=US | CN=Symantec Time Stamping Services CA - G2, O=Symantec Corporation, C=US Serial: ecff438c8febf356e04d86a981b1a50 |
10/17/2012 19:00:00 12/29/2020 17:59:59 |
08:32:B6:5C:C3:E3:A4:9B:C3:81:BA:95:E1:B5:87:37 65:43:99:29:B6:79:73:EB:19:2D:6F:F2:43:E6:76:7A:DF:08:34:E4 |
| CN=Ask.com, OU=Distribution, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Ask.com, L=Oakland, ST=California, C=US | CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa c10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Serial: 965f2ac7236c7e1bdca44ed139b273a |
06/19/2011 19:00:00 06/18/2014 18:59:59 |
3C:C1:89:55:A0:79:C9:BA:B5:78:60:C5:19:32:A8:87 6A:67:AE:A2:01:E7:6B:89:57:B8:37:D5:C2:06:45:B0:24:3F:DA:7E |
| CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa c10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US | CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="c 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Serial: 5200e5aa2556fc1a86ed96c9d44b33c7 |
02/07/2010 18:00:00 02/07/2020 17:59:59 |
4D:F6:E0:FC:40:0C:AE:9C:05:2F:AE:98:C6:6D:37:9F 49:58:47:A9:31:87:CF:B8:C7:1F:84:0C:B7:B4:14:97:AD:95:C6:4F |
Screenshots
Loading content, please wait...
Hybrid Analysis
Tip: Click an analysed process below to view more details.
Analysed 2 processes in total (System Resource Monitor).
-
OffercastInstaller_AVR_U_0363_01_P_.exe
(PID: 3276)
-
OffercastInstaller_AVR_U_0363_01_P_.exe
-se -ppd 3276
(PID: 3596)
-
Network Analysis
DNS Requests
| Domain | Address | Registrar | Country |
|---|---|---|---|
| pipoffers.apnpartners.com | 199.36.100.103 | - | 
United States |
| ak.pipoffers.apnpartners.com | 23.78.190.3 | - |
United States |
| 103.100.36.199.in-addr.arpa | - | - | - |
Contacted Hosts
| IP Address | Port/Protocol | Associated Process | Details |
|---|---|---|---|
|
199.36.100.103 |
80
TCP |
- |
United States
ASN: 14829 (Mindspark Interactive Network, Inc.) |
Contacted Countries
HTTP Traffic
| Endpoint | Request | URL | |
|---|---|---|---|
| 23.78.190.3:80 (ak.pipoffers.apnpartners.com) | GET | ak.pipoffers.apnpartners.com/static/partners/AVR/APNAnalytics.xml | GET /static/partners/AVR/APNAnalytics.xml HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E) Host: ak.pipoffers.apnpartners.com Connection: Keep-Alive |
| 199.36.100.103:80 (pipoffers.apnpartners.com) | POST | pipoffers.apnpartners.com/PIP/OfferAccept.jhtml | POST /PIP/OfferAccept.jhtml HTTP/1.1 Content-Type: application/x-www-form-urlencoded Readable: &anxa=APNPIP&anxv=2.8.1.0&anxd=2016-02-26T15:52:32.370-8:00&anxe=PIPStats&anxpt=windows&anxpv=7&anxf=&anxw=1022&anxh=613&anxcd=32&app=&anxr=6AAFE7B1DBE14539B55B0914002719CE&partnerID=AVR&exitCode=0&&WFType=Remote&funnelID=0BE7975B-B683-459B-996D-8D98E8943EE5&machineID=&InitializationEx=47333&APNAnalyticsDl=10505&DlgInitEx=10555 Raw hex: 26616E78613D41504E50495026616E78 763D322E382E312E3026616E78643D32 3031362D30322D32365431353A35323A 33322E3337302D383A303026616E7... |
| 199.36.100.103:80 (pipoffers.apnpartners.com) | POST | pipoffers.apnpartners.com/PIP/OfferAccept.jhtml | POST /PIP/OfferAccept.jhtml HTTP/1.1 Content-Type: application/x-www-form-urlencoded Readable: &anxa=APNPIP&anxv=2.8.1.0&anxd=2016-02-26T15:52:16.542-8:00&anxe=PIPOutcome&anxpt=windows&anxpv=7&anxf=&anxw=1022&anxh=613&anxcd=32&app=&anxr=F7669B1908E147C6A4FD54281B667CBC&pipPartnerName=AVR&machineID=&funnelID=64189273-B0FD-4764-ABFB-D8ACC53B4CF7&CBID=AVX&campaignID=&ioID=&placementID=&WFType=Local&offerCount=0&offerType=Static offer&offerProvider=&offerScreenVersion=&userAcceptance=true&userUIChoice=Next&installerLaunched=NoAttempt&downloadStatus=NoAttempt&downloadTime=-1&errorCondition=0&reasonCode=0&reasonString=&userSelection=&language=U Raw hex: 26616E78613D41504E50495026616E78 763D322E382E312E3026616E78643D32 3031362D30322D32365431353A35323A 31362E3534322D383A303026616E7... |
| 199.36.100.103:80 (pipoffers.apnpartners.com) | POST | pipoffers.apnpartners.com/PIP/OfferAccept.jhtml | POST /PIP/OfferAccept.jhtml HTTP/1.1 Content-Type: application/x-www-form-urlencoded Readable: &anxa=APNPIP&anxv=2.8.1.0&anxd=2016-02-26T15:52:16.542-8:00&anxe=PIPOutcome&anxpt=windows&anxpv=7&anxf=&anxw=1022&anxh=613&anxcd=32&app=&anxr=F7669B1908E147C6A4FD54281B667CBC&pipPartnerName=AVR&machineID=&funnelID=64189273-B0FD-4764-ABFB-D8ACC53B4CF7&CBID=AVX&campaignID=&ioID=&placementID=&WFType=Local&offerCount=-1&offerType=&offerProvider=&offerScreenVersion=&userAcceptance=false&userUIChoice=NoAttempt&installerLaunched=NoAttempt&downloadStatus=NoAttempt&downloadTime=-1&errorCondition=0&reasonCode=0&reasonString=&userSelection=&language=U Raw hex: 26616E78613D41504E50495026616E78 763D322E382E312E3026616E78643D32 3031362D30322D32365431353A35323A 31362E3534322D383A303026616E7... |
| 199.36.100.103:80 (pipoffers.apnpartners.com) | POST | pipoffers.apnpartners.com/PIP/OfferAccept.jhtml | POST /PIP/OfferAccept.jhtml HTTP/1.1 Content-Type: application/x-www-form-urlencoded Readable: &anxa=APNPIP&anxv=2.8.1.0&anxd=2016-02-26T15:52:16.542-8:00&anxe=PIPAttempt&anxpt=windows&anxpv=7&anxf=&anxw=1022&anxh=613&anxcd=32&app=&anxr=F7669B1908E147C6A4FD54281B667CBC&status=0&UIReadyTime=21594&pipPartnerName=AVR&WFType=Local&funnelID=64189273-B0FD-4764-ABFB-D8ACC53B4CF7&machineID=&language=U Raw hex: 26616E78613D41504E50495026616E78 763D322E382E312E3026616E78643D32 3031362D30322D32365431353A35323A 31362E3534322D383A303026616E7... |
| 199.36.100.103:80 (pipoffers.apnpartners.com) | POST | pipoffers.apnpartners.com/PIP/OfferAccept.jhtml | POST /PIP/OfferAccept.jhtml HTTP/1.1 Content-Type: application/x-www-form-urlencoded Readable: &anxa=APNPIP&anxv=2.8.1.0&anxd=2016-02-26T15:52:16.542-8:00&anxe=PIPStats&anxpt=windows&anxpv=7&anxf=&anxw=1022&anxh=613&anxcd=32&app=&anxr=F7669B1908E147C6A4FD54281B667CBC&partnerID=AVR&exitCode=0&&WFType=Local&funnelID=64189273-B0FD-4764-ABFB-D8ACC53B4CF7&machineID=&InitializationEx=4328&DlgInitEx=3312&uiDl=31&ConfigEx=62&orchestratorDl=8969&ParseUiEx=0&LoadEx=9094&uiReady=21594 Raw hex: 26616E78613D41504E50495026616E78 763D322E382E312E3026616E78643D32 3031362D30322D32365431353A35323A 31362E3534322D383A303026616E7... |
Memory Forensics
| String | Context | Stream UID |
|---|---|---|
| pipoffers.apnpartners.com | Domain/IP reference | 00013032-00003596-21860-1186-0091E8C4 |
| 1.3.6.1 | Domain/IP reference | 00013032-00003596-21860-1630-00926BC1 |
| 11.2.1.12 | Domain/IP reference | 00013032-00003596-21860-1630-00926BC1 |
| 2.8.1.0 | Domain/IP reference | 00013032-00003596-21860-510-00906104 |
| www.google.com | Domain/IP reference | 00013032-00003596-21860-1390-008E4C7A |
| 2.5.4.11 | Domain/IP reference | 00013032-00003596-21860-1627-009269D0 |
| avery.com | Domain/IP reference | 00013032-00003596-21860-47-008D845B |
Extracted Strings
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
" should be followed by a numeric value
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"%d.%d.%d.%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
", browser : "ie"}); result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ff"}); result.push({PID: v5TlbrID, tb_type : "ALL", browser : "cr"}); } // // V6 // var partners = getIncumbentPartners(); var incumbentPartnerRegPath; if (!isEmpty(partners)) { if(is64Bit()) incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\"; else incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; for (i = 0; i < partners.length; ++i) { // Check if V7 toolbar, if so go to next; varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\"; varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || ""; if (browsers) continue; varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Macro\\"; vartb_type = pipgetRegValue (partner_path, "tb-type", 0)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
",0);if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}}if(!isEmpty(defaultBrowser)){if(defaultBrowser.toLowerCase().indexOf("firefox.exe") > -1){ defBrowser =FIREFOX;return true;}if(defaultBrowser.toLowerCase().indexOf("iexplore.exe") > -1 ){defBrowser =IE;return true;}if(defaultBrowser.toLowerCase().indexOf("chrome") > -1 && makeoffer(partnerID)) {defBrowser =CHROME;return true;}n=defaultBrowser.lastIndexOf("\\");if(n==-1) n=0;defBrowser=defaultBrowser.substring(n,defaultBrowser.length-1);defBrowser=defBrowser.replace(/[^\w\s]/gi, '');unsupportedBrowser=unsupportedBrowser+defBrowser;} } catch (e){}return false;}function isV5TlbrEligible(){try{var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");if(isEmpty(checkV5Installed)) return true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"0-070P0Z0m0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"\Google\Chrome\User Data\Default\Preferences
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ANALYTICS.XML"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AVERY.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AVERYERROR.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AXBX","BBY","BBY-SRS","BBY2","BBY2-SRS","BCC","BCPAP","BUD","BLP-DL","BGM","BOO","BOO2","BS","BT-SRS-T3","BT-T1","BT-T2","BT-T3","BT-ASK-T4","BUD","BW","C2P","CCS","CDS","CDS2","CDS3","CDS4","CEBV5","CFTPV5","CFTP2V5","CIE","CLA","CLM-DL","CNB","CNET","CNET2","CNET3","CPUID-DL","CPUID-ST","CS","CS-ST","CS2","CS3","CWN","DAT","DDI","DDIS","DDIS2","DGY","DIG-A","DIG-N","DIG-OFF","DIG-ON","DIG-P","DIG-S","DNA","DNA2","DPO","DVDX","DVDX2","EAC","F-CT","F-ET","FAC","FF2-DL","FJS","FKR","FLV","FM","FTB","FTB2","FTB3","FW-ASK","FW-QBD","FW-SRS","FWT","FW2V5","FXTV5-DL","GAM4","GAM-ASK-T4","GAM-SRS","GAM-SRS-T3","GAM-QBD","GAM-T1","GAM-T2","GAM-T3","GET-SRS","GET2-SRS","GET3-SRS","GGSV5","GGSV5-DL","GOM","GYG","HIY-SRS","HULU","ICM-SRS","IEAK9","IMB","IMB-DL","IMT","JDR","JMYV5","KG-ASK","KYT","LMW","LMW2","LMW3","LMW4","LMW-BETA","LMW-BETA2","LOL","LPLV5","LUC","MDG","MEB","MGN","MGX","MMB","MMG","MOV","MOV-DL","MP3","MP3DS","MP3FB","MP3P2","MP3R-ASK","MP3R-DL","MP3R-QBD","MP3R-SRS","MP3R4","MP3R5","MP3R6","MP3SF"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"blocklistedPartners": ["FTB","FTB4","OVO2","WCL2","WCL3"],
Ansi based on Dropped File
(rules.js)
"cmdBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"cr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"dfBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ff":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"GeneralParameters":{
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"groupCollapsedWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Uniblue\\SpeedUpMyPC","InstalledLocation",0);if(!isEmpty(UBRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isPalTalkEligibleOffer() {try{var PTRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Paltalk","InstallerAppDir",0);if(!isEmpty(PTRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isSuperFishEligibleOffer() {try{var SFRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\AppDataLow\\Software\\superfish","InstallStatus",0);if(!isEmpty(SFRegistryPath) && SFRegistryPath.toLowerCase() =="ok"){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function preCheckSecondaryOffer() {try{if(!v6SaturationToolbarOfferFlag &&!showSecondaryOffer &&(primaryTlbrID.toLowerCase().indexOf("myc") > -1 || satTlbrID.toLowerCase().indexOf("myc-sat") >
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"homepage": "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ie":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"makeofferdisabled": [
Ansi based on Dropped File
(rules.js)
"MP3SW","MP3TR","MP3SD","MPC","MPC2","MROV5","MYC","MYC-ASK","MYC-DL","MYC-SRS","MYC-QBD","NG1V5","NG2V5","NG3V5","NG4V5","NSC-S","NSC-O","NSC-E","NSC-P","NSC-A","NSC-N","NSC-NS","NR1V5","NRV5","NXZ","ORJ-SAT","ORJ2","ORJ2-SAT","OSUB","OTV5","OVO","PCH","PDF","PDF2","PDO","PFN","PLF3","PLF4","PLTV5","PLTV5-DL","PLTV5-DL2","POS","POS2","PTF","PTJ","PTV2","PTV2-DL","PTV5","QSYS","RAD","S99","SBES","SCV5","SDT","SE","SF","SKR","SNAPT","SNP-ST","SP","SP2","SPC","SPT","SRFV5","SS2V5","SS3V5","STC2","STC4","STC-SRS","STC2-SRS","STC3-SRS","STC4-SRS","STK","STK2","STK3","STK4","TEMU","THE","TKR","TM","TMN2","TTB","TTR","TVTYV5","UKT","UNI","URS","VDJ","VRS","VD","VD-DL","VZ3","WBG-DL","WBG-ST","WBM2","WBV5-DL","WCL","WCLV5","WCL2V5","WCR","WCV5","WME","WSV5","WZP","YLC","ZMR","ZTV","ZTV-DL","FBK","FB-BETA","FB-PRO","FB-APP","FB-ASK","FB-OD","FB-SEM","MDF","MDF-BETA","NRO","NRO2","NRO3","UTR","UTR2","WID","WID-BETA"]}function cmpVersions (a, b) { var i, l, d; a = a.split('.'); b = b.split('.');
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"OBJECTMODEL.JS""RULES.JS"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"offers": [
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"orBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ORCHESTRATOR.HTML"JAVASCRIPT"JSON.JS"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"SATTB.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"search_url": "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"TB.PNG""V7TB.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"UI.XML"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"use strict";
Ansi based on Dropped File
(orchestrator.html)
"WCL2","ACDS","ADS","AF3-SRS","AGH","ALSV5-DL","AM2","AM3","AMG","APLV5","APL1V5","APL2V5","ATR","ATU","ATU-DL","ATU-ASK","ATU-QBD","ATU-SRS","AXBX","BBY","BBY-SRS","BBY2","BBY2-SRS","BCC","BCPAP","BUD","BLP-DL","BGM","BOO","BOO2","BS","BT-SRS-T3","BT-T1","BT-T2","BT-T3","BT-ASK-T4","BUD","BW","C2P","CCS","CDS","CDS2","CDS3","CDS4","CEBV5","CFTPV5","CFTP2V5","CIE","CLA","CLM-DL","CNB","CNET","CNET2","CNET3","CPUID-DL","CPUID-ST","CS","CS-ST","CS2","CS3","CWN","DAT","DDI","DDIS","DDIS2","DGY","DIG-A","DIG-N","DIG-OFF","DIG-ON","DIG-P","DIG-S","DNA","DNA2","DPO","DVDX","DVDX2","EAC","F-CT","F-ET","FAC","FF2-DL","FJS","FKR","FLV","FM","FTB","FTB2","FTB3","FW-ASK","FW-QBD","FW-SRS","FWT","FW2V5","FXTV5-DL","GAM4","GAM-ASK-T4","GAM-SRS","GAM-SRS-T3","GAM-QBD","GAM-T1","GAM-T2","GAM-T3","GET-SRS","GET2-SRS","GET3-SRS","GGSV5","GGSV5-DL","GOM","GYG","HIY-SRS","HULU","ICM-SRS","IEAK9","IMB","IMB-DL","IMT","JDR","JMYV5","KG-ASK","KYT","LMW","LMW2","LMW3","LMW4","LMW-BETA","LMW-BETA2","LOL","LPLV5","LUC","MDG","MEB","MGN","MGX","MMB","MMG","MOV","MOV-DL","MP3","MP3DS","MP3FB","MP3P2","MP3R-ASK","MP3R-DL","MP3R-QBD","MP3R-SRS","MP3R4","MP3R5","MP3R6","MP3SF","MP3SW","MP3TR","MP3SD","MPC","MPC2","MROV5","MYC","MYC-ASK","MYC-DL","MYC-SRS","MYC-QBD","NG1V5","NG2V5","NG3V5","NG4V5","NSC-S","NSC-O","NSC-E","NSC-P","NSC-A","NSC-N","NSC-NS","NR1V5","NRV5","NXZ","ORJ-SAT","ORJ2","ORJ2-SAT","OSUB","OTV5","OVO","PCH","PDF","PDF2","PDO","PFN","PLF3","PLF4","PLTV5","PLTV5-DL","PLTV5-DL2","POS","POS2","PTF","PTJ","PTV2","PTV2-DL","PTV5","QSYS","RAD","S99","SBES","SCV5","SDT","SE","SF","SKR","SNAPT","SNP-ST","SP","SP2","SPC","SPT","SRFV5","SS2V5","SS3V5","STC2","STC4","STC-SRS","STC2-SRS","STC3-SRS","STC4-SRS","STK","STK2","STK3","STK4","TEMU","THE","TKR","TM","TMN2","TTB","TTR","TVTYV5","UKT","UNI","URS","VDJ","VRS","VD","VD-DL","VZ3","WBG-DL","WBG-ST","WBM2","WBV5-DL","WCL","WCLV5","WCL2V5","WCR","WCV5","WME","WSV5","WZP","YLC","ZMR","ZTV","ZTV-DL","FBK","FB-BETA","FB-PRO","FB-APP","FB-ASK","FB-OD","FB-SEM","MDF","MDF-BETA","NRO","NRO2","NRO3","UTR","UTR2","WID","WID-BETA"]}
Ansi based on Dropped File
(rules.js)
#0)0E0T0b0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#32770
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#efebdf
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#http://crl.verisign.com/pca3-g5.crl04
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#http://logo.verisign.com/vslogo.gif04
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
$$firstset#$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
$0B0H0O0U0o0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%%%2x
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%.0Lf
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
%02d:%02d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%4d-%02d-%02dT%02d:%02d:%02d_%2d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%b %d %H : %M : %S %Y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%d / %m / %y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%d.%d.%d.%d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%H : %M
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%H : %M : S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%I : %M : %S %p
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%I64u
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%m / %d / %y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s %d %2d/%02d/%04d %02d:%02d:%02d.%03d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s PIP Show UI exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s PIP UI ready exiting.
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s:%s
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%s="%s"
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%s='%s'
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%VeriSign Class 3 Code Signing 2010 CA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%VeriSign Class 3 Code Signing 2010 CA0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&#x%02X;
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
&& all_browsers.cr) { var version = parseInt(all_browsers.cr, 10); if (show_logger) logger.log(" CheckVersion of Chrome, version : " + version); if (version > 0) return "cr"; } reasonString = inputCRBrowserVersionNotSupported + " [" + all_browsers.cr + "]"; return ""; } if (p_browser == "ff") { if (all_browsers && all_browsers.ff) { var version = parseInt(all_browsers.ff, 10); if (version > 2) return "ff"; } reasonString = inputFFBrowserVersionNotSupported + " [" + all_browsers.ff + "]"; return ""; } } // CheckVersion function ValidBrowser(p_browser) // ==> string { var toolbars_on_browser = [];
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
&; expires=Sat,01-Jan-2020 00:00:00 GMT;
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
&anxa=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxcd=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxd=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxe=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxf=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxh=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxpt=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxpv=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxr=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxv=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxw=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
&app=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&campaignID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&CBID=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&downloadStatus=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&downloadTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&errorCondition=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&exitCode=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&funnelID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&installerLaunched=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&ioID=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&machineID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerCount=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerProvider=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerScreenVersion=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerType=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&partnerID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&pipPartnerName=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&placementID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
&reasonCode=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&reasonString=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&RemoteQueryServiceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&status=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&UIReadyTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&userAcceptance=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&userSelection=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&userUIChoice=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&WFType=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
' is not a number.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'"' : '\\"',
Ansi based on Dropped File
(orchestrator.html)
'0M0\0j0p0z0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
':') + v); } } } } else {// Otherwise, iterate through all of the keys in the object. for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } }// Join all of the member texts together, separated with commas,// and wrap them in braces. v = partial.length === 0 ? '{}' : gap ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' : '{' + partial.join(',') + '}'; gap = mind; return v; } }// If the JSON object does not yet have a stringify method, give it one. if (typeof JSON.stringify !== 'function') { JSON.stringify = funct
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
'@' (a non-JSON character). Second, we// replace all simple value tokens with ']' characters. Third, we delete all// open brackets that follow a colon or comma or that begin the text. Finally,// we look to see that the remaining characters are only whitespace or ']' or// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval. if (/^[\],:{}\s]*$/ .test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@') .replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']') .replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {// In the third stage we use the eval function to compile the text into a// JavaScript structure. The '{' operator is subject to a syntactic ambiguity// in JavaScript: it can begin a block or an object literal. We wrap the text// in parens to eliminate the ambiguity. j = eval('(' + text + ')');// In the optional fourth stage, we recursively wa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
'[' + partial.join(',') + ']';
Ansi based on Dropped File
(orchestrator.html)
'[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' :
Ansi based on Dropped File
(orchestrator.html)
'\\': '\\\\'
Ansi based on Dropped File
(orchestrator.html)
'\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
Ansi based on Dropped File
(orchestrator.html)
'\b': '\\b',
Ansi based on Dropped File
(orchestrator.html)
'\f': '\\f',
Ansi based on Dropped File
(orchestrator.html)
'\n': '\\n',
Ansi based on Dropped File
(orchestrator.html)
'\r': '\\r',
Ansi based on Dropped File
(orchestrator.html)
'\t': '\\t',
Ansi based on Dropped File
(orchestrator.html)
'Symantec Time Stamping Services CA - G2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'Symantec Time Stamping Services CA - G20
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'{' + partial.join(',') + '}';
Ansi based on Dropped File
(orchestrator.html)
'{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' :
Ansi based on Dropped File
(orchestrator.html)
'|grfdexWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
('0000' + a.charCodeAt(0).toString(16)).slice(-4);
Ansi based on Dropped File
(orchestrator.html)
((((( H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
()... complete.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
(function () {
Ansi based on Dropped File
(orchestrator.html)
(null)
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
(p_installed_toolbars[i].PID.substring(0, 6) === "AVIRA-") )
Ansi based on Dropped File
(rules.js)
(primaryTlbrID)){v6SaturationToolbarOfferFlag = false;return getReasonCode(unsupportedBrowser);}if(!isV5TlbrEligible()){v6SaturationToolbarOfferFlag = false;if(is64Bit()){v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);} else {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);}if(v5TlbrID == primaryTlbrID) v5ToolbarInstalled=v5ToolbarInstalled+"Same Partner ID "+v5TlbrID+"";v5ToolbarInstalled = v5ToolbarInstalled +" "+v5TlbrID;return getReasonCode(v5ToolbarInstalled);} }catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function v6installChecker() {try{showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowser(primaryTlbrID)){v6SaturationToolbarOfferFlag = false;return getReasonCode(unsupportedBrowser);}if(isBlockListed(primaryTlbrID)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
(show_logger) logger.log(" --- Enter InstallCheck with param of : " + JSON.stringify(param)); var is_saturation_offer = false; var return_JSON; var offer_id = GetOfferID(param); var current_time = new Date(); if (current_time > CUTOVER_DATE) { var v7_result = v7installChecker(param); return v7_result; } if (!isSupportedOS() || !isOSServicePackCompatible()) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; return JSON.stringify(return_JSON); } offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); toolbar_to_be_installed = GetToolbarInfo(offer_id); toolbar_to_be_installed.PID = primaryTlbrID; if (Offers.Check(offer_id)) return JSON.stringify(Offers.RetrieveResult(offer_id)); installed_toolbars = installed_to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
(typeof replacer !== 'object' ||
Ansi based on Dropped File
(orchestrator.html)
) {try{var nortonToolbarKey;if(is64Bit()){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);if(isEmpty(nortonToolbarKey)){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);}}else {nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);if(isEmpty(nortonToolbarKey)){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);}}if(!isEmpty(nortonToolbarKey)){logger.log("\r\n******************Norton Toolbar Installed****************");reasonString = NortonSafeSearchToolbarInstalled;return false;}} catch(e){
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
)GgrfdexFetchW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*****
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******* PIP Remote Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
*************** PIP Local Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Local Mode start ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Remote Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Remote Mode start ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******Second instance failed to launch******
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******Second instance ran successfully. Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*****Attempting to launch second instance
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
***Attempting to launch second instance
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
*0004080<0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*PictureW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+ p_browser + ">\n"); if (!p_browser) return ""; if (show_logger) logger.log(" Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n"); var pids = {}; for (var i = 0, N = installed_toolbars.length; i < N; ++i) { var pid_name = installed_toolbars[i].PID; pids[pid_name] = 1; } var name; var pid_str = ""; i = 0; for (name in pids) { if (i > 0) pid_str += ","; pid_str += name; if (name === toolbar_to_be_installed.PID) break; ++i; } if (i >= MAX_NUMBER_OF_TOOLBARS_ON_MACHINE) { reasonString = maxNumberOfPartnersExceeded + " [" + pid_str + "]"; return ""; } if (!UniquePIDTbType()) { return ""; } if (CheckForBlockedPID(reasonString)) {
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
++cascade_count;
Ansi based on Dropped File
(rules.js)
++primary_toolbar_ok_to_present;
Ansi based on Dropped File
(rules.js)
++primary_toolbar_ok_to_present; } break; } } } if (primary_toolbar_ok_to_present && is_saturation_offer) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(secondaryOfferRejected, 10); return_JSON.errorDescription = secondaryOfferRejected; } return return_JSON; } function OriginBrowser() { var tb = "" || (all_browsers && all_browsers.orBr); return tb.slice(0, 2); } function DefaultBrowser() { var tb = "" || (all_browsers && all_browsers.dfBr); return tb.slice(0, 2); } function CommandLineBrowser() { var tb = "" || (all_browsers && all_browsers.cmdBr); return tb.slice(0, 2); } function CanBeInstalled(p_browser, run_cycle) // ==> string { if (show_logger) logger.log("\nCanBeInstalled :<"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
+http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+Symantec Time Stamping Services Signer - G40
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+v$x+v$xv$+xv+$xv$+x+$vx+$vx$v+x+$vx$+vx+v $+v $v $+v +$v $++$ v+$ v$ v++$ v$+ v+xv$+ v$v$ +v+ $v$ ++x$v+ $v$v ++ $v$ +v
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+varValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
, Last Error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-- bytesTransferred
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-- File:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
---elapsed time
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Acquisition of context failed with error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error --CryptGetHashParam failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error --ReadFile failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error CryptHashData failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error during CryptBeginHash!
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error INVALID_HANDLE_VALUE for file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--primary_toolbar_ok_to_present;
Ansi based on Dropped File
(rules.js)
--ValidateMD5Hash --of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-1)){return getReasonCode(precheckSecondary);}}catch (e){}return true;}function isSpeedCheckerInstalled() {try{var SCRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Speedchecker Limited\\PC Speed Up","Uninstaller",0);if(!isEmpty(SCRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isOSServicePackCompatible() {try{var winServicePackRegValue;if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1){winServicePackRegValue=pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion","CSDVersion",0);if(!isEmpty(winServicePackRegValue)){if(winServicePackRegValue == "Service Pack 2" || winServicePackRegValue == "Service Pack 2"){reasonString= XPServicePackNotCompatible + winServicePackRegValue;return false;}}}if(window.navigator.appVersion.indexOf("Windows NT 5.2") != -1) { reasonString = Unsupporte
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
-Are you sure you want to cancel installation?
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-lang
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-se -ppd 3276
Ansi based on Process Commandline
(<Input Sample>)
-UseLocalServer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.%s PIP UI ready exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
... UI button controls-->
Ansi based on Dropped File
(APNAnalytics.xml)
...%s-->
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.8.1.0
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
.?AU_ATL_MODULE70@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUctype_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAdviseSink@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinAmbientDispatch@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinAmbientDispatchEx@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinHostWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinHostWindowLic@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIBindStatusCallback@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIBrowserInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIClassFactory@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIDispatch@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIDocHostUIHandler@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIEnumUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUILogger@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIObjectWithSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleClientSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleContainer@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleControlSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceFrame@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSiteEx@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSiteWindowless@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceUIWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIParseDisplayName@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIPIPClient@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIPIPRulesExecutor@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIRegistrarBase@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIScriptObject@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIServiceProvider@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISORoot@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISupportErrorInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISystemUtil@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUmessages_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUmoney_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUtime_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_IDispEventLocator@$0A@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Iosb@H@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_fstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ifstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ios@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_iostream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_istream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ofstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAtlModuleT@VCComModule@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAxDialogImpl@VCInstallerDialog@@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAxWindowEx@VCAxView@@@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CBitmapButtonImpl@VCBitmapButton@WTL@@V?$CButtonT@VCWindow@ATL@@@2@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CButtonT@VCWindow@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCAxHostWindow@ATL@@$1?GUID_NULL@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCBrowserInfo@@$1?CLSID_BrowserInfo@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCLoggerSO@@$1?CLSID_Logger@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCPIPClient@@$1?CLSID_PIPClient@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCPIPRuleManager@@$1?CLSID_PIPRuleManager@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCScriptObject@@$1?CLSID_ScriptObject@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCSORoot@@$1?CLSID_SORoot@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCSystemUtil@@$1?CLSID_SystemUtil@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComEnum@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@VCComSingleThreadModel@6@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComEnumImpl@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@V?$CComEnum@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@VCComSingleThreadModel@6@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCAxFrameWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCAxUIWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCBrowserInfo@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCPIPClient@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCSystemUtil@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectNoLock@VCComClassFactory@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectRootEx@VCComMultiThreadModel@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectRootEx@VCComSingleThreadModel@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComPolyObject@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CDialogImplBaseT@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CEditT@VCWindow@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CHyperLinkImpl@VCColorHyperlink@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@_WDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@DDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@GDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxFrameWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxHostWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxTranslateAcclWnd@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxUIWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCBitmapButton@WTL@@V?$CButtonT@VCWindow@ATL@@@2@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorCheckbox@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorHyperlink@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorRadio@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorScrollText@@V?$CEditT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorStatic@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCCustomButton@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCView@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@V?$CButtonT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@V?$CEditT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@V?$CButtonT@VCWindow@ATL@@@WTL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@V?$CEditT@VCWindow@ATL@@@WTL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIAxWinAmbientDispatchEx@@$1?_GUID_b2d0778b_ac99_4c58_a5c8_e7724e5316b5@@3U__s_GUID@@B$1?m_libid@CAtlModule@ATL@@2U_GUID@@A$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIBrowserInfo@@$1?IID_IBrowserInfo@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UILogger@@$1?IID_ILogger@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIPIPClient@@$1?IID_IPIPClient@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIPIPRulesExecutor@@$1?IID_IPIPRulesExecutor@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIScriptObject@@$1?IID_IScriptObject@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UISystemUtil@@$1?IID_ISystemUtil@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispEventSimpleImpl@$0A@V?$CAxWindowEx@VCAxView@@@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IObjectWithSiteImpl@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@_W$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@_W$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@D$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@D$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@G$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@G$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIBrowserInfo@@$1?IID_IBrowserInfo@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UILogger@@$1?IID_ILogger@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIPIPClient@@$1?IID_IPIPClient@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIPIPRulesExecutor@@$1?IID_IPIPRulesExecutor@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIScriptObject@@$1?IID_IScriptObject@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UISystemUtil@@$1?IID_ISystemUtil@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$utf8cvt@$00@stdx@gel@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_com_error@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Generic_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_IDispEvent@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Iostream_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Locimp@locale@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_System_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_cast@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_exception@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVBitmap@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAtlException@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAtlModule@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxFrameWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxHostWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxTranslateAcclWnd@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxUIWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxView@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCBitmapButton@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCBrowserInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorCheckbox@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorHyperlink@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorRadio@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorScrollText@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorStatic@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComClassFactory@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComModule@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComObjectRootBase@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCCustomButton@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCDestroyerAndUrlBinderCallback@CDownloader@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCImage@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCInstallerDialog@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCLoggerSO@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCMessageMap@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVcodecvt_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCOwnerButton@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPClient@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPHost@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPRuleManager@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCRegObject@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCScriptObject@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCSORoot@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCSystemUtil@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCView@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVDefaultValueAllocator@Json@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVerror_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVfacet@locale@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVfailure@ios_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVGdiplusBase@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVImage@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVios_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVlength_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVlogic_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVout_of_range@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVruntime_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVsystem_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlAttribute@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlBase@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlComment@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlDeclaration@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlDocument@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlElement@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlNode@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlText@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVutf_error@stdx@gel@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVValueAllocator@Json@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.continue
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.http://crl.thawte.com/ThawteTimestampingCA.crl0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.ICColorStaticWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.NumberOfSecOffersToShow
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.Previous
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']')
Ansi based on Dropped File
(orchestrator.html)
.replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']') .replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {// In the third stage we use the eval function to compile the text into a// JavaScript structure. The '{' operator is subject to a syntactic ambiguity// in JavaScript: it can begin a block or an object literal. We wrap the text// in parens to eliminate the ambiguity. j = eval('(' + text + ')');// In the optional fourth stage, we recursively walk the new structure, passing// each name/value pair to a reviver function for possible transformation. return typeof reviver === 'function' ? walk({'': j}, '') : j; }// If the text is not JSON parseable, then a SyntaxError is thrown. throw new SyntaxError('JSON.parse'); }; }}());</script><script type="text/javascript" src="./objectModel.js"></script> <script type="text/
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
.replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {
Ansi based on Dropped File
(orchestrator.html)
.t%t%t%t%te
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@')
Ansi based on Dropped File
(orchestrator.html)
// Check if V7 toolbar, if so go to next;
Ansi based on Dropped File
(rules.js)
// check to see if trying to install another AVIRA === OK, or vanilla === OK,
Ansi based on Dropped File
(rules.js)
// Checks to see if AVIRA is already installed on the machine; if so,
Ansi based on Dropped File
(rules.js)
// If cache
Ansi based on Dropped File
(rules.js)
// If we come back to the same page, the offer, as presented before, will be
Ansi based on Dropped File
(rules.js)
// Keeps a cache of offers, by offer id. This will be useful if for previous/next.
Ansi based on Dropped File
(rules.js)
// param is in the form: CurrentID|PreviousID-(checkboxID:(true|false)|)*
Ansi based on Dropped File
(rules.js)
// presented, and ALL subsequent offers will be deleted.
Ansi based on Dropped File
(rules.js)
// secure === NOT OK. Assumes PIDTb collision has already been run.
Ansi based on Dropped File
(rules.js)
// V5
Ansi based on Dropped File
(rules.js)
// V6
Ansi based on Dropped File
(rules.js)
// V7
Ansi based on Dropped File
(rules.js)
// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval.
Ansi based on Dropped File
(orchestrator.html)
// A default replacer method can be provided. Use of the space parameter can
Ansi based on Dropped File
(orchestrator.html)
// a JavaScript value if the text is a valid JSON text.
Ansi based on Dropped File
(orchestrator.html)
// and wrap them in braces.
Ansi based on Dropped File
(orchestrator.html)
// backslash characters, then we can safely slap some quotes around it.
Ansi based on Dropped File
(orchestrator.html)
// because they can cause invocation, and '=' because it can cause mutation.
Ansi based on Dropped File
(orchestrator.html)
// brackets.
Ansi based on Dropped File
(orchestrator.html)
// But just to be safe, we want to reject all unexpected forms.
Ansi based on Dropped File
(orchestrator.html)
// crippling inefficiencies in IE's and Safari's regexp engines. First we
Ansi based on Dropped File
(orchestrator.html)
// Due to a specification blunder in ECMAScript, typeof null is 'object',
Ansi based on Dropped File
(orchestrator.html)
// each name/value pair to a reviver function for possible transformation.
Ansi based on Dropped File
(orchestrator.html)
// for non-JSON patterns. We are especially concerned with '()' and 'new'
Ansi based on Dropped File
(orchestrator.html)
// for non-JSON values.
Ansi based on Dropped File
(orchestrator.html)
// Format integers to have at least two digits.
Ansi based on Dropped File
(orchestrator.html)
// If the JSON object does not yet have a parse method, give it one.
Ansi based on Dropped File
(orchestrator.html)
// If the JSON object does not yet have a stringify method, give it one.
Ansi based on Dropped File
(orchestrator.html)
// If the replacer is an array, use it to select the members to be stringified.
Ansi based on Dropped File
(orchestrator.html)
// If the space parameter is a number, make an indent string containing that
Ansi based on Dropped File
(orchestrator.html)
// If the space parameter is a string, it will be used as the indent string.
Ansi based on Dropped File
(orchestrator.html)
// If the string contains no control characters, no quote characters, and no
Ansi based on Dropped File
(orchestrator.html)
// If the text is not JSON parseable, then a SyntaxError is thrown.
Ansi based on Dropped File
(orchestrator.html)
// If the type is 'object', we might be dealing with an object or an array or
Ansi based on Dropped File
(orchestrator.html)
// If the value has a toJSON method, call it to obtain a replacement value.
Ansi based on Dropped File
(orchestrator.html)
// If the value is a boolean or null, convert it to a string. Note:
Ansi based on Dropped File
(orchestrator.html)
// If there is a replacer, it must be a function or an array.
Ansi based on Dropped File
(orchestrator.html)
// If we were called with a replacer function, then call the replacer to
Ansi based on Dropped File
(orchestrator.html)
// in JavaScript: it can begin a block or an object literal. We wrap the text
Ansi based on Dropped File
(orchestrator.html)
// in parens to eliminate the ambiguity.
Ansi based on Dropped File
(orchestrator.html)
// In the optional fourth stage, we recursively walk the new structure, passing
Ansi based on Dropped File
(orchestrator.html)
// In the second stage, we run the text against regular expressions that look
Ansi based on Dropped File
(orchestrator.html)
// In the third stage we use the eval function to compile the text into a
Ansi based on Dropped File
(orchestrator.html)
// incorrectly, either silently deleting them, or treating them as line endings.
Ansi based on Dropped File
(orchestrator.html)
// Is the value an array?
Ansi based on Dropped File
(orchestrator.html)
// JavaScript structure. The '{' operator is subject to a syntactic ambiguity
Ansi based on Dropped File
(orchestrator.html)
// Join all of the elements together, separated with commas, and wrap them in
Ansi based on Dropped File
(orchestrator.html)
// Join all of the member texts together, separated with commas,
Ansi based on Dropped File
(orchestrator.html)
// JSON numbers must be finite. Encode non-finite numbers as null.
Ansi based on Dropped File
(orchestrator.html)
// Make a fake root object containing our value under the key of ''.
Ansi based on Dropped File
(orchestrator.html)
// Make an array to hold the partial results of stringifying this object value.
Ansi based on Dropped File
(orchestrator.html)
// many spaces.
Ansi based on Dropped File
(orchestrator.html)
// null.
Ansi based on Dropped File
(orchestrator.html)
// obtain a replacement value.
Ansi based on Dropped File
(orchestrator.html)
// open brackets that follow a colon or comma or that begin the text. Finally,
Ansi based on Dropped File
(orchestrator.html)
// Otherwise we must also replace the offending characters with safe escape
Ansi based on Dropped File
(orchestrator.html)
// Otherwise, iterate through all of the keys in the object.
Ansi based on Dropped File
(orchestrator.html)
// Otherwise, throw an error.
Ansi based on Dropped File
(orchestrator.html)
// Parsing happens in four stages. In the first stage, we replace certain
Ansi based on Dropped File
(orchestrator.html)
// Produce a string from holder[key].
Ansi based on Dropped File
(orchestrator.html)
// produce text that is more easily readable.
Ansi based on Dropped File
(orchestrator.html)
// replace all simple value tokens with ']' characters. Third, we delete all
Ansi based on Dropped File
(orchestrator.html)
// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we
Ansi based on Dropped File
(orchestrator.html)
// Return the result of stringifying the value.
Ansi based on Dropped File
(orchestrator.html)
// sequences.
Ansi based on Dropped File
(orchestrator.html)
// so watch out for that case.
Ansi based on Dropped File
(orchestrator.html)
// space parameter, and returns a JSON text. The replacer can be a function
Ansi based on Dropped File
(orchestrator.html)
// that can replace values, or an array of strings that will select the keys.
Ansi based on Dropped File
(orchestrator.html)
// that modifications can be made.
Ansi based on Dropped File
(orchestrator.html)
// The parse method takes a text and an optional reviver function, and returns
Ansi based on Dropped File
(orchestrator.html)
// the remote chance that this gets fixed someday.
Ansi based on Dropped File
(orchestrator.html)
// The stringify method takes a value and an optional replacer, and an optional
Ansi based on Dropped File
(orchestrator.html)
// The value is an array. Stringify every element. Use null as a placeholder
Ansi based on Dropped File
(orchestrator.html)
// The walk method is used to recursively walk the resulting structure so
Ansi based on Dropped File
(orchestrator.html)
// typeof null does not produce 'null'. The case is included here in
Ansi based on Dropped File
(orchestrator.html)
// Unicode characters with escape sequences. JavaScript handles many characters
Ansi based on Dropped File
(orchestrator.html)
// we look to see that the remaining characters are only whitespace or ']' or
Ansi based on Dropped File
(orchestrator.html)
// We split the second stage into 4 regexp operations in order to work around
Ansi based on Dropped File
(orchestrator.html)
// What happens next depends on the value's type.
Ansi based on Dropped File
(orchestrator.html)
//target_browser = CanBeInstalled(target_browser);
Ansi based on Dropped File
(rules.js)
//this.tb_info = toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
//var CUTOVER_DATE = new Date(2010, 06, 01);
Ansi based on Dropped File
(rules.js)
//var toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/PIP2.5/OfferAccept.jhtml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0,0D0H0`0d0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(000<0\0d0p0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(0@0D0\0`0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(0@0P0T0d0h0l0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0"0'010>0L0V0c0h0r0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0#0I0P0j0q0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0,040<0D0L0T0\0d0l0t0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0,040<0H0h0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0,080X0`0l0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$000P0\0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0D0L0X0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$1(1,1014181<1H1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$111E1l1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$181D1L1d1l1x1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0'0H0N0h0u0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0'1Y1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0(000<0\0h0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0(040@0L0X0d0p0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0)01060=0]0c0n0t0{0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0+142V2B3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0,0<0@0H0`0d0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0/1=1F1M1b1y1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
00#090O0e0~0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0000000000N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
000000000NNN
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
000000NNN
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
00000401
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000402
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000403
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000404
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000405
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000406
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000407
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000408
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000409
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000410
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000411
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000412
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000413
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000414
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000415
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000416
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000417
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000418
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000419
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000420
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000421
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000422
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000423
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000424
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000425
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000426
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000427
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000428
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000429
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000432
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000434
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000435
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000436
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000437
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000438
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000439
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000440
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000441
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000442
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000443
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000444
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000445
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000446
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000447
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000448
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000449
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000450
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000451
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000452
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000453
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000454
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000456
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000457
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000461
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000462
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000463
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000464
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000465
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000468
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000470
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000478
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000047A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000047C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000047E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000480
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000481
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000482
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000483
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000484
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000485
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000486
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000487
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000488
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000048C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000491
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000501
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
000005FE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000801
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000804
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00D0P0X0p0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0123456789abcdef
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0123456789abcdefABCDEF
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0123456789abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
018- unexpected heap error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
021=1S1k1q1z1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
040A0M0S0l0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
040D0H0L0P0T0X0\0`0d0h0l0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
080L0X0`0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0;0"141;1K1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0<0D0L0T0\0d0l0t0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0A1R1[1r1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0B0T0A1v1{1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0J1V1f1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0L0f0n0t0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0NN00NN00
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0NN0NN000
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,141L1\1`1d1h1p1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1*1[1j1w1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 181H1L1\1`1d1l1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1<1D1V1f1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1@1H1T1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1"232@2G2W2i2n2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1#171I1O1c1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1#IND
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1#INF
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1#QNAN
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1#SNAN
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1$1(1,10141<1T1d1h1l1p1x1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1,141<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1,181X1d1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1D1T1h1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1&1+151B1P1Z1g1l1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(101`1t1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(181<1L1P1T1X1\1d1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1+11171n1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1+1?1S1g1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1+1T1b1p1~1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1,181@1X1`1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1,1<1@1P1T1X1`1x1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1.3.6.1.4.1.311.2.1.12
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
100208000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
10181D1d1p1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
110620000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
11272>2D2`2f2l2s2z2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
121018000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
121221000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
121Z1b1m1r1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
12=2U2l2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
12?2M2f2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
130611234410Z0#
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
13292K2.3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
140618235959Z0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
141<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
191T1b1z1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1:2G2_2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2(2,282L6T6\6d6l6t6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2<2@2X2\2t2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2(20282@2L2l2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2(242T2`2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2,242L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 20242D2H2L2P2T2\2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 282<2T2d2h2l2p2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2!2/2=2G2T2Y2c2o2t2~2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2!3-3>3L3l4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2"3E3Y3c3m3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2"3R3Y3e3k3w3}3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2#2.2D2L2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2#393D3S3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2+2=2D2N2U2!3r5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2,242<2D2L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2,242<2D2L2X2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$24282H2L2P2T2X2\2d2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2<2L2P2`2d2h2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2D2L2X2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2D2L2X2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$3K3V3[3r3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2.2\2b2}2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(292@2\2m2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2@2L2X2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2)2;2A2H2N2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2*3E4u5z5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2,2024282<2D2\2l2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2-252;2E2K2U2[2e2n2y2~2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2.5.4.11
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2.8.1.0
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
200207235959Z0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2010 (c) Ask.com. All rights reserved.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
201229235959Z0b1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
201230235959Z0^1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
202D2P2X2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
202D2P2X2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
22292I2l2^4g4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
23,3@3N3Y3e3o3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
28-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, gap, indent, meta = { // table of character substitutions '\b': '\\b', '\t': '\\t', '\n': '\\n', '\f': '\\f', '\r': '\\r', '"' : '\\"', '\\': '\\\\' }, rep; function quote(string) {// If the string contains no control characters, no quote characters, and no// backslash characters, then we can safely slap some quotes around it.// Otherwise we must also replace the offending characters with safe escape// sequences. escapable.lastIndex = 0; return escapable.test(string) ? '"' + string.replace(escapable, function (a) { var c = meta[a]; return typeof c === 'string' ? c : '\\u' + ('0000' + a.charCodeAt(0).toSt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
282@2H2T2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
289<9@9D9H9L9\=`=d=h=(>,>0>4>8><>@>D>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2<2H2h2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2<3C3e3l3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2=2T2Z2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2F3T3\3f3n3u3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2O2`2h2n2z2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2O3W3]3d3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2Terms of use at https://www.verisign.com/rpa (c)101.0,
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,30343
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,3034383<3@3D3H3`3d3h3l3p3p4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3(30383@3H3P3X3`3h3p3x3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3(3@3D3\3`3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3,313;3G3L3V3b3g3q3}3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3034383@3X3h3l3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3@3H3T3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 4<4\4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3"3H3^3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3+3P3V3]3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,343<3D3L3T3\3d3l3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,343<3D3P3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,343<3D3P3t3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,383X3d3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$303h3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3,3<3@3D3L3d3t3x3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3,3D3H3`3p3t3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(343<3T3`3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3H3P3X3`3l3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3)4K4Q4e4o4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3*303:3@3N3T3Z3`3e3k3r3x3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3,303@3D3H3P3h3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3.373n3{3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
32bit
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
34 404F4V4o4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
34$404M4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
343<3D3P3p3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
343L3`3l3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
34F4O4s4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
353=3E3\3u3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
373C3c3w3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
383D3d3l3t3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3;3O3f3r3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3M3T3Z3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3n6t6-737
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3u3$4?4y4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4$4(4,4044484<4@4D4H4L4P4T4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4$4(4,40484P4`4d4t4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4(40484@4H4P4X4`4h4p4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4(40484D4d4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4044484<4@4H4`4p4t4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4@4H4P4\4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 5,5Q5c5}5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4"5G5M5T5Z5u5{5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4(4,444L4\4`4p4t4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4(484<4@4D4H4P4h4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4,444<4D4L4T4\4d4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4.4:4?4I4V4_4p4u4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4[4h4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4D4L4T4\4d4l4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4<4H4P4h4p4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4H4p45(5:5@5H5P5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4O4V4c4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4*6o6t6&747G7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,444<4D4L4T4\4d4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,4L4g4n4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,4S4h4q4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,545I5T5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4.545H5R5n5w5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4/454<4B4^4d4j4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4/454<4Q4q4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444<4D4P4p4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444@4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444D4H4L4P4X4p4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444D4P4t4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
45c5i5p5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
465H5P5g5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
47<7D7L7T7\7d7l7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
494\4-6>6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4@4T4`4h4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4\5g5n5s5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4`8g8O9^9l9?<N<w=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5$5*5.54585>5B5G5M5Q5W5[5a5e5k5o5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5(50585@5H5P5X5`5p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5(50585D5d5l5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5;5V5q5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5?5S5w5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5H5`5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!595@5T5l5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!5@5k5~5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!6`6p6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5"686Y6k6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5(5,5054585@5X5h5l5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545<5D5L5T5\5d5l5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545<5D5L5T5\5h5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545<5D5P5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545@5`5h5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$545<5D5L5T5\5d5l5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5<5L5P5`5d5h5l5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5\5p5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5%5+5I5X5^5h5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5&5I5T5Y5k5q5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(5,545L5P5h5l5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(5-5P5Y5a5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(50585@5H5P5X5`5h5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5*5/595M5R5\5i5u5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5,545<5D5L5T5\5d5l5t5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5,5<5@5P5T5X5\5`5d5h5p5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5-545=5F5O5X5d5p5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5/656:6B6R6\6b6v6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
505@5D5L5d5h5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
50<0L0T0r0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
515@5N5l5r5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
517A7G7T7i7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
526?6S6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
555B5G5U5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
576B6S6_6g6m6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
576F6O6[6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
585@5H5T5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
596G6V6d6{6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5=6W6b6m6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5^5k5s5y5}5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5Digital ID Class 3 - Microsoft Software Validation v21
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5G6\6g6n6u6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6$6(606H6L6d6h6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6$6,6@6H6T6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6$6,6D6T6X6h6l6p6t6x6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6'6/6A6q6x6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(60686@6L6l6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(646l6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(6@6P6T6d6h6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 646@6H6`6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6@6H6T6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6L6h6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6!6&6]6j6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6#636b6h6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6#636C6M6u6{6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6#6;6P6}6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6$6,646<6D6L6T6\6d6l6t6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6$6,646@6`6l6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6$606h6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6&6:6a6!9x9v:H<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6'6-6:6@6P6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(646<6l6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(646@6L6X6d6n6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(686<6@6D6H6L6T6l6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(6P6X6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(7P7^7~7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6)6/686K6o6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6)767J7q7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6+6@6b6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6,6064686<6@6D6H6L6P6T6X6`6x6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6-636:6@6Z6g6v67m7y7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
617E7O7h7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
646B6h6r6}6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
64bit
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
657;7A7~7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
657@7I7w7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
68<<<@<D<H<l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6:6L6S6w6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6<7N7U7Z7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6[6!7c7G8Z89H9{9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6D7P7U7n7t7*8A8X8k8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6http://sp.ask.com/en/docs/about/terms_of_service.shtml0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6j7<8G8`9s;D=]=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6K6Q6g6l6t6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6v7{98;j;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6|;9<J=f=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7(707H7X7\7`7d7h7l7p7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7,7D7T7X7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7(70787@7H7P7\7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7,7L7T7\7d7l7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 70747<7T7d7h7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7P7d7p7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"7'7/747<7A7H7W7\7b7k7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"7,7P7Y7b7s7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"717@7O7^7m7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7#7>7\7~7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7,747<7D7L7T7\7d7l7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7,747@7`7h7t7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7L7V7a7u7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7T7h7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$8>8\8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7(7H7P7\7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7(8Q8g8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7*7V7j7t7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7*888]8l8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7*8R8[8a8f8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7,7074787<7@7D7H7L7P7T7X7\7d7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7,757l7y7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7-8C8m8r8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
72797D7Z7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
737:7l7s7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
747D7H7L7P7X7p7t7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
757<7b7h7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
758;8O8}8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
777J7_7o7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7878?8K8x8~8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
787@7L7l7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7<7D7L7X7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7?7F7&8>8z9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7@7T7`7h7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 8(80888@8L8l8x8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 949@9H9h9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(8,878
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(8/8?8h8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(848:8@8F8L8R8X8^8d8j8r8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8#8(8I8N8s8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8#8,8c8p8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8#9A9a9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8(8,848L8P8h8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8,848<8D8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$80888P8\8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8<8L8P8`8d8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8D8L8T8\8d8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8%818h8z8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8&858D8S8b8q8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8&8_8h8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8'818H8m8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8'9<9E9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8':,:1:h:m:%;Z;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8,8084888<8@8D8H8L8P8T8X8`8x8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8H8P8\8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(9-9?9]9q9w9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8*8Q8f8o8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8+838=8M8Y8_8i8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,8084888<8@8H8`8p8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,808@8D8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,848<8D8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
808:8E8Y8p8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
848H8T8\8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
888D8d8p8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
88@8P8j8{8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8:KR$l'}f
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8<8D8L8T8`8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8^WCColorStaticd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8^~t/9^pt*S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8A9F9K9Q9Z9k9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8ILoggerW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8M9s97:B:W:k:u:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8o9B:P:m:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8pLoggerWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8Q8z9::^:l:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8zIPIPRulesExecutorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9l9p9t9x9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,90989P9`9d9h9l9p9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,949L9\9`9p9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9(9@9P9T9d9h9l9p9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9*9>9V9`9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9;9^9y9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9@9H9P9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9!9+919:9K9Z9b9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9#9L9R9a9{9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9(9@9D9\9l9p9t9x9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9,949<9D9L9T9\9d9l9t9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9,9D9L9X9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9.979f9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$909P9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9H9T9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(909P9h9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(959B9\9c9o9u9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(989<9L9P9T9X9`9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(9H9T9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9*999H9W9f9u9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9,9c9u9+:R:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9- not enough space for environment
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
9-929=9P9V9[9a9m9s9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9/9S;w;~;u<%=c=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
909@9D9T9X9\9`9d9l9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
919;9D9V9l9r9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
94989X9`9d9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
949<9D9L9T9\9d9l9t9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
949?9P9^9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
989G9T9`9p9w9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
99!9H9]9f9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9:<:T:[:c:h:l:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9http://apnpip.ask.com/PIP/partners/{partnerid}/config.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9l;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9V9^9m9~:/<7<L<}<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :(:0:8:D:d:l:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :8:H:L:\:`:p:t:x:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :<:@:H:P:X:\:d:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :L:h:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:!:V:p:w:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:#:+:4:;:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:(:8:<:@:D:L:d:t:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:(:8:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:\:d:l:t:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:\:h:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:`:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:<:L:P:`:d:h:l:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:D:L:T:`:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:4:<:T:\:d:l:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:8:<:L:P:T:\:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:<:H:P:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:=:F:}:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:[:j:s:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:):8:G:V:e:p:{:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:*:D:K:j:p:w:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:6:t:z:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:<:@:D:H:L:P:X:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:<:h:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:L:\:d:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:-:B:Z:m:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:1:F:l:r:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:3:G:^:L;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:4;=;D;K;R;m;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:7;C;I;P;V;n;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:::G:[:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:@:L:T:Z:e:o:w:}:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@;R;d;v;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@;X;g;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:AM:am:PM:pm
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:I;O;T;Z;k;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:J<V<\<a<g<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:k;!<:<?<v<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:L>R>[>b>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00013032-00003596.00000000.13355.008D1000.00000020.mdmp)
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:v<H>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
; ;$;(;,;0;4;8;<;@;D;H;L;P;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;4;8;<;D;\;l;p;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;(;0;8;@;L;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;(;4;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;);0;5;I;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;0;4;8;<;@;H;`;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;0;4;<;T;X;p;t;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;4;@;H;x;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;@;X;p;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; expires=Sat,01-Jan-2020 00:00:00 GMT;
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;%;);-;1;5;9;=;A;E;I;M;Q;U;Y;];a;e;i;m;q;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;%;+;5;>;U;y;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;6;E;P;Z;e;j;t;~;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;";';-;>;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;";7;>;E;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;,;4;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;,;4;<;H;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;4;8;<;D;\;l;p;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;D;L;T;\;h;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;%;/;>;E;W;h;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;&;D;L;o;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;'<c<7=>=E=K=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;(;4;<;T;`;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;(;8;<;@;D;H;L;P;T;X;\;`;d;l;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;,;4;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;0;4;8;<;@;D;P;T;X;\;`;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;0;E;O;X;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;6;\;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
;8<E<q<~<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;<#<L<R<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;?;H;Y;a;n;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;f</>A>H>O>s>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;J;P;T;X;\;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;S;];l;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<0<H<X<\<`<d<h<p<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <(<@<P<T<X<\<d<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<!<5<T<f<w<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<![CDATA[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<![CDATA[%s...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<"<C<Q<^<m<t<{<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<<<D<L<X<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<<<H<h<p<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<<<H<l<t<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<@<`<l<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<8<\<d<l<t<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<8<X<`<h<p<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$</<3<8<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$</<O<n<z<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<0<P<\<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<D<L<T<\<d<l<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<D<P<p<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$=8=D=L=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$=>=C=N=W=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$=I=X=`=m=y=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<%=>=S=a=l=q=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<&</<9<C<_<k<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<&=V?c?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<(<,<0<4<<<T<d<h<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<)<<<C<K<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<)=I=l=y=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<)>G>Q>d>k>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<*>[>k>,?2?>?M?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<+t$<-t <0u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<,<0<4<8<<<@<D<L<d<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<,<4<D<L<T<\<t<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<-<6<L<Y<p<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<.pbk
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
</%s>
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
</<><C<a<h<r<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
</BODY>
Ansi based on Dropped File
(orchestrator.html)
</control>
Ansi based on Dropped File
(APNAnalytics.xml)
</controls>
Ansi based on Dropped File
(APNAnalytics.xml)
</GeneralParameters>
Ansi based on Dropped File
(APNAnalytics.xml)
</HEAD>
Ansi based on Dropped File
(orchestrator.html)
</HTML>
Ansi based on Dropped File
(orchestrator.html)
</Language>
Ansi based on Dropped File
(APNAnalytics.xml)
</offer>
Ansi based on Dropped File
(APNAnalytics.xml)
</offereula>
Ansi based on Dropped File
(APNAnalytics.xml)
</Parameters>
Ansi based on Dropped File
(APNAnalytics.xml)
</root>
Ansi based on Dropped File
(APNAnalytics.xml)
</script>
Ansi based on Dropped File
(orchestrator.html)
</SCRIPT>
Ansi based on Dropped File
(orchestrator.html)
</stringtable>
Ansi based on Dropped File
(APNAnalytics.xml)
<0c0+232B2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<4<8<P<`<d<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<4<D<H<L<P<T<X<`<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<8=C=\=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<9=h=n=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<<f<k<t<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<=0=E=N=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<=<`<g<m<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<==F=L=Q=i=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<?xml
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<?xml version="1.0" encoding="utf-8"?>
Ansi based on Dropped File
(APNAnalytics.xml)
<?xml version="1.0" encoding="utf-8"?><root> <GeneralParameters> <PreviousX>250</PreviousX> <PreviousY>37</PreviousY> <NextX>169</NextX> <NextY>37</NextY> <CancelX>88</CancelX> <CancelY>37</CancelY> <Height>399</Height>
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
<?xml version="1.0" encoding="utf-8"?><root><GeneralParameters><PreviousX>250</PreviousX><PreviousY>37</PreviousY><NextX>169</NextX><NextY>37</NextY><CancelX>88</CancelX><CancelY>37</CancelY><Height>445</Height><Width>600</Width><bgColor>EFEBDF</bgColor><RegistryKey>HKEY_CURRENT_USER\Software\APN PIP\Analytics\{partnerid}</RegistryKey><ReportSever>anx.apnanalytics.com/200/pip/test.gif?</ReportSever><PIPReportSever>pipoffers.apnpartners.com/PIP/OfferAccept.jhtml</PIPReportSever><HideEula>1</HideEula><GetServer>http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}</GetServer> <Parameters> <lang id="language" position="2" report="Y" get="Y"/> </Parameters></GeneralParameters><stringtable><Language langID="en"><string id="STRID_TITLE">FrostWire Setup</string><string id="STRID_TEXT1">Press Page Down to see the rest of the agreement.</string><string id="STRID_EULA">If you accept t
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<@<`<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<A=L=Z=s=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<A=V=`=j=o=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<apnanalytics></apnanalytics>
Ansi based on Dropped File
(APNAnalytics.xml)
<apps></apps>
Ansi based on Dropped File
(APNAnalytics.xml)
<at,<rt"<wt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<bgColor>EFEBDF</bgColor>
Ansi based on Dropped File
(APNAnalytics.xml)
<BODY onload="load()">
Ansi based on Dropped File
(orchestrator.html)
<CancelX>88</CancelX>
Ansi based on Dropped File
(APNAnalytics.xml)
<CancelY>37</CancelY>
Ansi based on Dropped File
(APNAnalytics.xml)
<control bgcolor="" checked="false" color="" ctrltype="offer" ctrlvalue="true" height="40" id="eula" isBold="true" subctr="" text="STRID_EULA" type="checkbox" width="400" x="50" y="90"></control>
Ansi based on Dropped File
(APNAnalytics.xml)
<control bgcolor="#FFD793" color="" fontsize="20" height="60" id="txt1-of11" isBold="true" text="Frostwire Demo Starting....." type="text" width="400" x="0" y="0"></control>
Ansi based on Dropped File
(APNAnalytics.xml)
<control bgcolor="#ffffff" color="" height="190" id="txt1-of10" isBold="false" text="" type="text" width="420" x="30" y="80">
Ansi based on Dropped File
(APNAnalytics.xml)
<controls>
Ansi based on Dropped File
(APNAnalytics.xml)
<D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<DefaultUiReadyTimeout>1800</DefaultUiReadyTimeout>
Ansi based on Dropped File
(APNAnalytics.xml)
<E=p=v=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<GeneralParameters>
Ansi based on Dropped File
(APNAnalytics.xml)
<GetServer>http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}</GetServer>
Ansi based on Dropped File
(APNAnalytics.xml)
<HEAD>
Ansi based on Dropped File
(orchestrator.html)
<Height>399</Height>
Ansi based on Dropped File
(APNAnalytics.xml)
<HideEula>1</HideEula>
Ansi based on Dropped File
(APNAnalytics.xml)
<HTML>
Ansi based on Dropped File
(orchestrator.html)
<HTML><HEAD><script type="text/javascript">var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; }
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
<I=o=A?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<J<Z<j<t<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<Language langID="en">
Ansi based on Dropped File
(APNAnalytics.xml)
<N=R=V=Z=^=b=f=j=n=r=v=z=~=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<NextX>169</NextX>
Ansi based on Dropped File
(APNAnalytics.xml)
<NextY>37</NextY>
Ansi based on Dropped File
(APNAnalytics.xml)
<offer bgcolor="#EFEBDF" bkgImage="" color="" display="true" displayname="" icParams="" icProceed="" icUrl="" id="{cpf1}" imageheight="" imagewidth="" switchcontroltype="checkbox" title="STRID_TITLE" transparency="255">
Ansi based on Dropped File
(APNAnalytics.xml)
<offereula>
Ansi based on Dropped File
(APNAnalytics.xml)
<P=`=e=k=q=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<Parameters>
Ansi based on Dropped File
(APNAnalytics.xml)
<PIPReportSever>pipoffers.apnpartners.com/PIP/OfferAccept.jhtml</PIPReportSever>
Ansi based on Dropped File
(APNAnalytics.xml)
<pProductID get="Y" id="pProductID" position="2" report="Y"/>
Ansi based on Dropped File
(APNAnalytics.xml)
<PreviousX>250</PreviousX>
Ansi based on Dropped File
(APNAnalytics.xml)
<PreviousY>37</PreviousY>
Ansi based on Dropped File
(APNAnalytics.xml)
<program name unknown>
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<RegistryKey>HKEY_CURRENT_USER\Software\APN PIP\Analytics\{partnerid}</RegistryKey>
Ansi based on Dropped File
(APNAnalytics.xml)
<ReportSever>anx.apnanalytics.com/200/pip/test.gif?</ReportSever>
Ansi based on Dropped File
(APNAnalytics.xml)
<root>
Ansi based on Dropped File
(APNAnalytics.xml)
<script type="text/javascript" src="./objectModel.js"></script>
Ansi based on Dropped File
(orchestrator.html)
<script type="text/javascript" src="./rules.js"></script>
Ansi based on Dropped File
(orchestrator.html)
<SCRIPT type="text/javascript">
Ansi based on Dropped File
(orchestrator.html)
<script type="text/javascript">
Ansi based on Dropped File
(orchestrator.html)
<string id="STRID_CANCEL">Cancel</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_CANCEL_TEXT">Are you sure you want to cancel installation?</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_EULA">If you accept the terms of the agreement, click I Agree to continue. You must accept the agreement to install FrostWire 4.21.3</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_EULA1">www.FrostWire.com</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_NEXT">I Agree</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_Success_Text">The installation has completed successfully.</string> <string id="STRID_Eula_Text">If you do not want to share technical information with ASK, please un_check and click Next</string> <string id="STRID_Optin_Text">By clicking 'NEXT', I agree to the</string> <string id="STRID_AveryLabel2">APN Toolbar</string> <string id="STRID_Downloading_Text">Downloading file</string> <string id="STRID_No_Offer_Text">There is a problem with the installer. Please contact your software provider and inform them of the issue.</string> <string id="STRID_Downloading_Error">There was a problem downloading the files. Please check that you have a valid Internet connection and try again.</string> <string id="STRID_Downloading_Error_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string><string id="STRID_DIC2V5_Loading_Text">Loading Dictionary.com required files...</string> <string id="S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<string id="STRID_TEXT1">Press Page Down to see the rest of the agreement.</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_TITLE">FrostWire Setup</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<stringtable>
Ansi based on Dropped File
(APNAnalytics.xml)
<tc<t_P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<TrayTipTime>2000</TrayTipTime><ShowLoadingScreen>false</ShowLoadingScreen><PreviousX>250</PreviousX><PreviousY>37</PreviousY><CancelX>88</CancelX><CancelY>37</CancelY><MessageUser>false</MessageUser><installpic_x>0</installpic_x><installpic_y>0</installpic_y><downloadpic_x>0</downloadpic_x><downloadpic_y>0</downloadpic_y><installpic_width>594</installpic_width><installpic_height>65</installpic_height><downloadpic_width>594</downloadpic_width><downloadpic_height>65</downloadpic_height><CancelDeclinesOffer>true</CancelDeclinesOffer><NumberOfSecOffersToShow>0</NumberOfSecOffersToShow><Orchestrator>./orchestrator.html?PIPPID=AVR2V6&PTBPartnerID=AVR2V6&tbType=vanilla&version={version}</Orchestrator><CBID>AVX</CBID></GeneralParameters><LanguageParameters><CancelContinue id="default">STRID_CContinue</CancelContinue><CancelForce id="default">STRID_CForce</CancelForce><WaitAndTerminate id="default">STRID_WaitAndTerminate</WaitAndTer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<VeriSign Class 3 Public Primary Certification Authority - G50
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<Width>513</Width>
Ansi based on Dropped File
(APNAnalytics.xml)
= "14:CPU speed less than 1000 MHZ ";;var MachineDiskFreeSpaceLessThan2000MB = "15:64 bit machine Disk free space less than 2000MB ";var MachineDiskFreeSpaceLessThan850MB = "16:32 bit machine Disk free space less than 850MB ";var SystemPhysicalMemoryIsVeryLow = "17:System Physical Memory is very low";var NortonSafeSearchToolbarInstalled = "17:Norton Safe search Toolbar installed";var AnchorFreeUnsupportedOS = "18: AnchorFree unsupported OS XP or Vista 64bit ";var AviraToolbarPresentAskSecureOfferRejected = "19: Avira Toolbar present, Ask secure offer rejected";var AskSecureToolbarPresentAviraOfferRejected = "20:Ask Secure toolbar present, Avira offer rejected";var AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit = "20: Audials offer not eligible as unsupported OS XP 32 or Vista 64
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=(=0=H=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=,=0=4=8=<=D=H=L=P=T=X=\=`=d=h=l=p=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=4=8=<=@=D=H=L=P=T=X=\=`=d=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =(=9=A=I=U=a=i=u=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =(=@=P=T=d=h=l=p=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =@=L=l=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= all_browsers.orBr.toUpperCase(); this.stubversion = "7.0.0"; if (tb_info) { this.tbType = tb_info?tb_info.tb_type:""; this.tbID = tb_info.PID; } }} // Result//// param is in the form: CurrentID|PreviousID-(checkboxID:(true|false)|)*//function UIRule(param) { var return_obj = {}; return_obj.result = 1; return_obj.errorDescription = "Value Was False"; return_obj.display = 0; try { var result = 1;if (show_logger) logger.log("\r\n ****** Frog UI. Parameter " + param); if (show_logger) logger.log ("type of param is " + typeof param); var offer_ids = param.split('-'); if (show_logger) logger.log("offer_ids after split"); if (show_logger) logger.log("offer_ids " + offer_ids); var offer_ids = param.split('-')[0].split('|'); if (show_logger) logger.log(" ---
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=">/>C>j>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=4=<=D=L=T=\=d=l=t=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=4=<=D=L=T=\=d=l=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=4=<=D=L=T=\=d=p=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=8=X=`=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=0=P=X=`=h=p=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=<=L=P=`=d=h=l=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=<=L=P=T=X=\=`=d=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=D=L=T=\=h=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=D=L=X=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=%d time=%.0fms TTL=%d icmp_seq=%u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
='=8=B=P=X=`=i=o=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
='=8=D=I=S=_=d=n=z=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=(=8=c=h=n=u=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=/=8=?=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=:=C=v=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=C=X=f=v=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)>;>^>c>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=*=X=f=o=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=,=<=@=D=L=d=h=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=,=L=T=\=d=l=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=->3>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=0>>>V?c?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=4=V=&?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=8=L=X=`=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=8>E>_>}>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=;=H=P=`=w=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=>7>R>m>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=A>b?y?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=K>h>n>u>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=R> ?B?I?T?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=T?Y?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
> <string id="STRID_Next">Next</string> <string id="STRID_Accept">Accept</string> <string id="STRID_Accept_BCPA">I Accept</string> <string id="STRID_Accept_Continue">Accept and Continue</string><string id="STRID_Install_BCPA">Install</string><string id="STRID_Accept_SFT">I Agree</string> <string id="STRID_Decline">Decline</string> <string id="STRID_Next_FXTV5">Next</string> <string id="STRID_Finish">Next</string> <string id="STRID_Finish2">Finish</string> <string id="STRID_Install">Install</string> <string id="STRID_OK">OK</string> <string id="STRID_Cancel">Cancel</string><string id="STRID_IAgree">I Agree</string> <string id="STRID_Idisagree">I Disagree</string> <string id="STRID_Cancel_Text">Are you sure you want to cancel?</string><string id="STRID_FXTV5_Cancel_Text">Setup is not complete. If you exit now, the program will not be installed. You may run Setup again another time to complete the installation. Exit Setup?</string>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>(>0>4>8><>@>D>H>L>P>T>X>\>d>h>l>p>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>,>D>H>`>d>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>4>8><>D>\>l>p>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >(>0>8>@>H>P>X>`>h>t>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >/>6>C>c>m>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> ?1?K?V?e?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> ?B?N?T?h?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>!>&>6>;>A>G>]>d>q?v?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>!>0>9>?>D>U>c>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>">(>6>J>j>p>{>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>">0>>>j>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>#>->3>F>O>X>^>h>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>#?7?L?_?z?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>#?K?U?`?r?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>,>4><>D>L>T>\>d>l>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>,>4><>D>P>p>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>4>8><>@>D>H>P>h>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>4>8>H>L>P>T>\>t>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>%>*>4>@>E>O>[>`>j>z>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>%>5>;>[>`>v>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>,>0>4>8><>D>\>l>p>t>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>0>H>h>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>0>H>T>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>4>T>`>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>*>8>C>H>^>d>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>+?7?C?I?`?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>,>4><>D>L>T>\>d>l>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>,>4><>H>h>p>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>->2>i>v>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>-?3???J?O?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>/>T>a>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>0?>?H?R?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>3>8>=>o>x>}>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>3>K>Q>j>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4><>D>L>T>\>d>l>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4><>D>L>X>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4>@>`>h>p>x>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4>D>L>`>h>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>6>D>U>d>s>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>8?I?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
>>C>f>x>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>@?K?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
>E>g>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
>FillColorWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>X?]?f?u?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>z><?d?t?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?$?(?0?H?X?\?l?p?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?%?;?A?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?,?L?T?\?d?l?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?0?4?8?@?X?h?l?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?D?L?T?\?d?l?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?(?8?<?@?D?H?L?P?T?X?\?d?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?4?<?D?L?T?\?d?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?4?<?D?L?T?\?d?p?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?4?H?P?T?\?d?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?8?X?`?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?8?X?d?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?6?@?E?a?k?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?%?*?4?@?E?O?[?`?j?v?{?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?,?D?H?`?p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?,?D?T?X?h?l?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?0?8?@?P?X?d?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?;?H?b?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?)?0?=?T?d?k?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?-?R?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
?4?;?C?H?L?P?y?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?4?<?H?l?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?4?<?T?h?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?8?D?d?l?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?<?T?d?t?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
??_??s__,
Ansi based on Image Processing
(screen_0.png)
\8allBrowsersW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Downloads
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Google\Chrome\User Data\Default\Preferences
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\HotspotShield","Publisher",0);}else{ AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);}if(!isEmpty(AFRegistryPath)){return getReasonCode(secondaryOfferInstalled);}} catch(e){}return true;}function isAudialsEligibleOffer(){try{if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){return AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit;}}catch(e){}return true;}function isDealPlyEligibleOffer() {try{var DPRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\DealPly","InstallStatus",0);if(!isEmpty(DPRegistryPath) && DPRegistryPath.toLowerCase() =="ok"){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isUniBlueEligibleOffer() {try{var UBRegistryPath = pipgetRegValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
\Mozilla\Firefox
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\n\t"e",\n\t{\n\t\t"pluribus": "unum"\n\t}\n]' text = JSON.stringify([new Date()], function (key, value) { return this[key] instanceof Date ? 'Date(' + this[key] + ')' : value; }); // text is '["Date(---current time---)"]' JSON.parse(text, reviver) This method parses a JSON text to produce an object or array. It can throw a SyntaxError exception. The optional reviver parameter is a function that can filter and transform the results. It receives each of the keys and values, and its return value is used instead of the original value. If it returns what it received, then the structure is not modified. If it returns undefined then the member is deleted. Example: // Parse the text. Values that look like ISO date strings will // be converted to Date objects. myData = JSON.par
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\prefs.js
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\profiles.ini
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Sessions\1\Windows\ApiPort
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
\shell\open\command\
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\system32\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\ThemeApiPort
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
^pgrfdexW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_^strVersionWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__based(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__cdecl
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__clrcall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__eabi
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__fastcall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__pascal
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__ptr64
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__restrict
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__stdcall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__thiscall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__unaligned
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_cabs
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_Cancel_Install_text">Cancelling this process is not advised. You will need to uninstall via Add/Remove programs.</string> <string id="STRID_Executingfile">PIP Installing...</string><string id="STRID_IE_STRING">*Toolbar installs and browser settings apply in Internet Explorer.</string><string id="STRID_FF_STRING">*Toolbar installs and browser settings apply in Firefox.</string><string id="STRID_CR_STRING">*Toolbar installs and browser settings apply in Chrome.</string><string id="STRID_ALL_STRING">*Toolbar installs and browser settings apply in IE, Firefox and Chrome.</string> </language></stringtable><primary_offers> <offer id = "AVR_ERROR" title="Avery Download" offerType="Static offer" bkgImage="http://ak.pipoffers.apnpartners.com/static/partners/AVR/images/AveryError.png" icUrl="" cancelHeight="23" cancelText="Close" cancelWidth="75" cancelX="97" cancelY="47" icParams="" icProceed="" color="" imagewidth= "594" bgcolor="" imageheight="360" transparency="255" cancelchoose="true
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
_CLASSES_ROOT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_hypot
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_LOCAL_MACHINE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_logb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_logger = window.external.GetObject("logger");
Ansi based on Dropped File
(objectmodel.js)
_nextafter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_PERFORMANCE_DATA
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_Ready
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_TrackMouseEvent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_USER
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`copy constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`default constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`dynamic atexit destructor for '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`dynamic initializer for '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector destructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector vbase constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`G'xcHfQ6X@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`h````
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`local static guard'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local static thread guard'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local vftable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`managed vector constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`managed vector copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`managed vector destructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`omni callsig'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`placement delete closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`ppFontWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`RTTI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`scalar deleting destructor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`string'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`typeof'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`udt returning'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vbase destructor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vbtable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vcall'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`vector constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector deleting destructor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector destructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector vbase constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vftable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`virtual displacement map'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
a = a.split('.');
Ansi based on Dropped File
(rules.js)
A valid JSON document must be either an array or an object value.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
a\shell\open\command\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
abort
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Aborting setuiready, due to cancel
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
about:blank
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Accept
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
achineID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Actual path %s . CreateDirectory last error %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
AD<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="APNInstaller" type="win32"/><description>.NET control deployment tool</description><dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*" /> </dependentAssembly></dependency> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> ...The ID below ind
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
additional six characters expected to parse unicode surrogate pair.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AddressFamily
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AddToFavoritesInitialSelection
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AddToFeedsInitialSelection
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
adingScreen
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
AdjustWindowRectEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Adobe ImageReadyq
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Advapi32.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ADVAPI32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
af-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);
Ansi based on Dropped File
(rules.js)
AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);
Ansi based on Dropped File
(rules.js)
ageButton
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ailed. Invalid Return Type, JSON was Malformed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al error. Error description -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al\PIP_Local_Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al\PIP_UI_Ready_Local
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
all_browsers = all_browsers || JSON.parse(browser.allBrowsers);
Ansi based on Dropped File
(rules.js)
all_browsers.dfBr = defaultBrowser();
Ansi based on Dropped File
(rules.js)
alled
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
AllowSetForegroundWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AllowSetForegroundWindow failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AlphaBlend
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AltBkg
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AltText
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
am-ET
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
am/pm
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
america
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
american
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
american english
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
american-english
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
analytics.xml
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Anchor Color
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Anchor Color Visited
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
and filename of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
and hash of filename
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Another installer is running.Please try the Template Only option on the Avery.com template page.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
any spaces. if (typeof space === 'number') { for (i = 0; i < space; i += 1) { indent += ' '; }// If the space parameter is a string, it will be used as the indent string. } else if (typeof space === 'string') { indent = space; }// If there is a replacer, it must be a function or an array.// Otherwise, throw an error. rep = replacer; if (replacer && typeof replacer !== 'function' && (typeof replacer !== 'object' || typeof replacer.length !== 'number')) { throw new Error('JSON.stringify'); }// Make a fake root object containing our value under the key of ''.// Return the result of stringifying the value. return str('', {'': value}); }; }// If the JSON object does not yet have a parse method, give it one. if (typeof JSON.parse !== 'function')
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
aPIPClientWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apn_pip_local
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
apn_pip_local\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apnanalytics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apnconfig.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apnconfig_en.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNInstaller
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNLog.txt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNPIP
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AppData
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
APPID
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
appliesTo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
April
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ar-IQ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ar-SA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AreThereOffersToDownloadAndExecute : False
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AreThereOffersToDownloadAndExecute : true. Identified fileid:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Arg list too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
arn-CL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
arrParamNames[i] = sParam[0];
Ansi based on Dropped File
(orchestrator.html)
arrParamValues[i] = "No Value";
Ansi based on Dropped File
(orchestrator.html)
arrParamValues[i] = unescape(sParam[1]);
Ansi based on Dropped File
(orchestrator.html)
artup error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
as-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Ask Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ask.com1>0<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AskInstaller
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AskInstaller.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AssocQueryStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
async
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Async attribute specified, skipping wait on process completion.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
atan2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ation
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ATL:%p
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AtlAxWin100
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AtlAxWinLic100
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Attributes
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
August
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
australian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AuthenticodeEnabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AutoConfigURL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AutoDetect
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AutodialDLL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
avascript" src="./rules.js"></script><script type="text/javascript">var primaryTlbrID = getURLParameters("PTBPartnerID");var satTlbrID = getURLParameters("STBPartnerID");var pipPartnerID = getURLParameters("PIPPID");var tbType=getURLParameters("tbType");var version=getURLParameters("version");var hidePtnrSecondaryOffer=getURLParameters("hideSecondary");var paramName;function getURLParameters(paramName) {var sURL = window.document.URL.toString(); if (sURL.indexOf("?") > 0){var arrParams = sURL.split("?"); var arrURLParams = arrParams[1].split("&"); var arrParamNames = new Array(arrURLParams.length);var arrParamValues = new Array(arrURLParams.length); var i = 0;for (i=0;i<arrURLParams.length;i++){var sParam = arrURLParams[i].split("=");arrParamNames[i] = sParam[0];if (sParam[1] != "")arrParamValues[i] = unescape(sParam[1]);elsearrParamValu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ax timeout reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
AXWIN
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AXWIN Frame Window
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AXWIN UI Window
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
az-Latn-AZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
b = b.split('.');
Ansi based on Dropped File
(rules.js)
b(ppDispPIPSOW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ba-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
BackColorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
background
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad address
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad allocation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad cast
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad character: outside Unicode space
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad escape sequence in string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad exception
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad file descriptor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad locale name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad Unicode character
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad Unicode character - unexpected surrogate
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad unicode escape sequence in string: four digits expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad unicode escape sequence in string: hexadecimal digit expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad UTF-8 sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonIconPath
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonIconTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonTip
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BarColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Base Class Array'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BchromeDefaultSearchProviderWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
be-BY
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
beacon
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon HttpOpenRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon HttpSendRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon sent to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon URL incorrect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BeginPaint
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
belgian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bg-BG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
bgcolor
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bgcolor
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BitBlt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bitmap
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BITMAP
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
BitsDownloadFiles
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bkgImage
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
blank
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
blocklistedPartner=blocklistedPartner+" "+primaryTlbrID;
Ansi based on Dropped File
(rules.js)
bn-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
bo-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Boolean.prototype.toJSON = function (key) {
Ansi based on Dropped File
(orchestrator.html)
bpartnerid
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
br-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
break;
Ansi based on Dropped File
(rules.js)
britain
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Broken pipe
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
browser = window.external.GetObject("browserinfo");
Ansi based on Dropped File
(objectmodel.js)
Browser and Toolbar Utils InterfaceWWW(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Browser Info CoClassWW#
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
browserinfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BrowserInfoWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
brtype
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bruary
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bsJP2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
BtnBkg_Back
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Cancel
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Finish
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Next
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
button
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BUTTON
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Button2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
C:\.jenkins\jobs\PIP2.0_INSTALLER\workspace\release\AskInstaller_1_.pdb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
C:\OffercastInstaller_AVR_U_0363_01_P_.exe
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
ca-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Cache
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheLimit
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheMode
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheOk
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheOptions
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CachePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CachePrefix
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheRepair
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
California1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Callback for rules executorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CallWindowProcW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
campaignID
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
canadian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
cancel
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Cancel
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cancel_PIP
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cancelchoose
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelDeclinesOffer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cancellation in progress
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelWaitableTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelX
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelY
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cannot get icmp protocol
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CanPublish returning false
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
case 'boolean':
Ansi based on Dropped File
(orchestrator.html)
case 'null':
Ansi based on Dropped File
(orchestrator.html)
case 'number':
Ansi based on Dropped File
(orchestrator.html)
case 'object':
Ansi based on Dropped File
(orchestrator.html)
case 'string':
Ansi based on Dropped File
(orchestrator.html)
cAskInstallerLibW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
catch(e)
Ansi based on Dropped File
(rules.js)
Category
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cates application support for Windows Vista --> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/> ...The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility></assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
cause no valid offers to display
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ccess
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CEIPEnable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cel for execution progress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
celDialog
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CertCloseStore
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertFindCertificateInStore
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertFreeCertificateContext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertGetNameStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertificateRevocation
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cess handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
cgetCommandLineWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CharLowerBuffW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CharNextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
checkbox
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
checked
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
checkness = checkness.split('|');
Ansi based on Dropped File
(rules.js)
checkness = checkness[checkness.length-1];
Ansi based on Dropped File
(rules.js)
checkness = param.split('-');
Ansi based on Dropped File
(rules.js)
china
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
chinese
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
chinese-hongkong
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-simplified
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-singapore
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-traditional
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chrome
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chrome.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chromeHomePageWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Class
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ClientAuthBuiltInUI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ClientToScreen
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CloseHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Closes the most recently opened block created by a call to groupWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CLSID
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CLSIDFromProgID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CLSIDFromString
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
co-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CoCreateInstance
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoGetClassObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInitializeEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInitializeSecurity
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInternetCombineIUriCacheSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Color
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
color
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
COMCTL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command line
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Command line argument "
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command line arguments - check the log file for details
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Comments must start with /
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CompanyName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CompareFileTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CompareStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Compatible
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Complete Object Locator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Component Categories
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ComputerName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
condition
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Config
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Connecting...
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ConnectTimeOut
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CONOUT$
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ConsoleTracingMask
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Content Type
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Content-Type: application/x-www-form-urlencoded
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
continue
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
continue;
Ansi based on Dropped File
(rules.js)
conTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
control
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
controls
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ConvertSidToStringSidW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cookies
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CopyFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
coree.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CorExitProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoTaskMemAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoTaskMemFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoTaskMemRealloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Could NOT Find Configuration File.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoUninitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cpuSpeed = system.getRegValue("HKLM\\Hardware\\Description\\System\\Centralprocessor\\0","~MHZ",0);
Ansi based on Dropped File
(rules.js)
Create a script object to be injected into the PIP ViewWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Create thread failed in ExecuteAllOfferFiles()
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateAcceleratorTableW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Created by MIDL version 7.00.0555 at Tue Jun 11 16:42:01 2013
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateDIBSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateEventW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFileA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFileMappingW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFontIndirectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFontW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateMutexW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreatePIPSOW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateProcessW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateSO called
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateSolidBrush
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateStreamOnHGlobal
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateToolhelp32Snapshot
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateUriCacheSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CreateWaitableTimerW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateWindowExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CRYPT32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptAcquireContextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptCreateHash
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptDecodeObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptDestroyHash
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptGetHashParam
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptHashData
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptMsgClose
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptMsgGetParam
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptQueryObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptReleaseContext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cs-CZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cs.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
csXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CSystemUtil::getRegValue Failed : UnSupported Variant Type of %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ctedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ctrltype
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ctrlvalue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Current style %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CurrentVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CustomCloseHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CustomCloseWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CustomTitleHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CWDIllegalInDLLSearch
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cx.lastIndex = 0;
Ansi based on Dropped File
(orchestrator.html)
cy-GB
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
czech
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
d = parseInt(a[i], 10) - parseInt(b[i], 10);
Ansi based on Dropped File
(rules.js)
D$$!|$\!|$`
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
D$$Yf;D$4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
D$(9D$ t^h
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
d, yyyy
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
D. USE AT YOUR OWN RISK. See http://www.JSON.org/js.html This code should be minified before deployment. See http://javascript.crockford.com/jsmin.html USE YOUR OWN COPY. IT IS EXTREMELY UNWISE TO LOAD CODE FROM SERVERS YOU DO NOT CONTROL. This file creates a global JSON object containing two methods: stringify and parse. JSON.stringify(value, replacer, space) value any JavaScript value, usually an object or array. replacer an optional parameter that determines how object values are stringified for objects. It can be a function or an array of strings. space an optional parameter that specifies the indentation of nested structures. If it is omitted, the text will be packed without extra whitespace. If it is a number, it will specify the number of spaces to indent at each
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
da-DK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DataBasePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Date.prototype.toJSON = function (key) {
Ansi based on Dropped File
(orchestrator.html)
dddd, MMMM dd, yyyy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
de-DE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DEBUG
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
DebugHeapFlags
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
debugWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
December
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Decline
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
decline:true
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DecodePointer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Default ui ready time out from server %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
default_browser = pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue(defaultbrowserPath,"",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue(defaultbrowserPath,"",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserAppPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserAppPath=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserPath = "HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";
Ansi based on Dropped File
(rules.js)
defaultbrowserPath="HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";
Ansi based on Dropped File
(rules.js)
DefaultScope
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DefaultUiReadyTimeout
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
defBrowser =CHROME;
Ansi based on Dropped File
(rules.js)
defBrowser =FIREFOX;
Ansi based on Dropped File
(rules.js)
defBrowser =IE;
Ansi based on Dropped File
(rules.js)
defBrowser=defaultBrowser.substring(n,defaultBrowser.length-1);
Ansi based on Dropped File
(rules.js)
defBrowser=defBrowser.replace(/[^\w\s]/gi, '');
Ansi based on Dropped File
(rules.js)
DefWindowProcW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
delayInstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
delete
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Delete
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
delete this.cache[i].result;
Ansi based on Dropped File
(rules.js)
delete value[k];
Ansi based on Dropped File
(orchestrator.html)
delete[]
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
DeleteFileA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteMemberByNameWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteRegister:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteUrlCacheEntryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Deleting file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Dependent offer ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
deque<T> too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Description
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DestroyAcceleratorTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DestroyIcon
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DestroyWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dEventmanager running. ThreadID %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DevicePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DialogBoxIndirectParamW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Directory not empty
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Disable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableBasicOverClearChannel
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableImprovedZoneCheck
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableKeepAlive
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableLocalOverride
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableMetaFiles
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisablePassport
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableSecuritySettingsCheck
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableUserModeCallbackFilter
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
diskFreeSize = system.getDiskFreeSize();
Ansi based on Dropped File
(rules.js)
DispatchMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
display
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayDynamicUI()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
displayname
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayOffer()... complete.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayString
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Distribution1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dlg_transparency
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DlgInit
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dNext()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Domain
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DOMAIN error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Domain error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
donwload progress pointer. Skipping progress update.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
download
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download APNAnalytics.xml file failed, attempting to use local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download balloon icon file failed:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download Config.xml file failed, attempting to use local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download file error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download file:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download thread terminated
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadAllDynamicImage()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadAllDynamicImages()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()... return false.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()... return true.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... return false.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... return true.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBtnBkg()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadDefaultBkgFile()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : Empty String For From!!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : Empty String for To!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : NULL the Source or(and) Destination!!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader(BITS)::InitializeBITS::CoInitializeSecurity : Error = 0x%X - %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadScrollFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadSingleFile()... url:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dowPos topmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
dpipoffers.apnpartners.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DPtoLP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
DrawFocusRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DrawTextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
dStopMonitor waitonhandle %0x returning %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Durbanville1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dutch-belgian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dv-MV
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
e terms of the agreement, click I Agree to continue. You must accept the agreement to install FrostWire 4.21.3</string><string id="STRID_EULA1">www.FrostWire.com</string><string id="STRID_NEXT">I Agree</string><string id="STRID_CANCEL">Cancel</string><string id="STRID_CANCEL_TEXT">Are you sure you want to cancel installation?</string></Language> </stringtable> <offereula><offer id = "{cpf1}" title="STRID_TITLE" icUrl="" icParams="" icProceed="" color="" transparency="255" display="true" bkgImage="" imagewidth= "" bgcolor="#EFEBDF" imageheight="" displayname="" switchcontroltype="checkbox"><apps></apps>... UI button controls--><controls><control id="txt1-of10" type="text" text="" width="420" height="190" x="30" y="80" color="" bgcolor="#ffffff" isBold="false"><control id="eula" type="checkbox" text="STRID_EULA" width="400" height="40" x="50" y="90" color="" bgcolor="" checked="false" isBold="true" ctrltype="offer" ctrlvalue="true" subctr=""></control><co
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
e(text, function (key, value) { var a; if (typeof value === 'string') { a =/^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2}(?:\.\d*)?)Z$/.exec(value); if (a) { return new Date(Date.UTC(+a[1], +a[2] - 1, +a[3], +a[4], +a[5], +a[6])); } } return value; }); myData = JSON.parse('["Date(09/09/2001)"]', function (key, value) { var d; if (typeof value === 'string' && value.slice(0, 5) === 'Date(' && value.slice(-1) === ')') { d = new Date(value.slice(5, -1)); if (d) { return d; } } return value; }); This is a reference implementation. You are free to copy, modify, or redistri
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
e+000
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
E_BOX_ID_NO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
E_BOX_ID_YES
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
e_Exit
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ease try the Template Only option on the Avery.com template page.</string><string id="STRID_Access_OfferXml_Fail">There was a problem accessing the offer definition file!</string><string id="STRID_Access_OfferXml_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_OfferXml_Miss">The installation files have been corrupted. Please re-download the application and try again.</string> <string id="STRID_OfferXml_Miss_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_Unexpected_DownLoad_Fail">There was a problem downloading the files. Please check that you have a valid Internet connection and try again.</string><string id="STRID_Unexpected_DownLoad_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string><string id="STRI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
easonCode=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
eBalloonIconPath
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ed to set recv timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
efaultBrowser out
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
EgetDiskFreeSizeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
eGetExitCode returning %d Remote process exitcode %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ekernel32.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
el-GR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
else if (offer_type.indexOf("toolbar") >= 0)
Ansi based on Dropped File
(rules.js)
Empty escape sequence in string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
en-US
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableConsoleTracing
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Enabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
enabled
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EnableFileTracing
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableHttp1_1
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableNegotiate
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnablePunycode
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
encode
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
EncodePointer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
encoding
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
encoding="
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
encoding="%s"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EndDialog
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EndPaint
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
england
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
english-american
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-aus
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-belize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-can
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-caribbean
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-ire
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-jamaica
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-nz
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-south africa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-trinidad y tobago
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-uk
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-us
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-usa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EnterCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EnumSystemLocalesA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
er 2k3
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er 2k3 R2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er 2k8 r2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er : Empty String for To!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er result not provided.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ercast - APN Install Manager
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ERCENT}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
error
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ERROR
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Error description not provided
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error document empty.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error end tag.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error in command line arguments - check the log file for details
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error null (0) or unexpected EOF found in input stream.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing CDATA.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Comment.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Declaration.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Element.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Unknown.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error reading Attributes.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error reading Element value.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error when TiXmlDocument added to document, because TiXmlDocument can only be at the root.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error: empty tag.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
errorDescription
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
errorWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ers must be finite. Encode non-finite numbers as null. return isFinite(value) ? String(value) : 'null'; case 'boolean': case 'null':// If the value is a boolean or null, convert it to a string. Note:// typeof null does not produce 'null'. The case is included here in// the remote chance that this gets fixed someday. return String(value);// If the type is 'object', we might be dealing with an object or an array or// null. case 'object':// Due to a specification blunder in ECMAScript, typeof null is 'object',// so watch out for that case. if (!value) { return 'null'; }// Make an array to hold the partial results of stringifying this object value. gap += indent; partial = [];// Is the value an array? if (Object.prototype.toString.apply(value) === '[object Array]') {// The value is an array. Stringify every element. Use null as a plac
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ersion. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ersion}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
erver
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
es-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
es-ES_tradnl
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
Ansi based on Dropped File
(orchestrator.html)
escapable.lastIndex = 0;
Ansi based on Dropped File
(orchestrator.html)
esday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
et-EE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
et_browser || CanBeInstalled("cr", true);//target_browser = CanBeInstalled(target_browser); if (target_browser) { return_JSON = new Result(target_browser, all_browsers, true, toolbar_to_be_installed); return_JSON.errorDescription = ""; } else { return_JSON = new Result(target_browser, all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; if (offertype_is_toolbar) --primary_toolbar_ok_to_present; } if (show_logger) logger.log("\r\n********** V7 Stringified JSON " + JSON.stringify(return_JSON)); if (return_JSON.result !== 0) { if (primary_toolbar_ok_to_present === 1) primary_toolbar_ok_to_present = 0; } toolbar_to_be_installed.browser = target_browser; Offers.StoreResult(offer_id, return_JSON, toolbar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
eu-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Event manager thread not active
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Event manager thread still active
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Eventmanager running. ThreadID %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
eviousWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
eviousX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
eWait on thread handle result %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exec format error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
execute
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExecuteAllOfferFiles()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExecuteSingleFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Executing file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Executing file:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
exitCode
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
exiting
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exiting because no valid offers to display
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exiting FinishUIOffer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExitProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
exp10
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
expecting another \u token to begin the second half of a unicode surrogate pair
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Export
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
exts together, separated with commas,// and wrap them in braces. v = partial.length === 0 ? '{}' : gap ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' : '{' + partial.join(',') + '}'; gap = mind; return v; } }// If the JSON object does not yet have a stringify method, give it one. if (typeof JSON.stringify !== 'function') { JSON.stringify = function (value, replacer, space) {// The stringify method takes a value and an optional replacer, and an optional// space parameter, and returns a JSON text. The replacer can be a function// that can replace values, or an array of strings that will select the keys.// A default replacer method can be provided. Use of the space parameter can// produce text that is more easily readable. var i; gap = ''; indent = '';// If the space parameter is a number, make an indent string containing that//
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
f("keyword.URL", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
f(this.getUTCDate()) + 'T' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCHours()) + ':' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCMinutes()) + ':' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCMonth() + 1) + '-' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCSeconds()) + 'Z' : null;
Ansi based on Dropped File
(orchestrator.html)
F-16LE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
F=ieVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
fa-IR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
failed
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to execute file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get Chrome version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get FF DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get FF Hpr value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get Firefox version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get GChrome DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get GChrome HPR value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE default Search provider. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE Hpr value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get memory status. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to open file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to read Element name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed to set recv timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed to set send timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed, with Error of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid JSON, no result member or resultString, was returned.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, JSON was Malformed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, Return String Was NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, was not of type BSTR but
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Reason code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Return type
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FailureText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
false
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
falseparams
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
falseValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Feature_ClientAuthCertFilter
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
February
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fers_Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fers_Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ffDefaultSearchProviderWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ffer ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ffer_ids -- " + offer_ids[0] + " : " + offer_ids[1]); var checkness; checkness = param.split('-'); if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); checkness = checkness[checkness.length-1]; if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); checkness = checkness.split('|'); if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); for (var i = 0; i < checkness.length; ++i) { if (checkness[i].search("oi") >= 0) { if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness[i])); var checkness_parts = checkness[i].split(':'); if (checkness_parts[1] == "true") { if (show_logger) logger.log(" --- checkyness is true "); return_obj.errorDescription = "";
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ffHomePageWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ffVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
fi-FI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
figXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fil-PH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
File #
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File exists
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File Name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
file name:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File too large
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FileDescription
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FileDirectory
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
fileid
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Filename too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FileTracingMask
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FileVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FillRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
FindClose
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindFirstFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindNextFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindResourceExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindResourceW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindWindowW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finish
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
finish
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Finished Parsing offer xml file.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished Parsing the config.xml file, ... show previous :
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished saving offer state for offer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished successfully executing file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FinshUIOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Fire the rules callback functionWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
firefox
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
firefox.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FireRulesCallbackWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
floor
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
FlsAlloc
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsFree
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsGetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsSetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlushFileBuffers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlushInstructionCache
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
fo-FO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FolderTypeID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
fontsize
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
for (++i; i < this.cache.length; ++i)
Ansi based on Dropped File
(rules.js)
for (i = 0; i < length; i += 1) {
Ansi based on Dropped File
(orchestrator.html)
for (i = 0; i < partners.length; ++i)
Ansi based on Dropped File
(rules.js)
for (i = 0; i < space; i += 1) {
Ansi based on Dropped File
(orchestrator.html)
for (i=0; i<l; i++) {
Ansi based on Dropped File
(rules.js)
for (i=0;i<arrURLParams.length;i++)
Ansi based on Dropped File
(orchestrator.html)
for (k in value) {
Ansi based on Dropped File
(orchestrator.html)
for (key in checkObj) {
Ansi based on Dropped File
(rules.js)
for (name in obj)
Ansi based on Dropped File
(rules.js)
for (name in pids)
Ansi based on Dropped File
(rules.js)
for (var i = 0, N = installed_toolbars.length; i < N; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0, N = installed_toolbars.length; i < N; ++i) { if (installed_toolbars[i].browser == p_browser) toolbars_on_browser.push(installed_toolbars[i]); } if (toolbars_on_browser.length == 0) { if (show_logger) logger.log(" Toolbars on Browser == 0 return " + p_browser + "\n"); return p_browser; } if (toolbars_on_browser[0].PID == toolbar_to_be_installed.PID) { if (show_logger) logger.log(" PID === PID : " + toolbars_on_browser[0].PID + " : " + toolbar_to_be_installed.PID + "\n"); reasonString = PIDsAreSameOnSameBrowser + ", Browser " + p_browser + " PIDS [" + toolbar_to_be_installed.PID + "]"; return ""; } if (toolbars_on_browser.length >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER) { if (show_logger) logger.log(" >= MAX_NUMBER
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
for (var i = 0; i < checkness.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < installed_toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < list_1.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < lu_table.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < offers_gen_params.offers.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < p_installed_toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < p_toolbartypes.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < this.cache.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i=0; i < jsonString.makeofferdisabled.length; i++) {
Ansi based on Dropped File
(rules.js)
for (var j = 0; j < jsonString.blocklistedPartners.length; ++j)
Ansi based on Dropped File
(rules.js)
for (var j = 0; j < list_2.length; ++j)
Ansi based on Dropped File
(rules.js)
for DefaultUiReadyTimeout returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
for(var i=0; i<incumbentTlbrList.length;i++){
Ansi based on Dropped File
(rules.js)
for(var i=0; i<installedPartners.length;i++){
Ansi based on Dropped File
(rules.js)
for(var i=0; i<installedToolbars.length;i++){
Ansi based on Dropped File
(rules.js)
for(var j=0; j<jsonString.blocklistedPartners.length;j++){
Ansi based on Dropped File
(rules.js)
for(var k=0; k<incPartners.length;k++){
Ansi based on Dropped File
(rules.js)
ForceRemove
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ForeColorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
format
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FormatMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
fr-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FreeEnvironmentStringsW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FreeLibrary
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-belgian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-canadian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-luxembourg
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
frexp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Friday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
FromCacheTimeout
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
fs.js
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ftware\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
function askSecureToolbarCheck(){
Ansi based on Dropped File
(rules.js)
function aviraToolbarInstallCheck(){
Ansi based on Dropped File
(rules.js)
function CanBeInstalled(p_browser, run_cycle) // ==> string
Ansi based on Dropped File
(rules.js)
function CascadeThroughBrowsers(p_browser, cascade_count) // ==> string
Ansi based on Dropped File
(rules.js)
function CheckForBlockedPID()
Ansi based on Dropped File
(rules.js)
function checkOverinstall() {
Ansi based on Dropped File
(rules.js)
function checkPrimaryTlbrOffered() {
Ansi based on Dropped File
(rules.js)
function checkPrimaryToolbarOffered(){
Ansi based on Dropped File
(rules.js)
function checkV5ToolbarInstalled(){
Ansi based on Dropped File
(rules.js)
function CheckVersion(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function clientSupported() {
Ansi based on Dropped File
(rules.js)
function cmpVersions (a, b) {
Ansi based on Dropped File
(rules.js)
function CommandLineBrowser()
Ansi based on Dropped File
(rules.js)
function defaultBrowser()
Ansi based on Dropped File
(rules.js)
function DefaultBrowser()
Ansi based on Dropped File
(rules.js)
function f(n) {
Ansi based on Dropped File
(orchestrator.html)
function getIncbumbentRegPath(partnersID){
Ansi based on Dropped File
(rules.js)
function getIncumbentPartners() {
Ansi based on Dropped File
(rules.js)
function GetInstalledToolbars()
Ansi based on Dropped File
(rules.js)
function GetOfferID(param)
Ansi based on Dropped File
(rules.js)
function getProductVersion(productCode){
Ansi based on Dropped File
(rules.js)
function getReasonCode(reasonDescription) {
Ansi based on Dropped File
(rules.js)
function GetToolbarInfo(p_offer_id)
Ansi based on Dropped File
(rules.js)
function GetToolbarsOnBrowser(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function getURLParameters(paramName)
Ansi based on Dropped File
(orchestrator.html)
function incumbantAVIRACheck(p_installed_toolbars, p_toolbar_to_be_installed)
Ansi based on Dropped File
(rules.js)
function init() {
Ansi based on Dropped File
(objectmodel.js)
function InstallCheck(param)
Ansi based on Dropped File
(rules.js)
function is64Bit(){
Ansi based on Dropped File
(rules.js)
function isAnchorFreeEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isAskSecureOfferEligible () {
Ansi based on Dropped File
(rules.js)
function isAudialsEligibleOffer(){
Ansi based on Dropped File
(rules.js)
function isAviraV5UpgTlbrOffered(){
Ansi based on Dropped File
(rules.js)
function isBlockListed(tlbrID) {
Ansi based on Dropped File
(rules.js)
function isCPUSpeedComp() {
Ansi based on Dropped File
(rules.js)
function isDealPlyEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isDiskSpaceComp(){
Ansi based on Dropped File
(rules.js)
function isEmpty (checkObj) {
Ansi based on Dropped File
(rules.js)
function isLatestClient(clientversion) {
Ansi based on Dropped File
(rules.js)
function isObjEmpty(obj)
Ansi based on Dropped File
(rules.js)
function isOSServicePackCompatible() {
Ansi based on Dropped File
(rules.js)
function isPalTalkEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isProntoEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isProntoEligibleOfferForIE(){
Ansi based on Dropped File
(rules.js)
function isSaturationInstalled(partnerid) {
Ansi based on Dropped File
(rules.js)
function isSaturationOffer(offer_id)
Ansi based on Dropped File
(rules.js)
function isSpeedCheckerInstalled() {
Ansi based on Dropped File
(rules.js)
function isSuperFishEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isSupportedBrowser(partnerID) {
Ansi based on Dropped File
(rules.js)
function isSupportedOS() {
Ansi based on Dropped File
(rules.js)
function isUniBlueEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isUniquePIDOnMachine(installed_toolbars, to_be_pid)
Ansi based on Dropped File
(rules.js)
function isV5TlbrEligible(){
Ansi based on Dropped File
(rules.js)
function isV5ToolbarOffered(){
Ansi based on Dropped File
(rules.js)
function isV6TlbrEligible() {
Ansi based on Dropped File
(rules.js)
function load() {
Ansi based on Dropped File
(orchestrator.html)
function LookupTable(tb_info)
Ansi based on Dropped File
(rules.js)
function makeoffer(partnerID) {
Ansi based on Dropped File
(rules.js)
function MoreToCascade(cascade_count, potential_browser, run_cycle) // ==> bool
Ansi based on Dropped File
(rules.js)
function nortonToolbarCheck() {
Ansi based on Dropped File
(rules.js)
Function not implemented
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
function offerV6SaturationToolbar(){
Ansi based on Dropped File
(rules.js)
function OriginBrowser()
Ansi based on Dropped File
(rules.js)
function partneridfunc(){
Ansi based on Dropped File
(rules.js)
function PIDOnBlockedList(p_toolbartypes) // ==> bool
Ansi based on Dropped File
(rules.js)
function pipgetRegValue(registryPath,regValue,n){
Ansi based on Dropped File
(rules.js)
function preCheckSecondaryOffer() {
Ansi based on Dropped File
(rules.js)
function PrimarySaturationCheck(offer_id)
Ansi based on Dropped File
(rules.js)
function quote(string) {
Ansi based on Dropped File
(orchestrator.html)
function Reporting()
Ansi based on Dropped File
(rules.js)
function Result(target_browser, all_browsers, t_f)
Ansi based on Dropped File
(rules.js)
function secondaryOfferCheck(){
Ansi based on Dropped File
(rules.js)
function str(key, holder) {
Ansi based on Dropped File
(orchestrator.html)
function summaryRule(param) {
Ansi based on Dropped File
(rules.js)
function TbTypesIntersect (tb_type_1, tb_type_2)
Ansi based on Dropped File
(rules.js)
function ToolbarInfo(p_PID, p_tb_type, p_browser)
Ansi based on Dropped File
(rules.js)
function toolbarsHaveTypeBlock(toolbars)
Ansi based on Dropped File
(rules.js)
function UIRule(param)
Ansi based on Dropped File
(rules.js)
function UniquePIDTbType()
Ansi based on Dropped File
(rules.js)
function v5incumbentPartnerCheck(partnerids){
Ansi based on Dropped File
(rules.js)
function v6eligibleChecklist(partnerID,incPartners){
Ansi based on Dropped File
(rules.js)
function v6incumbentPartnerCheck(partner){
Ansi based on Dropped File
(rules.js)
function v6installChecker() {
Ansi based on Dropped File
(rules.js)
function v7installChecker(param)
Ansi based on Dropped File
(rules.js)
function ValidBrowser(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function walk(holder, key) {
Ansi based on Dropped File
(orchestrator.html)
function(ruleName){
Ansi based on Dropped File
(orchestrator.html)
fy-NL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
g(16)).slice(-4); }); }// In the second stage, we run the text against regular expressions that look// for non-JSON patterns. We are especially concerned with '()' and 'new'// because they can cause invocation, and '=' because it can cause mutation.// But just to be safe, we want to reject all unexpected forms.// We split the second stage into 4 regexp operations in order to work around// crippling inefficiencies in IE's and Safari's regexp engines. First we// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we// replace all simple value tokens with ']' characters. Third, we delete all// open brackets that follow a colon or comma or that begin the text. Finally,// we look to see that the remaining characters are only whitespace or ']' or// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval. if (/^[\],:{}\s]*$/ .test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@')
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
g_transparency
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ga-IE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
galCopyright
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
gap += indent;
Ansi based on Dropped File
(orchestrator.html)
gap = '';
Ansi based on Dropped File
(orchestrator.html)
gap = mind;
Ansi based on Dropped File
(orchestrator.html)
GB()...[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
gd-GB
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
GDI32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipBitmapLockBits
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipBitmapUnlockBits
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipCloneImage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipCreateBitmapFromFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipCreateBitmapFromScan0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipDeleteGraphics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipDisposeImage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipDrawImageI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GdipGetImageGraphicsContext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImageHeight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImagePalette
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImagePaletteSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImagePixelFormat
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImageWidth
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
gdiplus.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdiplusShutdown
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdiplusStartup
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GeneralParameters
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Generation
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
generic
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
german-austrian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-lichtenstein
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-luxembourg
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Commandline of current process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Firefox browser4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Google Chrome browserWW*
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Internet Explorer browserWW.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get File or Directory in MBWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get free disk space in MBW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Home Page in Firefox browserWW&
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Home Page in Google Chrome browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Home Page in Internet Explorer browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
get icmp protocol
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Get object from ScriptObject Map using object name as keyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Product InfoWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Product VersionWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get registry value
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get the current logging levelW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Total Physical Memory StatusWW"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Firefox browser$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Google Chrome browserWW8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Internet Explorer browserWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetACP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetActiveWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetBkColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCapture
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetChromeIncumbentDSProvider in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetChromeIncumbentHPR in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClassInfoExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClassNameW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClientRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCommandLineW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetConsoleCP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetConsoleMode
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCPInfo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCursorPos
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDateFormatA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetDefaultBrowser in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser out
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser vista
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser xp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDesktopWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDeviceCaps
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDIBColorTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDiskFreeSpaceExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDispIDWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDlgCtrlID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDlgItem
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDownloadProgress percent %I64d bytesTransferred %I64d total %I64d @ %I64dB/s result %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCode returning %d Remote process exitcode %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCodeProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCodeThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFFIncumbentDSProvider in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFFIncumbentHPR in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileAttributesW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getFileOrDirSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileType
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFocus
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetLastActivePopup
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLastError
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocaleInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocalTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMemberNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMemberPropertiesW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMenu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetMessagePos
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetModuleHandleW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMonitorInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetNameSpaceParentWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetNextDispIDWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetObjectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getObjectWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetOEMCP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
getOffersWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetOfferUIControl()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetParent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPartnerID()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPrivateProfileSectionA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPrivateProfileSectionNamesA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPrivateProfileStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcAddress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcessHeap
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getProductInfoWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getProductVersionWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Gets the offer attributesW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetServer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStartupInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStdHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStockObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStringTypeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSysColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemDefaultLCID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemInfo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemMetrics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTempPathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTextColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTickCount
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTimeFormatA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTimeZoneInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTokenInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getTotalPhysicalMemoryWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetUserDefaultLCID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetUserObjectInformationW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetVersion
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetVersionExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowLongW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowsDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowTextLengthW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowTextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowThreadID failed last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowThreadProcessId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GHuwchpH!0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
gl-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Global\PIP_Cancel
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Local_Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Mutex
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Remote_Exit
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Data
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Local
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Remote
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalLock
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalMemoryStatusEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalUnlock
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
google:baseURL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
great britain
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GROUP
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
groupEnd@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
groupWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
gsw-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
gu-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
guage={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
h %s . CreateDirectory last error %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
h params
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
h(((( H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ha-Latn-NG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
HandleDownloads
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents returning %s further.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents returning abort. LastError %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents. EventID %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_local_error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_remote_data
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling remote exit event
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling remote process exited.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
he block list";var BlockListV6IncumbentToolbarIsListedInLockList = "6:Block list v6 - incumbent toolbar is listed as block list ";var v5Offerpresented = "7:Saturation offer was not made because primary offer was made";var SideBySideLimitExceeded = "8:Side by side limit exceeded";var secondaryOfferRejected = "9:Secondary offer rejected as Primary or Saturation offer was made";var precheckSecondary = "10:Secondary offer rejected as Manycam Saturation offer was made";var secondaryOfferInstalled = "11:Secondary Offer was not made as offer already exists";var UnsupportedOSXP64bit = "11:Unsupported OS XP 64 bit";var XPServicePackNotCompatible = "13:XP Service Pack not compatible ";var CPUSpeedLessThan1000MHZ
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
he-IL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
HeapAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapCreate
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapDestroy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
HeapReAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapSetInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
height
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Height
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HelperDllName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
HH:mm:ss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
hi-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hidden
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
HideEula
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hidePIP
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HideTitleBar
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Hiding eula disclosure based on setting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Hiding last offer screen
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hIPIPClientWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
History
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
HKCU{Software{Classes
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CLASSES_ROOT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CLASSES_ROOT\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_CONFIG
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_USER
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_DYN_DATA
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_LOCAL_MACHINE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_PERFORMANCE_DATA
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_USERS
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
holder// for non-JSON values. length = value.length; for (i = 0; i < length; i += 1) { partial[i] = str(i, value) || 'null'; }// Join all of the elements together, separated with commas, and wrap them in// brackets. v = partial.length === 0 ? '[]' : gap ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' : '[' + partial.join(',') + ']'; gap = mind; return v; }// If the replacer is an array, use it to select the members to be stringified. if (rep && typeof rep === 'object') { length = rep.length; for (i = 0; i < length; i += 1) { if (typeof rep[i] === 'string') { k = rep[i]; v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
holland
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
hong-kong
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
host run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
host/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Hostname
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hr-HR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hread lock error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
HRESULT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hsb-DE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
http://
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ak.pipoffers.apnpartners.com/static/partners/{partnerid}/APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://localhost/APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://localhost/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.thawte.com0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.verisign.com0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.verisign.com0;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ts-ocsp.ws.symantec.com07
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://www.163.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http\shell\open\command\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpOpenRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpOpenRequestW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpQueryInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https://www.verisign.com/cps0*
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https://www.verisign.com/rpa0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpSendRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpSendRequestW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ht|HtWHt>h
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hu-HU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hy-AM
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hyperlink
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
i = 0;
Ansi based on Dropped File
(rules.js)
IBrowserInfox
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icParams
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icProceed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icrosoft\Internet Explorer\SearchScopes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
icUrl
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
id-ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IDispatch error #%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IDispatchExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IdnEnabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ieDefaultSearchProviderWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ieHomePageWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IETldDllVersionHigh
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldDllVersionLow
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldVersionHigh
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldVersionLow
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
iexec.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iexplore
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iexplore.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
if ( parseInt(toolbarDisableFlag) == 64 || parseInt(toolbarDisableFlag) == 1){
Ansi based on Dropped File
(rules.js)
if (!all_browsers.dfBr)
Ansi based on Dropped File
(rules.js)
if (!isEmpty(partners))
Ansi based on Dropped File
(rules.js)
if (!isObjEmpty(ps_check))
Ansi based on Dropped File
(rules.js)
if (!isOSServicePackCompatible()) {
Ansi based on Dropped File
(rules.js)
if (!isSupportedOS() || !isOSServicePackCompatible())
Ansi based on Dropped File
(rules.js)
if (!isSupportedOS()) return false;
Ansi based on Dropped File
(rules.js)
if (!JSON) {
Ansi based on Dropped File
(orchestrator.html)
if (!offer_id)
Ansi based on Dropped File
(rules.js)
if (!p_browser)
Ansi based on Dropped File
(rules.js)
if (!param)
Ansi based on Dropped File
(rules.js)
if (!run_cycle)
Ansi based on Dropped File
(rules.js)
if (!this.cache)
Ansi based on Dropped File
(rules.js)
if (!UniquePIDTbType())
Ansi based on Dropped File
(rules.js)
if (!value) {
Ansi based on Dropped File
(orchestrator.html)
if ((p_installed_toolbars[i].PID.substring(0, 4) === "AVR-") ||
Ansi based on Dropped File
(rules.js)
if (/^[\],:{}\s]*$/
Ansi based on Dropped File
(orchestrator.html)
if (all_browsers && all_browsers.cr)
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.ff)
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.ie)
Ansi based on Dropped File
(rules.js)
if (browsers)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_CR") > 0)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_FF") > 0)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_IE") > 0)
Ansi based on Dropped File
(rules.js)
if (cascade_count <= 0)
Ansi based on Dropped File
(rules.js)
if (cascade_count >= 3)
Ansi based on Dropped File
(rules.js)
if (cascade_count >=3)
Ansi based on Dropped File
(rules.js)
if (CheckForBlockedPID(reasonString))
Ansi based on Dropped File
(rules.js)
if (checkness[i].search("oi") >= 0)
Ansi based on Dropped File
(rules.js)
if (checkness_parts[1] == "true")
Ansi based on Dropped File
(rules.js)
if (checkObj === "" || checkObj === 0 || checkObj === "0" || checkObj === null || checkObj === false || typeof checkObj === 'undefined') {
Ansi based on Dropped File
(rules.js)
if (cpuSpeed<1000){
Ansi based on Dropped File
(rules.js)
if (current_time > CUTOVER_DATE)
Ansi based on Dropped File
(rules.js)
if (cx.test(text)) {
Ansi based on Dropped File
(orchestrator.html)
if (d !== 0) {
Ansi based on Dropped File
(rules.js)
if (i > 0) pid_str += ",";
Ansi based on Dropped File
(rules.js)
if (i >= MAX_NUMBER_OF_TOOLBARS_ON_MACHINE)
Ansi based on Dropped File
(rules.js)
if (incumbant_AVIRA)
Ansi based on Dropped File
(rules.js)
if (incumbantAVIRACheck(installed_toolbars, toolbar_to_be_installed))
Ansi based on Dropped File
(rules.js)
if (installed_toolbars.length && isUniquePIDOnMachine(installed_toolbars, toolbar_to_be_installed.PID))
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].browser == p_browser)
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].PID != toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].PID == toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (isBlockListed(satTlbrID))
Ansi based on Dropped File
(rules.js)
if (isSaturationInstalled(partnerid))
Ansi based on Dropped File
(rules.js)
if (isSaturationOffer(offer_id))
Ansi based on Dropped File
(rules.js)
if (jsonString.blocklistedPartners.length === 0)
Ansi based on Dropped File
(rules.js)
if (jsonString.blocklistedPartners[j] === p_toolbartypes[i])
Ansi based on Dropped File
(rules.js)
if (list_1[i].toLowerCase() == list_2[j].toLowerCase())
Ansi based on Dropped File
(rules.js)
if (lu_table[i][0] === p_browser)
Ansi based on Dropped File
(rules.js)
if (name === toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (Object.prototype.hasOwnProperty.call(value, k)) {
Ansi based on Dropped File
(orchestrator.html)
if (Object.prototype.toString.apply(value) === '[object Array]') {
Ansi based on Dropped File
(orchestrator.html)
if (objectModel.initialized === false && typeof window !== "undefined" &&
Ansi based on Dropped File
(objectmodel.js)
if (offer_id)
Ansi based on Dropped File
(rules.js)
if (offer_type.indexOf("saturation") >= 0)
Ansi based on Dropped File
(rules.js)
if (Offers.Check(offer_id))
Ansi based on Dropped File
(rules.js)
if (offers_gen_params && offers_gen_params.GeneralParameters && offers_gen_params.GeneralParameters.TrackID)
Ansi based on Dropped File
(rules.js)
if (offers_gen_params.offers[i].id === offer_id)
Ansi based on Dropped File
(rules.js)
if (offers_gen_params.offers[i].id === p_offer_id)
Ansi based on Dropped File
(rules.js)
if (offertype_is_toolbar)
Ansi based on Dropped File
(rules.js)
if (p_browser != "ie" && p_browser != "ff" && p_browser != "cr")
Ansi based on Dropped File
(rules.js)
if (p_browser == "cr")
Ansi based on Dropped File
(rules.js)
if (p_browser == "ff")
Ansi based on Dropped File
(rules.js)
if (p_browser == "ie")
Ansi based on Dropped File
(rules.js)
if (p_toolbar_to_be_installed.PID.substring(0, 6) === "AVIRA-")
Ansi based on Dropped File
(rules.js)
if (p_toolbar_to_be_installed.tb_type.toLowerCase() === "secure")
Ansi based on Dropped File
(rules.js)
if (PIDOnBlockedList(PIDs_on_Machine) || PIDOnBlockedList(PID_to_be_installed) )
Ansi based on Dropped File
(rules.js)
if (potential_browser)
Ansi based on Dropped File
(rules.js)
if (primary_toolbar_ok_to_present && is_saturation_offer)
Ansi based on Dropped File
(rules.js)
if (primary_toolbar_ok_to_present === 1)
Ansi based on Dropped File
(rules.js)
if (r1)
Ansi based on Dropped File
(rules.js)
if (r1[0].length === 3)
Ansi based on Dropped File
(rules.js)
if (rep && typeof rep === 'object') {
Ansi based on Dropped File
(orchestrator.html)
if (replacer && typeof replacer !== 'function' &&
Ansi based on Dropped File
(orchestrator.html)
if (replacer && typeof replacer !== 'function' && (typeof replacer !== 'object' || typeof replacer.length !== 'number')) { throw new Error('JSON.stringify'); }// Make a fake root object containing our value under the key of ''.// Return the result of stringifying the value. return str('', {'': value}); }; }// If the JSON object does not yet have a parse method, give it one. if (typeof JSON.parse !== 'function') { JSON.parse = function (text, reviver) {// The parse method takes a text and an optional reviver function, and returns// a JavaScript value if the text is a valid JSON text. var j; function walk(holder, key) {// The walk method is used to recursively walk the resulting structure so// that modifications can be made. var k, v, value = holder[key]; if (value && typeof value === 'object'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if (result === false)
Ansi based on Dropped File
(rules.js)
if (result === true)
Ansi based on Dropped File
(rules.js)
if (return_JSON.result !== 0)
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log ("type of param is " + typeof param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log (JSON.stringify(return_obj));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness[i]));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness is true ");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- offer_ids -- " + offer_ids[0] + " : " + offer_ids[1]);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- Enter InstallCheck with param of : " + JSON.stringify(param));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER \n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" PID === PID : " + toolbars_on_browser[0].PID + " : " + toolbar_to_be_installed.PID + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" PID on Blocked List: " + JSON.stringify(PIDs_on_Machine) + " and " + JSON.stringify(toolbar_to_be_installed) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" Toolbars on Browser == 0 return " + p_browser + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" CheckVersion of Chrome");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" CheckVersion of Chrome, version : " + version);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\nCanBeInstalled :<" + p_browser + ">\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n ****** Frog UI. Parameter " + param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n ****** UI rule. Parameter " + param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n All browsers values: " + JSON.stringify(all_browsers) + " : ");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n********** V7 Stringified JSON " + JSON.stringify(return_JSON));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n******Error*****" + e.message);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Actual Param " + param + " *******Returned offers " + JSON.stringify(offers_gen_params) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("CheckVersion :<" + p_browser + ">");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("offer_ids " + offer_ids);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("offer_ids after split");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("RETURN RESULT FOR V6 CALL : " + JSON.stringify(return_JSON));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Toolbar To Be Installed : " + JSON.stringify(toolbar_to_be_installed) + "\n");
Ansi based on Dropped File
(rules.js)
if (sParam[1] != "")
Ansi based on Dropped File
(orchestrator.html)
if (sURL.indexOf("?") > 0)
Ansi based on Dropped File
(orchestrator.html)
if (target_browser)
Ansi based on Dropped File
(rules.js)
if (tb_info)
Ansi based on Dropped File
(rules.js)
if (TbTypesIntersect(installed_toolbars[i].tb_type, toolbar_to_be_installed.tb_type))
Ansi based on Dropped File
(rules.js)
if (this.cache[i].id === offer_id)
Ansi based on Dropped File
(rules.js)
if (this.cache[i].result)
Ansi based on Dropped File
(rules.js)
if (this.cache[i].tb_info && this.cache[i].tb_info.PID)
Ansi based on Dropped File
(rules.js)
if (toolbar_id.indexOf("-SAT") > 0)
Ansi based on Dropped File
(rules.js)
if (toolbars[i].tb_type === "blocked")
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser) toolbars_on_browser += ";"
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser.length == 0)
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser.length >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER)
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser[0].PID == toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (toolbarsHaveTypeBlock(to_be_installed) || toolbarsHaveTypeBlock(installed_toolbars) )
Ansi based on Dropped File
(rules.js)
if (typeof checkObj == 'object') {
Ansi based on Dropped File
(rules.js)
if (typeof Date.prototype.toJSON !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof JSON.parse !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof JSON.stringify !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof rep === 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof rep[i] === 'string') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof space === 'number') {
Ansi based on Dropped File
(orchestrator.html)
if (v !== undefined) {
Ansi based on Dropped File
(orchestrator.html)
if (v) {
Ansi based on Dropped File
(orchestrator.html)
if (value && typeof value === 'object' &&
Ansi based on Dropped File
(orchestrator.html)
if (value && typeof value === 'object') {
Ansi based on Dropped File
(orchestrator.html)
if (version > 0)
Ansi based on Dropped File
(rules.js)
if (version > 2)
Ansi based on Dropped File
(rules.js)
if (version > 6)
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 )
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {
Ansi based on Dropped File
(rules.js)
if(!askSecureToolbarCheck()){
Ansi based on Dropped File
(rules.js)
if(!clientSupported()){
Ansi based on Dropped File
(rules.js)
if(!clientSupported()){return getReasonCode(OldClientAskSecureOfferNotSupported);}if(!isCPUSpeedComp()){return getReasonCode(reasonString);}if(!isDiskSpaceComp()){return getReasonCode(reasonString);}if(!nortonToolbarCheck()){return getReasonCode(reasonString);}if(!v6incumbentPartnerCheck("AVIRA-") || !v5incumbentPartnerCheck("AVR-")){return getReasonCode(AviraToolbarPresentAskSecureOfferRejected);}}catch(e){}primaryToolbarOfferFlag=true;v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}var offers_gen_params;var all_browsers;var installed_toolbars;var toolbar_to_be_installed;var CUTOVER_DATE = new Date(2013, 05, 26);//var CUTOVER_DATE = new Date(2010, 06, 01);var primary_toolbar_ok_to_present = 1;var show_logger = true;//// Keeps a cache of offers, by offer id. This will be useful if for previous/next.// If we come back to the same page, the
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(!isCPUSpeedComp()){
Ansi based on Dropped File
(rules.js)
if(!isDiskSpaceComp()){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(AFRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(checkV5Installed) )
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultBrowser)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultbrowserAppPath))
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultbrowserAppPath)) {
Ansi based on Dropped File
(rules.js)
if(!isEmpty(DPRegistryPath) && DPRegistryPath.toLowerCase() =="ok"){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(incumbentTlbrList)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(nortonToolbarKey)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(PTRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(SCRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(SFRegistryPath) && SFRegistryPath.toLowerCase() =="ok"){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(UBRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(winServicePackRegValue)){
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(primaryTlbrID))
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(primaryTlbrID)){
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(satTlbrID))
Ansi based on Dropped File
(rules.js)
if(!isV5TlbrEligible()){
Ansi based on Dropped File
(rules.js)
if(!isV6TlbrEligible()){
Ansi based on Dropped File
(rules.js)
if(!nortonToolbarCheck()){
Ansi based on Dropped File
(rules.js)
if(!offerAviraV6NewInstall){
Ansi based on Dropped File
(rules.js)
if(!showSecondaryOffer && (hidePtnrSecondaryOffer=="true")){
Ansi based on Dropped File
(rules.js)
if(!v6incumbentPartnerCheck("AVIRA-") || !v5incumbentPartnerCheck("AVR-")){
Ansi based on Dropped File
(rules.js)
if(!v6SaturationToolbarOfferFlag &&!showSecondaryOffer &&(primaryTlbrID.toLowerCase().indexOf("myc") > -1 || satTlbrID.toLowerCase().indexOf("myc-sat") > -1)){
Ansi based on Dropped File
(rules.js)
if((incumbentTlbrList[i].indexOf("-SAT") > -1 && satTlbrID.indexOf("-SAT")> -1)) {
Ansi based on Dropped File
(rules.js)
if(arrParamNames[i] == paramName){
Ansi based on Dropped File
(orchestrator.html)
if(checkOverinstall()) {
Ansi based on Dropped File
(rules.js)
if(checkOverinstall()) {v6SaturationToolbarOfferFlag = true;return true;}}catch(e){}return false;}function isV6TlbrEligible() {try{var incumbentPartnerList = getIncumbentPartners(); if(isEmpty(incumbentPartnerList)) return true;if(v6eligibleChecklist(primaryTlbrID,incumbentPartnerList)){v6SaturationToolbarOfferFlag = true;return true;}}catch(e){}return false;}function isSaturationInstalled(partnerid) {try{var incumbentTlbrList;incumbentTlbrList = getIncumbentPartners();if(!isEmpty(incumbentTlbrList)){for(var i=0; i<incumbentTlbrList.length;i++){if((incumbentTlbrList[i].indexOf("-SAT") > -1 && satTlbrID.indexOf("-SAT")> -1)) {partnerid.value=incumbentTlbrList[i];return true;}}}}catch(e){}return false;}function checkV5ToolbarInstalled(){try{var v5TlbrID;showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowse
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(defaultBrowser.toLowerCase().indexOf("chrome") > -1 && makeoffer(partnerID)) {
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("firefox.exe") > -1){
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("iexplore.exe") > -1 ){
Ansi based on Dropped File
(rules.js)
if(defBrowser == IE) return true;
Ansi based on Dropped File
(rules.js)
if(defBrowser.toLowerCase() == FIREFOX) return true;
Ansi based on Dropped File
(rules.js)
if(diskFreeSize <2000){
Ansi based on Dropped File
(rules.js)
if(diskFreeSize <850){
Ansi based on Dropped File
(rules.js)
if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 0"){
Ansi based on Dropped File
(rules.js)
if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 3"){
Ansi based on Dropped File
(rules.js)
if(incPartners.length < 1 || incPartners.length >= 4) {
Ansi based on Dropped File
(rules.js)
if(incumbentTbType.toLowerCase().startsWith("vanilla") && tbType.toLowerCase().startsWith("vanilla")){
Ansi based on Dropped File
(rules.js)
if(installedPartners[i].startsWith(partner)){
Ansi based on Dropped File
(rules.js)
if(is64Bit())
Ansi based on Dropped File
(rules.js)
if(is64Bit()){
Ansi based on Dropped File
(rules.js)
if(isBlockListed(incPartners[k])) {
Ansi based on Dropped File
(rules.js)
if(isBlockListed(primaryTlbrID))
Ansi based on Dropped File
(rules.js)
if(isEmpty(checkV5Installed)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(default_browser))
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser))
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser)) {
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser)){
Ansi based on Dropped File
(rules.js)
if(isEmpty(incumbentPartnerList)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(incumbentPartners)){
Ansi based on Dropped File
(rules.js)
if(isEmpty(installedPartners)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(installedToolbars)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(nortonToolbarKey)){
Ansi based on Dropped File
(rules.js)
if(isLatestClient(version)) return reasonDescription;
Ansi based on Dropped File
(rules.js)
if(n==-1) n=0;
Ansi based on Dropped File
(rules.js)
if(parseInt(getIEversion) > 8){
Ansi based on Dropped File
(rules.js)
if(partnerID == incPartners[k]){
Ansi based on Dropped File
(rules.js)
if(partnerID == jsonString.makeofferdisabled[i]){
Ansi based on Dropped File
(rules.js)
if(physicalMemory < 512){
Ansi based on Dropped File
(rules.js)
if(primaryToolbarOfferFlag){
Ansi based on Dropped File
(rules.js)
if(tlbrID == jsonString.blocklistedPartners[j]) {
Ansi based on Dropped File
(rules.js)
if(toolbarID.startsWith(partnerids)){
Ansi based on Dropped File
(rules.js)
if(toolbarID.startsWith(partnerids)){return false;}}catch(e){}return true;}function askSecureToolbarCheck(){try{var toolbarRegPath;var installedToolbars = getIncumbentPartners(); if(isEmpty(installedToolbars)) return true;for(var i=0; i<installedToolbars.length;i++){toolbarRegPath=getIncbumbentRegPath(installedToolbars[i]);toolbarTbType = pipgetRegValue(toolbarRegPath,"tb-type",0);if(toolbarTbType == "vanilla-sec") return false;}}catch(e){}return true;}String.prototype.startsWith = function(prefix) { return this.indexOf(prefix) === 0;}function isAviraV5UpgTlbrOffered(){try{showSecondaryOffer=true;if(!askSecureToolbarCheck()){return getReasonCode(AskSecureToolbarPresentAviraOfferRejected);}if(v5incumbentPartnerCheck("AVR-")){offerAviraV6NewInstall=true;return getReasonCode(AviraV6InstallOfferPresentedAviraV6UpgradeRejected);}}catch(e){}v6SaturationToolbarOfferFlag = true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(toolbarTbType == "vanilla-sec") return false;
Ansi based on Dropped File
(rules.js)
if(v5incumbentPartnerCheck("AVR-")){
Ansi based on Dropped File
(rules.js)
if(v5TlbrID == primaryTlbrID) v5ToolbarInstalled=v5ToolbarInstalled+"Same Partner ID "+v5TlbrID+"";
Ansi based on Dropped File
(rules.js)
if(v5toolbarOffered){
Ansi based on Dropped File
(rules.js)
if(v6eligibleChecklist(primaryTlbrID,incumbentPartnerList)){
Ansi based on Dropped File
(rules.js)
if(v6SaturationToolbarOfferFlag) {
Ansi based on Dropped File
(rules.js)
if(versionresult >= 0){
Ansi based on Dropped File
(rules.js)
if(versionValue >= 0){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 ||(window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.2") != -1) {
Ansi based on Dropped File
(rules.js)
if(window.navigator.userAgent.indexOf('WOW64')>-1 || window.navigator.platform=='Win64')
Ansi based on Dropped File
(rules.js)
if(winServicePackRegValue == "Service Pack 2" || winServicePackRegValue == "Service Pack 2")
Ansi based on Dropped File
(rules.js)
ig-NG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IHDR
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
IHKCU{Software{Classes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ii-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Illegal byte sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
image/gif0!0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
imageheight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ImageList_Destroy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ImageList_GetIconSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
imagewidth
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
imeout
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IMicrosoft Visual C++ Runtime Library
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Improper link
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Inappropriate I/O control operation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
inate><Previous id="default">STRID_Previous</Previous><Next id="default">STRID_Next</Next><Finish id="default">STRID_Finish</Finish><Cancel id="default">STRID_Cancel</Cancel><CancelText id="default">STRID_Cancel_Text</CancelText><EulaText id="default">STRID_Eula_Text</EulaText><OptinText id="default">STRID_Optin_Text</OptinText><AveryLabel2 id="default">STRID_AveryLabel2</AveryLabel2><DownloadingText id="default">STRID_Downloading_Text</DownloadingText><NoOfferText id="default">STRID_No_Offer_Text</NoOfferText><DownloadingError id="default">STRID_Downloading_Error</DownloadingError><LoadingText id="default">STRID_Loading_Text</LoadingText><LoadingTitle id="default">STRID_Loading_Title</LoadingTitle><OfText id="default">STRID_Of_Text</OfText><AnalyticsFail id="default">STRID_Access_Analytics_Fail</AnalyticsFail><AccessConfigFail id="default">STRID_Access_Config_Fail</AccessConfigFail><AccessOfferXmlFail id="default">STRID_Access_OfferXml_Fail</AccessOfferX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
incumbant_AVIRA = true;
Ansi based on Dropped File
(rules.js)
incumbentPartnerIDs = incumbentPartners.split(",");
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath= getIncbumbentRegPath(incPartners[k]);
Ansi based on Dropped File
(rules.js)
incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Dropped File
(rules.js)
incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Dropped File
(rules.js)
incumbentTbType = pipgetRegValue(incumbentPartnerRegPath,"tb-type",0);
Ansi based on Dropped File
(rules.js)
incumbentTlbrList = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
indent += ' ';
Ansi based on Dropped File
(orchestrator.html)
indent = '';
Ansi based on Dropped File
(orchestrator.html)
indent = space;
Ansi based on Dropped File
(orchestrator.html)
indent,
Ansi based on Dropped File
(orchestrator.html)
index of
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InfoTip
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ing = V6OfferAlreadyPresentWithSamePartnerID;return false;}if(incumbentTbType.toLowerCase().startsWith("vanilla") && tbType.toLowerCase().startsWith("vanilla")){reasonString = PriorToolbarType_Vanilla_SecureVanilla + incPartners[k];return false}if(isBlockListed(incPartners[k])) {reasonString = BlockListV6IncumbentToolbarIsListedInLockList + incPartners[k];return false;}}} catch(e){}return true;}function isV5ToolbarOffered(){try{v5toolbarOffered=true;return true;}catch(e){}}function checkPrimaryToolbarOffered(){try{if(v5toolbarOffered){return false;}return true;}catch(e){}}function getProductVersion(productCode){try{var productVersion =system.getProductVersion(productCode);return productVersion;}catch(e){}}function pipgetRegValue(registryPath,regValue,n){try {var registryValue=system.getRegValue(registryPath,regValue,n);re
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ing file:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ing Tray delete false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ing(0, 4) === "AVR-") || (p_installed_toolbars[i].PID.substring(0, 6) === "AVIRA-") ) { incumbant_AVIRA = true; break; } } if (incumbant_AVIRA) { if (p_toolbar_to_be_installed.PID.substring(0, 6) === "AVIRA-") return false; if (p_toolbar_to_be_installed.tb_type.toLowerCase() === "secure") { reasonString = AviraToolbarPresentAskSecureOfferRejected; return true; } return false; } return false; } // incumbantAVIRACheck function TbTypesIntersect (tb_type_1, tb_type_2) { var list_1 = tb_type_1.split(","); var list_2 = tb_type_2.split(","); for (var i = 0; i < list_1.length; ++i) { for (var j = 0; j <
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ing(16)).slice(-4); }) + '"' : '"' + string + '"'; } function str(key, holder) {// Produce a string from holder[key]. var i, // The loop counter. k, // The member key. v, // The member value. length, mind = gap, partial, value = holder[key];// If the value has a toJSON method, call it to obtain a replacement value. if (value && typeof value === 'object' && typeof value.toJSON === 'function') { value = value.toJSON(key); }// If we were called with a replacer function, then call the replacer to// obtain a replacement value. if (typeof rep === 'function') { value = rep.call(holder, key, value); }// What happens next depends on the value's type. switch (typeof value) { case 'string': return quote(value); case 'number':// JSON num
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
init();
Ansi based on Dropped File
(orchestrator.html)
InitCommonControlsEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitFolderHandler
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitializeCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitializeCriticalSectionAndSpinCount
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitializeInformation()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Input/output error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Install checker download failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker exe run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker exe validation failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
installed_toolbars = installed_toolbars || GetInstalledToolbars();
Ansi based on Dropped File
(rules.js)
installed_toolbars.push(this.cache[i].tb_info);
Ansi based on Dropped File
(rules.js)
InstallerLocation
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
integer out of signed integer range
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Interface
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedCompareExchange
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedDecrement
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedExchange
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedIncrement
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedPopEntrySList
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedPushEntrySList
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Error description -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Error parsing. Actual value -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Member result not provided.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Result string empty.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Return string NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Return type string expected, actual return type -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternalName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetCloseHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetConnectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetCrackUrlW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetGetCookieW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetOpen Failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetOpenW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetReadFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetSetCookieW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetSetOptionW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Interrupted function call
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IntranetName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Invalid argument
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid Argument
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid argument.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration file
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration. Could NOT Parse File.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid File donwload progress pointer. Skipping progress update.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
invalid map/set<T> iterator
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid seek
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
invalid string position
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
invalid vector<T> subscript
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InvalidateRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InvalidateRgn
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ion. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ionProgress
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ios_base::badbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::eofbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::failbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iostream
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iostream stream error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iready of %I64d ms. Local UIReady time expired: %I64u ms, UIReady time remaining (relative to remote server data): %I64d ms.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IReadyTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
irish-english
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Is a directory
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
is-IS
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
is_saturation_offer = true;
Ansi based on Dropped File
(rules.js)
isBold
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsChild
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IScriptObjectWWWX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsDebuggerPresent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IServiceProvider
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isHScroll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsImageButton
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isItalics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isMainOffer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isMutiLines
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsProcessorFeaturePresent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isReadOnly
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isUnderlined
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsValidCodePage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsValidLocale
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isVScroll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IsWindowEnabled
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsWow64Process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
it";var AviraV6InstallOfferPresentedAviraV6UpgradeRejected = "21:Avira V6 new Install offer presented, Avira V6 Upgrade rejected";var AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented = "22:Avira V6 new Install offer rejected, Avira V6 Upgrade Offer/Ask Secure Offer presented";var PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected = "23:Primary Toolbar Offer presented, The default primary offer rejected";var OldClientAskSecureOfferNotSupported = "24:Old Client AskSecure offer not supported";var maxNumberOfPartnersExceeded = "25:Maximum Number of Unique Partners Already Exists";var tbtypeOfBlockPIDNotEqual = "26:A Toolbar Type is of type block, PIDs are NOT equal";var inputBrowserTypeNotSupported = "27:Input Browser Type is NOT Supported";var inputIEBrowserVersionNotSupported = "28:IE Browser Version Is NOT Supported";
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
it-IT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
it_Code
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
italian-swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IThe out pointer (dispatch pointer of the object) is NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iu-Cans-CA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
iu-Latn-CA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
j = eval('(' + text + ')');
Ansi based on Dropped File
(orchestrator.html)
j_toP_t
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ja-JP
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
JanFebMarAprMayJunJulAugSepOctNovDec
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
January
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
JAVASCRIPT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
JSON = {};
Ansi based on Dropped File
(orchestrator.html)
JSON.parse = function (text, reviver) {
Ansi based on Dropped File
(orchestrator.html)
JSON.parse = function (text, reviver) {// The parse method takes a text and an optional reviver function, and returns// a JavaScript value if the text is a valid JSON text. var j; function walk(holder, key) {// The walk method is used to recursively walk the resulting structure so// that modifications can be made. var k, v, value = holder[key]; if (value && typeof value === 'object') { for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = walk(value, k); if (v !== undefined) { value[k] = v; } else { delete value[k]; } } } } return reviver.call(holder, key, value); }// Parsing ha
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
JSON.stringify = function (value, replacer, space) {
Ansi based on Dropped File
(orchestrator.html)
k = rep[i];
Ansi based on Dropped File
(orchestrator.html)
k the new structure, passing// each name/value pair to a reviver function for possible transformation. return typeof reviver === 'function' ? walk({'': j}, '') : j; }// If the text is not JSON parseable, then a SyntaxError is thrown. throw new SyntaxError('JSON.parse'); }; }}());PADvar objectModel = {};objectModel.initialized = false;function init() { if (objectModel.initialized === false && typeof window !== "undefined" && typeof window.external !== "undefined") { logger = {}; _logger = window.external.GetObject("logger"); try { logger.log = function(var1) { return _logger.log(var1); }; logger.error = function(var1) { return _logger.error(var1); }; logger.debug = function(var1) { return _logger.debug(var1); };
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
k, // The member key.
Ansi based on Dropped File
(orchestrator.html)
k.com. All rights reserved.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ka-GE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ked="false" color="" ctrltype="offer" ctrlvalue="true" height="40" id="eula" isBold="true" subctr="" text="STRID_EULA" type="checkbox" width="400" x="50" y="90"></control> <control bgcolor="#FFD793" color="" fontsize="20" height="60" id="txt1-of11"
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kernel32
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
kernel32.dll
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
KERNEL32.DLL
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KERNEL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Killing the dialog timer and exiting.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Killing the dialog timer due to parent cancellation..
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Killing the internal timer and setting the dialog timer.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KillTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KISystemUtilW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
kk-KZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kl-GL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
km-KH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kn-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
known
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ko-KR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kok-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ky-KG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
l = Math.min(a.length, b.length);
Ansi based on Dropped File
(rules.js)
l = Math.min(a.length, b.length); for (i=0; i<l; i++) { d = parseInt(a[i], 10) - parseInt(b[i], 10); if (d !== 0) { return d; } } return a.length - b.length;}function isLatestClient(clientversion) {try{var versionresult=cmpVersions(clientversion,"2.6.8.0");if(versionresult >= 0){return true;}}catch(e){}return false;}function is64Bit(){if(window.navigator.userAgent.indexOf('WOW64')>-1 || window.navigator.platform=='Win64')return true;else return false;}function isSupportedOS() {try {if (window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {return true}} catch(e){}return false;}function makeoffer(pa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
l already send the event exiting remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
l function call
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
L7cvarRefArgWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
langid
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
langID
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LanguageParameters
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Later
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
later
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
layOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lb-LU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
lbars || GetInstalledToolbars(); Offers.OfferedToolbars(installed_toolbars, offer_id); var result; if (isSaturationOffer(offer_id)) result = offerV6SaturationToolbar(); else result = v6installChecker(param); all_browsers = all_browsers || JSON.parse(browser.allBrowsers); if (result === true) return_JSON = new Result("ALL", all_browsers, true , toolbar_to_be_installed); else return_JSON = new Result("", all_browsers, false); if (result === true) return_JSON.result = 0; else { if (result === false) return_JSON.result = 1; else return_JSON.result = parseInt(result, 10); } return_JSON.errorDescription = result; return_JSON.lookupTable.fileid = "v6ic"; return_JSON.lookupTable.stubversion = "6.6.0"; Offers.StoreResult(offer_id, return_JSON, toolbar_to_be_installed); if (show_logger) logger.log("RETURN RESULT FOR V6 CALL : " + JS
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LBARS_ON_MACHINE = 3; var is_saturation_offer = false; var offer_id = GetOfferID(param); var offertype_is_toolbar = false; if (!isSupportedOS() || !isOSServicePackCompatible()) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; return JSON.stringify(return_JSON); } offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); toolbar_to_be_installed = GetToolbarInfo(offer_id); if (Offers.Check(offer_id)) return Offers.RetrieveResult(offer_id); var ps_check = PrimarySaturationCheck (offer_id); if (!isObjEmpty(ps_check)) return JSON.stringify(ps_check); try { var return_JSON; var target_browser = ""; installed_toolbars = installed_toolbars || GetInstalledToolbars(); Offers.OfferedToolbars(inst
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LC_ALL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LC_COLLATE
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LC_CTYPE
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LC_MONETARY
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LC_NUMERIC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LCMapStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LdapClientIntegrity
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ldexp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LeaveCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LegalCopyright
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
length = rep.length;
Ansi based on Dropped File
(orchestrator.html)
length = value.length;
Ansi based on Dropped File
(orchestrator.html)
length,
Ansi based on Dropped File
(orchestrator.html)
ler.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lEUw+Ei5m6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
level. If it is a string (such as '\t' or ' '), it contains the characters used to indent at each level. This method produces a JSON text from a JavaScript value. When an object value is found, if the object contains a toJSON method, its toJSON method will be called and the result will be stringified. A toJSON method does not serialize: it returns the value represented by the name/value pair that should be serialized, or undefined if nothing should be serialized. The toJSON method will be passed the key associated with the value, and this will be bound to the value For example, this would serialize Dates as ISO strings. Date.prototype.toJSON = function (key) { function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lFail><OfferXmlMiss id="default">STRID_OfferXml_Miss</OfferXmlMiss><UnexpectedDownLoadFail id="default">STRID_Unexpected_DownLoad_Fail</UnexpectedDownLoadFail><CancelInstalling id="default">STRID_Cancel_Install_text</CancelInstalling><CancelOptContinue id="default">STRID_Cancel_Continue</CancelOptContinue><CancelOptForce id="default">STRID_Cancel_Force</CancelOptForce><CancelOptWait id="default">STRID_Cancel_Wait</CancelOptWait><Executingfile>STRID_Executingfile</Executingfile><Browser_ALL_TXT>STRID_ALL_STRING</Browser_ALL_TXT><Browser_CR_TXT>STRID_CR_STRING</Browser_CR_TXT><Browser_FF_TXT>STRID_FF_STRING</Browser_FF_TXT><Browser_IE_TXT>STRID_IE_STRING</Browser_IE_TXT></LanguageParameters><stringtable> <language langid="en"> <string id="STRID_CContinue">Continue</string> <string id="STRID_CForce">Force Cancel</string> <string id="STRID_Previous">Previous</string> <string id="STRID_Back">Back</string> <string id="STRID_Back_FXTV5">Back</strin
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LguidServiceW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LibraryPath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
lient
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Like group, but the block is initially collapsed.W@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
list_2.length; ++j) { if (list_1[i].toLowerCase() == list_2[j].toLowerCase()) return true; } } return false; } // TbTypesIntersect function toolbarsHaveTypeBlock(toolbars) { for (var i = 0; i < toolbars.length; ++i) { if (toolbars[i].tb_type === "blocked") return true; } return false; } // toolbarsHaveTypeBlock function isUniquePIDOnMachine(installed_toolbars, to_be_pid) { for (var i = 0; i < installed_toolbars.length; ++i) { if (installed_toolbars[i].PID == toolbar_to_be_installed.PID) return false; } return true; } // isUniquePIDOnMachine function CascadeThroughBrowsers(p_browser, cascade_count) // ==> string {
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ll32 shell32, OpenAs_RunDLL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lled
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lled_toolbars, offer_id); all_browsers = all_browsers || JSON.parse(browser.allBrowsers); if (!all_browsers.dfBr) { all_browsers.dfBr = defaultBrowser(); } if (show_logger) logger.log("\r\n All browsers values: " + JSON.stringify(all_browsers) + " : ");offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers());if (show_logger) logger.log("Actual Param " + param + " *******Returned offers " + JSON.stringify(offers_gen_params) + "\n");if (show_logger) logger.log("Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");if (show_logger) logger.log("Toolbar To Be Installed : " + JSON.stringify(toolbar_to_be_installed) + "\n"); target_browser = target_browser || CanBeInstalled(CommandLineBrowser(), false); target_browser = target_browser || CanBeInstalled(OriginBrowser(), false); target_browser = target_browser || CanBeInstalled(DefaultBrowser(), false); target_browser = tar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lo-LA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
load balloon icon file failed:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LoadAppInit_DLLs
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LoadBitmapW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadCursorW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadIconW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadImageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Loading
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadingTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadLibraryExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadLibraryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadResource
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local .xml will be used:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local already send the event exiting remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local AppData
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Local mode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local ui.xml will be used:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
locale
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalizedName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LocalRedirectOnly
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LockResource
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Log Exiting.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
log10
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
logger
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
logger = {};
Ansi based on Dropped File
(objectmodel.js)
Logger CoClass
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger InterfaceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
logger.debug = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.dir = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.error = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.error(x);
Ansi based on Dropped File
(objectmodel.js)
logger.group = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.info = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.log = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.log("\r\n ****** inside load " + e.message + " Rule name: " + ruleName);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** Load Function Error " + e.message);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** pirule setRule callBackFired : function called is " + "Rule name: " + ruleName + "Number: " + arguments.length);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n******************Norton Toolbar Installed****************");
Ansi based on Dropped File
(rules.js)
logger.warn = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
Logger: Beacon InternetConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger::Initialize()... InternetConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a messaageWWW'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the DEBUG categoryWWW&
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the ERROR categoryWWW=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the INFO category)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the WARNING categoryW'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LONG_PTRd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Lookup breaking. Parent exitcode %d waitWindow %x
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Lookup max timeout reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lookupTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lse. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LsetRuleCallbackW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lstrcmpA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrcmpiW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lstrcmpW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrcpynW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lstrcpyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrlenA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrlenW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lt-LT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ltBrowser xp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lv-LV
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LWFq{&~'I
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
m %d right %d Parent top %d left %d bottom %d right %d Dlg top %d left %d bottom %d right %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
M_rgiRefArgWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MachinePreferredUILanguages
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
malformd UTF-8: not enough followers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
malformd UTF-8: too many followers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
map/set<T> too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MapDialogRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Mapping
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MapWindowPoints
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
March
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
marquee
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MartaExtension
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaxFileSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaximumAllowedAllocationSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaxRpcSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaxSockaddrLength
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MbstrName
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Message
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Message and Exit error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MESSAGE_BOX_ID_NO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MESSAGE_BOX_ID_YES
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageAndExit()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageBoxTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageBoxW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageUser
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
meta = { // table of character substitutions
Ansi based on Dropped File
(orchestrator.html)
mi-NZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Microsoft Visual C++ Runtime Library
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
mind = gap,
Ansi based on Dropped File
(orchestrator.html)
Minimum version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MinimumVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MinSockaddrLength
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Missing ',' or ']' in array declaration
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing ',' or '}' in object declaration
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing ':' after object member name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing '}' or object member name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
mk-MK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ml-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MM/dd/yy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mmand\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mn-MN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Module
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Module_Raw
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
moh-CA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Monday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Monitor started
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MonitorAndCompleteJob
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MonitorFromWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MoveFileExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MoveWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
mplete - SetWindowPos notopmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mponent Categories
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mr-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MS Shell Dlg
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ms-MY
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
mscoree.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
msctls_progress32
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
msi.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
msiexec.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MSIMG32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
mt-MT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MulDiv
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
MultiByteToWideChar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
N getRegValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
N.stringify(return_JSON)); return JSON.stringify(return_JSON);} // InstallCheckfunction isObjEmpty(obj){ var name; for (name in obj) return false; return true;} // isObjEmptyfunction GetOfferID(param){ if (!param) return ""; var p_param = param.split("|"); return p_param[0];} // GetOfferIDfunction isSaturationOffer(offer_id){ if (!offer_id) return false; for (var i = 0; i < offers_gen_params.offers.length; ++i) { if (offers_gen_params.offers[i].id === offer_id) { var toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; if (toolbar_id.indexOf("-SAT") > 0) return true; break; } } return false;} // isSaturationOfferfunction GetToolbarInfo(p_offer_id){ var toolbar_type = ""; var toolbar_id = ""; for (var i = 0; i < offers_gen_params.offers.length; ++i)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
N00000000NNN00NN00N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
n32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
n; } return this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.getUTCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z'; }; You can provide an optional replacer method. It will be passed the key and value of each member, with this bound to the containing object. The value that is returned from your method will be serialized. If your method returns undefined, then the member will be excluded from the serialization. If the replacer parameter is an array of strings, then it will be used to select the members to be serialized. It filters the results such that only members with keys listed in the replacer array are
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
n=defaultBrowser.lastIndexOf("\\");
Ansi based on Dropped File
(rules.js)
n\Mozilla\Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NameSpace_Callout
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nb-NO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nBkg_Cancel
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ncelWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ncelX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ndleEvents returning abort. LastError %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ne-NP
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
netConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
new-zealand
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
new[]
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Next_Catalog_Entry_ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
NextHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextX
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextY
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ning false
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nished Parsing the config.xml file, ... show previous :
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nitor waitonhandle %0x returning %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nKERNEL32.DLL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
nl-NL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
NN000000N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NNN0000000NNN
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NNN000000N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No .xml file is found:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No child processes
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
no control characters, no quote characters, and no// backslash characters, then we can safely slap some quotes around it.// Otherwise we must also replace the offending characters with safe escape// sequences. escapable.lastIndex = 0; return escapable.test(string) ? '"' + string.replace(escapable, function (a) { var c = meta[a]; return typeof c === 'string' ? c : '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4); }) + '"' : '"' + string + '"'; } function str(key, holder) {// Produce a string from holder[key]. var i, // The loop counter. k, // The member key. v, // The member value. length, mind = gap, partial, value = holder[key];// If the value has a toJSON method, call it to obtain a replacement value. if (value && typeof value === 'object' && typeof value.to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
No error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
No left top published. Using CenterLeft %0x CenterTop %0x
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No local file available for copy
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No locks available
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No space left on device
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such device
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such device or address
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such file or directory
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NoAttempt
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NoOfferText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NoRemove
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);
Ansi based on Dropped File
(rules.js)
norwegian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
norwegian-bokmal
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
norwegian-nynorsk
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Norwegian-Nynorsk
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Not a directory
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Not enough space
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray add false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray delete false. Lasterror %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray modify false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
nough space for _onexit/atexit table
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nough space for thread data
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
November
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nso-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nstallerLaunched=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nstance ran successfully. Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ntime Error!Program:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Num_Catalog_Entries
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Number.prototype.toJSON =
Ansi based on Dropped File
(orchestrator.html)
NumberOfPrimOffersToShow
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NumberOfSecOffersToShow
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
nvalid Return Type, Return String Was NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
o_;_7
Ansi based on Image Processing
(screen_0.png)
Object Model Root InterfaceWWW7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
objectModel.initialized = false;
Ansi based on Dropped File
(objectmodel.js)
objectModel.js
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
objectmodel.js
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
oc-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
October
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OF_TOOLBARS_ON_BROWSER \n"); reasonString = AlreadyAtMaxNumberOfPartnersPerBrowser + " [" + pid_str + "]"; return ""; } return p_browser; } // ValidBrowser(p_browser) } // CanBeInstalled function ToolbarInfo(p_PID, p_tb_type, p_browser) { this.PID = p_PID; this.tb_type = p_tb_type; this.browser = p_browser; } // ToolbarInfo} // v7installCheckerfunction GetInstalledToolbars(){ var result = []; // // V5 // var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");if(!isEmpty(checkV5Installed) ) { if(is64Bit()) {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0) || "";} else {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0) || "";} result.push({PID: v5TlbrID, tb_type : "AL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
offer, as presented before, will be // presented, and ALL subsequent offers will be deleted.//var Offers = {};Offers.Check = function (offer_id){ offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); // // If cache // if (!this.cache) { this.cache = []; for (var i = 0; i < offers_gen_params.offers.length; ++i) { var ttt = offers_gen_params.offers[i].id; var t_obj = {id : offers_gen_params.offers[i].id}; this.cache.push(t_obj); } return false; } for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) { if (this.cache[i].result) return true; } } return false;} // Offers.CheckOffers.RetrieveResult = function (offer_id){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Offer::GetDownloadProgress done. Job
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offer::GetDownloadProgress inprogress. Job
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offer_type = offer_type.toLowerCase();
Ansi based on Dropped File
(rules.js)
offerAviraV6NewInstall=true;
Ansi based on Dropped File
(rules.js)
offerBottom
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offercast
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offercast - APN Install Manager
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offercast.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OffercastInstaller_AVR_U_0363_01_P_.exe
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
offereula
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerid
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerLeft
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerProvider
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerRight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offers.Check = function (offer_id)
Ansi based on Dropped File
(rules.js)
Offers.OfferedToolbars = function (installed_toolbars, offer_id)
Ansi based on Dropped File
(rules.js)
Offers.OfferedToolbars(installed_toolbars, offer_id);
Ansi based on Dropped File
(rules.js)
Offers.RetrieveResult = function (offer_id)
Ansi based on Dropped File
(rules.js)
Offers.StoreResult = function (offer_id, result, toolbar_to_be_installed)
Ansi based on Dropped File
(rules.js)
Offers.StoreResult(offer_id, return_JSON, toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers());
Ansi based on Dropped File
(rules.js)
Offers_Selection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
offerTop
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerType
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offertype_is_toolbar = true;
Ansi based on Dropped File
(rules.js)
OfferXmlMiss
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OffsetRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ofile0
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ogger.info = function(var1) { return _logger.info(var1); }; logger.warn = function(var1) { return _logger.warn(var1); }; logger.group = function(var1) { return _logger.group(var1); }; logger.dir = function(var1) { return _logger.dir(var1); }; } catch (x) { logger.error(x); } browser = window.external.GetObject("browserinfo"); system = window.external.GetObject("system"); piprule = window.external.GetObject("piprule");pipclient = window.external.GetObject("pipclient");}};PAvar regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";var checkObj;var n;var registryPath;var regValue="";var partnerID;var v5toolbarOffered = false;var v6SaturationToolbarOff
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ogressBarHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ole32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OLEAUT32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OleInitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OleLockRunning
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OleUninitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
olSizeWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ome DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
on (value, replacer, space) {// The stringify method takes a value and an optional replacer, and an optional// space parameter, and returns a JSON text. The replacer can be a function// that can replace values, or an array of strings that will select the keys.// A default replacer method can be provided. Use of the space parameter can// produce text that is more easily readable. var i; gap = ''; indent = '';// If the space parameter is a number, make an indent string containing that// many spaces. if (typeof space === 'number') { for (i = 0; i < space; i += 1) { indent += ' '; }// If the space parameter is a string, it will be used as the indent string. } else if (typeof space === 'string') { indent = space; }// If there is a replacer, it must be a function or an array.// Otherwise, throw an error. rep = replacer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
OnClickedCancel()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedNext()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedPrevious()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnExit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OnInitDialog......0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete - SetWindowPos notopmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete - SetWindowPos notopmost success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnPostReporting...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
onTueWedThuFriSat
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OOBEInProgress
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
oonText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OpenProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OpenProcess failed Last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OpenProcessToken
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Operation not permitted
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
operator
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
optin
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OptInTextSize
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
optout
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
optout="true" displayname="Avery Error" > ... Offer Tag start --> ... List of files to be downloaded Refer the bottom for attribute definition --> </offer></primary_offers><params></params></root>P(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
or resultString, was returned.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
or-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Orchestrator
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
orchestrator
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
orchestrator.html
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
orer\SearchScopes\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
organization
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OriginalFilename
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OSXP64bit; return false;}}catch(e){}return true;}function isCPUSpeedComp() {try{var cpuSpeed;var physicalMemory;cpuSpeed = system.getRegValue("HKLM\\Hardware\\Description\\System\\Centralprocessor\\0","~MHZ",0);if (cpuSpeed<1000){reasonString= CPUSpeedLessThan1000MHZ + cpuSpeed;return false;}physicalMemory=(system.getTotalPhysicalMemory());if(physicalMemory < 512){reasonString= SystemPhysicalMemoryIsVeryLow + physicalMemory;return false;}} catch(e) {}return true}function isDiskSpaceComp(){try{var diskFreeSize;diskFreeSize = system.getDiskFreeSize();if(is64Bit()){if(diskFreeSize <2000){reasonString = MachineDiskFreeSpaceLessThan2000MB + diskFreeSize;return false;}} else {if(diskFreeSize <850){reasonString = MachineDiskFreeSpaceLessThan850MB + diskFreeSize;return false;}}} catch(e){}return true;}function nortonToolbarCheck
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ot command:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Out of boundry. Monitor top %d left %d bottom %d right %d Parent top %d left %d bottom %d right %d Dlg top %d left %d bottom %d right %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
out, aborting download
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OutputDebugStringA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OutputDebugStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overflow
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
overlong 2 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 3 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 4 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 5 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 6 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ozilla\Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
p published. Using CenterLeft %0x CenterTop %0x
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
p_browser = p_browser.toLowerCase();
Ansi based on Dropped File
(rules.js)
P_Left
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pa-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PackedCatalogItem
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PAD<HTML><HEAD><script type="text/javascript">var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; } if (typeof Date.prototype.toJSON !== 'function') { Date.prototype.toJSON = function (key) { return isFinite(this.valueOf()) ? this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.getUTCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z' : null; }; String.prototype.toJSON = Number.prototype.toJSON = Boolean.prototype.toJSON = function (key) { return this.valueOf(); }; } var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
PageAllocatorSystemHeapIsPrivate
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PageAllocatorUseSystemHeap
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
param
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Parameters
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
params
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Parent exited with success code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Parent offer ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParentFolder
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
parentOfferID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml():Not use local.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseConfigXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
parseInt(isIE9extnenabled,2)=system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Approved Extensions","{D4027C7F-154A-4066-A1AD-4243D8127440}",0);
Ansi based on Dropped File
(rules.js)
ParseUi
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseUiXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParsingName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
partial = [];
Ansi based on Dropped File
(orchestrator.html)
partial,
Ansi based on Dropped File
(orchestrator.html)
partial.push(quote(k) + (gap ? ': ' : ':') + v);
Ansi based on Dropped File
(orchestrator.html)
partial[i] = str(i, value) || 'null';
Ansi based on Dropped File
(orchestrator.html)
Partner cancelled pip.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Partner ID empty
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Partner process id to watch %d Process handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
partnerID is
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
partnerid.value=incumbentTlbrList[i];
Ansi based on Dropped File
(rules.js)
partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
partnerRegPath+=partnersID+"\\Macro\\";
Ansi based on Dropped File
(rules.js)
Path to Msi
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PathFileExistsW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PAttempt
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pbstrNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pclrd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
pDispExCallbackFunctionWL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pDispObj@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PeekMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pens in four stages. In the first stage, we replace certain// Unicode characters with escape sequences. JavaScript handles many characters// incorrectly, either silently deleting them, or treating them as line endings. text = String(text); cx.lastIndex = 0; if (cx.test(text)) { text = text.replace(cx, function (a) { return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4); }); }// In the second stage, we run the text against regular expressions that look// for non-JSON patterns. We are especially concerned with '()' and 'new'// because they can cause invocation, and '=' because it can cause mutation.// But just to be safe, we want to reject all unexpected forms.// We split the second stage into 4 regexp operations in order to work around// crippling inefficiencies in IE's and Safari's regexp engines. First we// replace the JSON backslash pairs wit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Permission denied
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PerUserItem
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
physicalMemory=(system.getTotalPhysicalMemory());
Ansi based on Dropped File
(rules.js)
PID : toolbar_id,
Ansi based on Dropped File
(rules.js)
pid_str += name;
Ansi based on Dropped File
(rules.js)
PID_to_be_installed.push(toolbar_to_be_installed.PID);
Ansi based on Dropped File
(rules.js)
pids[pid_name] = 1;
Ansi based on Dropped File
(rules.js)
PIDs_on_Machine.push(installed_toolbars[i].PID);
Ansi based on Dropped File
(rules.js)
Ping return:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP host run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP Rules CoClassW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP Show UI exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
PIP UI event happened locally, no need to wait
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP UI ready successfully set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pip.ask.com/PIP/partners/{partnerid}/config.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
PIP_Exit_Code
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Left
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PIP_Offers_Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Offers_Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Offers_Selection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_SkipAll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Toolbar_Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Toolbar_Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Toolbar_Selection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Top
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PIP_UI_Complete
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_UI_Ready
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPAttempt
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipclient
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipclient = window.external.GetObject("pipclient");
Ansi based on Dropped File
(objectmodel.js)
PIPClient CoClassW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPHost
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPOffer
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipoffers.apnpartners.com
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPOutcome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipPartnerName=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPReportSever
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
piprule
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
piprule = window.external.GetObject("piprule");
Ansi based on Dropped File
(objectmodel.js)
piprule.setRuleCallback(
Ansi based on Dropped File
(orchestrator.html)
PIPRuleManagerWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPStats
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPTemp123456789
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pl-PL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
placementID
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Platform
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PN Install Manager
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
portuguese-brazilian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
position
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
postInstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PostMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
potential_browser = CascadeThroughBrowsers(p_browser, cascade_count);
Ansi based on Dropped File
(rules.js)
potential_browser = CheckVersion(potential_browser);
Ansi based on Dropped File
(rules.js)
potential_browser = ValidBrowser(potential_browser);
Ansi based on Dropped File
(rules.js)
ppDispObjWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppPictureWWW,
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppunkWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppvObjectWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pr china
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pr-china
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
PreCreate
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PreferExternalManifest
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PreferredUILanguages
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Previous
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
previous
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
PreviousHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousY
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
primary_offers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
primary_toolbar_ok_to_present = 0;
Ansi based on Dropped File
(rules.js)
primaryToolbarOfferFlag=true;
Ansi based on Dropped File
(rules.js)
Prints an interactive listing of all properties of the objectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Process handle null
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Process32FirstW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Process32NextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProductName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProductVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Profile0
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProfileImagePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Progid
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgIDFromCLSID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
programName
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
progress
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarBackgroundColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
promptmsg
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProviderId
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProviderInfo
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyBypass
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyEnable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyHttp1.1
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyOverride
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyServer
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
prs-AF
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
pruntime error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ps-AF
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
psed time
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pspCallerWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PSPUBWS
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PStats
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pstrLevelWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pstrTextd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pt-BR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ptbpartnerid
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PtInRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
PublishExpandedPath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
puerto-rico
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
QBWBWBWBWBWBWBWB
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
QI to get the object's dispatch interface pointer failed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
qps-ploc
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
qps-ploca
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
QueryPerformanceCounter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
quired key OfferXml is missing or invalid!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
qut-GT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
quz-BO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
r 0x%0lX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
r in ECMAScript, typeof null is 'object',// so watch out for that case. if (!value) { return 'null'; }// Make an array to hold the partial results of stringifying this object value. gap += indent; partial = [];// Is the value an array? if (Object.prototype.toString.apply(value) === '[object Array]') {// The value is an array. Stringify every element. Use null as a placeholder// for non-JSON values. length = value.length; for (i = 0; i < length; i += 1) { partial[i] = str(i, value) || 'null'; }// Join all of the elements together, separated with commas, and wrap them in// brackets. v = partial.length === 0 ? '[]' : gap ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' : '[' + partial.join(',') + ']'; gap = mind; return v;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
r ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
r stdio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
R"*%*%*u{
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
r2 += "-V7";
Ansi based on Dropped File
(rules.js)
r2 += "V7";
Ansi based on Dropped File
(rules.js)
r2 = toolbar_id + "-V7"
Ansi based on Dropped File
(rules.js)
r2 = toolbar_id.slice(0, -r1[0].length);
Ansi based on Dropped File
(rules.js)
R6002- floating point support not loaded
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6008- not enough space for arguments
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6009- not enough space for environment
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6010- abort() has been called
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6016- not enough space for thread data
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6017- unexpected multithread lock error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6018- unexpected heap error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6019- unable to open console device
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6024- not enough space for _onexit/atexit table
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6025- pure virtual function call
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6026- not enough space for stdio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6027- not enough space for lowio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6028- unable to initialize heap
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6030- CRT not initialized
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6032- not enough space for locale information
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
raB3G
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rAcceptance=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
radio
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RaiseException
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rasphone.pbk
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rcast.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rchromeVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rdware
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Read-only file system
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ReadFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Real out of signed integer range
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Reason string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
reasonString += " Installed PID/tbType " + installed_toolbars[i].PID + "/" + installed_toolbars[i].tb_type;
Ansi based on Dropped File
(rules.js)
reasonString += " Installed PID/tbType " + installed_toolbars[i].PID + "/" + installed_toolbars[i].tb_type; reasonString += " New PID/tbType " + toolbar_to_be_installed.PID + "/" + toolbar_to_be_installed.tb_type; return false; } } } return true; } // UniquePIDTbType // // Checks to see if AVIRA is already installed on the machine; if so, // check to see if trying to install another AVIRA === OK, or vanilla === OK, // secure === NOT OK. Assumes PIDTb collision has already been run. // function incumbantAVIRACheck(p_installed_toolbars, p_toolbar_to_be_installed) { var incumbant_AVIRA = false; var PID_to_be_installed = []; for (var i = 0; i < p_installed_toolbars.length; ++i) { if ((p_installed_toolbars[i].PID.subst
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
reasonString += " New PID/tbType " + toolbar_to_be_installed.PID + "/" + toolbar_to_be_installed.tb_type;
Ansi based on Dropped File
(rules.js)
reasonString = AlreadyAtMaxNumberOfPartnersPerBrowser + " [" + pid_str + "]";
Ansi based on Dropped File
(rules.js)
reasonString = AviraToolbarPresentAskSecureOfferRejected;
Ansi based on Dropped File
(rules.js)
reasonString = BlockListV6IncumbentToolbarIsListedInLockList + incPartners[k];
Ansi based on Dropped File
(rules.js)
reasonString = inputBrowserTypeNotSupported + " [" + p_browser + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputCRBrowserVersionNotSupported + " [" + all_browsers.cr + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputFFBrowserVersionNotSupported + " [" + all_browsers.ff + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputIEBrowserVersionNotSupported + " [" + all_browsers.ie + "]";
Ansi based on Dropped File
(rules.js)
reasonString = MachineDiskFreeSpaceLessThan2000MB + diskFreeSize;
Ansi based on Dropped File
(rules.js)
reasonString = MachineDiskFreeSpaceLessThan850MB + diskFreeSize;
Ansi based on Dropped File
(rules.js)
reasonString = maxNumberOfPartnersExceeded + " [" + pid_str + "]";
Ansi based on Dropped File
(rules.js)
reasonString = NortonSafeSearchToolbarInstalled;
Ansi based on Dropped File
(rules.js)
reasonString = PIDIsOnBlockedList + " " + toolbar_to_be_installed.PID;
Ansi based on Dropped File
(rules.js)
reasonString = PIDsAreSameOnSameBrowser + ", Browser " + p_browser + " PIDS [" + toolbar_to_be_installed.PID + "]";
Ansi based on Dropped File
(rules.js)
reasonString = PriorToolbarType_Vanilla_SecureVanilla + incPartners[k];
Ansi based on Dropped File
(rules.js)
reasonString = SideBySideLimitExceeded;
Ansi based on Dropped File
(rules.js)
reasonString = tbtypeOfBlockPIDNotEqual + " PIDS " + installed_toolbars[0].PID + " and " + toolbar_to_be_installed.PID;
Ansi based on Dropped File
(rules.js)
reasonString = uniquePIDTbType;
Ansi based on Dropped File
(rules.js)
reasonString = UnsupportedOSXP64bit;
Ansi based on Dropped File
(rules.js)
reasonString = V6OfferAlreadyPresentWithSamePartnerID;
Ansi based on Dropped File
(rules.js)
reasonString= CPUSpeedLessThan1000MHZ + cpuSpeed;
Ansi based on Dropped File
(rules.js)
reasonString= SystemPhysicalMemoryIsVeryLow + physicalMemory;
Ansi based on Dropped File
(rules.js)
reasonString= XPServicePackNotCompatible + winServicePackRegValue;
Ansi based on Dropped File
(rules.js)
Reboot command:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Received OnExit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RedrawWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
refox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
REG_SZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
RegCloseKey
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCreateKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegisterClassExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
REGISTRY
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegNotifyChangeKeyValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegOpenKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegQueryInfoKeyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegQueryValueExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegSetValueExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
regular
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RelativePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ReleaseCapture
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ReleaseDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ReleaseMutex
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote already send the event exiting local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote failed to set the event, exiting gracefully
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote mode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote process died already
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote process started. Handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RemoteInvokeExWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RemoveDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rep = replacer;
Ansi based on Dropped File
(orchestrator.html)
Reply from %s: bytes=%d time=%.0fms TTL=%d icmp_seq=%u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
report
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
reporting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resetting timer to honour server uiready of %I64d ms. Local UIReady time expired: %I64u ms, UIReady time remaining (relative to remote server data): %I64d ms.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resource deadlock avoided
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resource device
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resource temporarily unavailable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
result
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
result = offerV6SaturationToolbar();
Ansi based on Dropped File
(rules.js)
result = v6installChecker(param);
Ansi based on Dropped File
(rules.js)
Result too large
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
result.push({PID: partners[i], tb_type : tb_type, browser : "cr"});
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "ff"});
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "ie"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "cr"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ff"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ie"});
Ansi based on Dropped File
(rules.js)
ResumeThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RET_OFFER message received
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Retrieving remote process exit code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RetryTimeout
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
return ""
Ansi based on Dropped File
(rules.js)
return "";
Ansi based on Dropped File
(rules.js)
return ""; } var to_be_installed = []; to_be_installed.push(toolbar_to_be_installed); if (toolbarsHaveTypeBlock(to_be_installed) || toolbarsHaveTypeBlock(installed_toolbars) ) { if (installed_toolbars.length && isUniquePIDOnMachine(installed_toolbars, toolbar_to_be_installed.PID)) { reasonString = tbtypeOfBlockPIDNotEqual + " PIDS " + installed_toolbars[0].PID + " and " + toolbar_to_be_installed.PID; return "" } } if (incumbantAVIRACheck(installed_toolbars, toolbar_to_be_installed)) return ""; var cascade_count = 0; var potential_browser; do { potential_browser = CascadeThroughBrowsers(p_browser, cascade_count); potential_browser = CheckVersion(potential_browser); potential_browser = ValidBrowser(potential_browser); ++cascade_count;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
return "0:Not eligible for display";
Ansi based on Dropped File
(rules.js)
return "cr";
Ansi based on Dropped File
(rules.js)
return "ff";
Ansi based on Dropped File
(rules.js)
return "ie";
Ansi based on Dropped File
(rules.js)
return "No Parameters Found";
Ansi based on Dropped File
(orchestrator.html)
return '\\u' +
Ansi based on Dropped File
(orchestrator.html)
return 'null';
Ansi based on Dropped File
(orchestrator.html)
return _logger.debug(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.dir(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.error(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.group(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.info(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.log(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.warn(var1);
Ansi based on Dropped File
(objectmodel.js)
return a.length - b.length;
Ansi based on Dropped File
(rules.js)
return AnchorFreeUnsupportedOS;
Ansi based on Dropped File
(rules.js)
return arrParamValues[i];
Ansi based on Dropped File
(orchestrator.html)
return AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit;
Ansi based on Dropped File
(rules.js)
Return buffer allocation NULL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
return code is
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
return d;
Ansi based on Dropped File
(rules.js)
return default_browser;
Ansi based on Dropped File
(rules.js)
return escapable.test(string) ? '"' + string.replace(escapable, function (a) {
Ansi based on Dropped File
(orchestrator.html)
return false
Ansi based on Dropped File
(rules.js)
return false;
Ansi based on Dropped File
(rules.js)
return getReasonCode(AskSecureToolbarPresentAviraOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraToolbarPresentAskSecureOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraV6InstallOfferPresentedAviraV6UpgradeRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented);
Ansi based on Dropped File
(rules.js)
return getReasonCode(blocklistedPartner);
Ansi based on Dropped File
(rules.js)
return getReasonCode(OldClientAskSecureOfferNotSupported);
Ansi based on Dropped File
(rules.js)
return getReasonCode(precheckSecondary);
Ansi based on Dropped File
(rules.js)
return getReasonCode(PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(reasonString);
Ansi based on Dropped File
(rules.js)
return getReasonCode(secondaryOfferInstalled);
Ansi based on Dropped File
(rules.js)
return getReasonCode(secondaryOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(unsupportedBrowser);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v5Offerpresented);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v5ToolbarInstalled);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v6SatInstalled);
Ansi based on Dropped File
(rules.js)
return incumbentPartnerIDs;
Ansi based on Dropped File
(rules.js)
return isFinite(this.valueOf()) ?
Ansi based on Dropped File
(orchestrator.html)
return isFinite(value) ? String(value) : 'null';
Ansi based on Dropped File
(orchestrator.html)
return JSON.stringify(Offers.RetrieveResult(offer_id));
Ansi based on Dropped File
(rules.js)
return JSON.stringify(ps_check);
Ansi based on Dropped File
(rules.js)
return JSON.stringify(return_JSON);
Ansi based on Dropped File
(rules.js)
return JSON.stringify(return_obj);
Ansi based on Dropped File
(rules.js)
return lu_table[i][cascade_count];
Ansi based on Dropped File
(rules.js)
return n < 10 ? '0' + n : n;
Ansi based on Dropped File
(orchestrator.html)
return obj;
Ansi based on Dropped File
(rules.js)
return Offers.RetrieveResult(offer_id);
Ansi based on Dropped File
(rules.js)
return p_browser;
Ansi based on Dropped File
(rules.js)
return p_param[0];
Ansi based on Dropped File
(rules.js)
return partnerRegPath;
Ansi based on Dropped File
(rules.js)
return potential_browser;
Ansi based on Dropped File
(rules.js)
return productVersion;
Ansi based on Dropped File
(rules.js)
return quote(value);
Ansi based on Dropped File
(orchestrator.html)
return registryValue;
Ansi based on Dropped File
(rules.js)
return result;
Ansi based on Dropped File
(rules.js)
return return_JSON;
Ansi based on Dropped File
(rules.js)
return reviver.call(holder, key, value);
Ansi based on Dropped File
(orchestrator.html)
return str('', {'': value});
Ansi based on Dropped File
(orchestrator.html)
return String(value);
Ansi based on Dropped File
(orchestrator.html)
return tb.slice(0, 2);
Ansi based on Dropped File
(rules.js)
return this.cache[i].result;
Ansi based on Dropped File
(rules.js)
return this.indexOf(prefix) === 0;
Ansi based on Dropped File
(rules.js)
return this.valueOf();
Ansi based on Dropped File
(orchestrator.html)
return toolbars_on_browser;
Ansi based on Dropped File
(rules.js)
return true
Ansi based on Dropped File
(rules.js)
return true;
Ansi based on Dropped File
(rules.js)
return true;}function getIncbumbentRegPath(partnersID){try{var partnerRegPath="";if(is64Bit()){partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";} else {partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";}partnerRegPath+=partnersID+"\\Macro\\";}catch(e){}return partnerRegPath;}function v6incumbentPartnerCheck(partner){try{var installedPartners = getIncumbentPartners(); if(isEmpty(installedPartners)) return true;for(var i=0; i<installedPartners.length;i++){if(installedPartners[i].startsWith(partner)){return false;}}}catch(e){}return true;}function v5incumbentPartnerCheck(partnerids){try{var toolbarID;if(is64Bit()){toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);} else {toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);}
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Return type
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
return typeof c === 'string' ? c :
Ansi based on Dropped File
(orchestrator.html)
return typeof reviver === 'function' ?
Ansi based on Dropped File
(orchestrator.html)
return v7_result;
Ansi based on Dropped File
(rules.js)
return v;
Ansi based on Dropped File
(orchestrator.html)
return window[ruleName].apply(this, params);
Ansi based on Dropped File
(orchestrator.html)
return {};
Ansi based on Dropped File
(rules.js)
return;
Ansi based on Dropped File
(rules.js)
return_JSON = new Result("", all_browsers, false);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result("ALL", all_browsers, true , toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result(target_browser, all_browsers, false);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result(target_browser, all_browsers, true, toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = "";
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = reasonString;
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = result;
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = secondaryOfferRejected;
Ansi based on Dropped File
(rules.js)
return_JSON.lookupTable.fileid = "v6ic";
Ansi based on Dropped File
(rules.js)
return_JSON.lookupTable.stubversion = "6.6.0";
Ansi based on Dropped File
(rules.js)
return_JSON.result = 0;
Ansi based on Dropped File
(rules.js)
return_JSON.result = 1;
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(reasonString, 10);
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(result, 10);
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(secondaryOfferRejected, 10);
Ansi based on Dropped File
(rules.js)
return_obj.display = 0;
Ansi based on Dropped File
(rules.js)
return_obj.display = 1;
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "";
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "Error Executing Rule";
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "Value Was False";
Ansi based on Dropped File
(rules.js)
return_obj.result = 0;
Ansi based on Dropped File
(rules.js)
return_obj.result = 1;
Ansi based on Dropped File
(rules.js)
rface
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rFlag = false;var overinstallFlag=false;var reasonString="";var showSecondaryOffer=true;var defBrowser="";var FIREFOX="firefox";var IE="Internet Explorer";var CHROME="Google Chrome";var offerAviraV6NewInstall = false;var primaryToolbarOfferFlag=false;var v5ToolbarInstalled = "1:Offer cannot be installed as offer already exists";var V6OfferAlreadyPresentWithSamePartnerID = "1:V6 Offer already present with same partnerID";var unsupportedBrowser = "2:Unsupported default browser";var IneligibleChrome = "3:Ineligible Chrome";var v6SatInstalled = "4:Prior toolbar typet (Shopping)";var PriorToolbarType_Vanilla_SecureVanilla = "4:Prior toolbar type(Vanilla)/Secure Vanilla ";var blocklistedPartner = "5:Block V6 ? New toolbar listed in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
rgvarRefArgW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RID_DIC2V5_Loading_Title">Dictionary.com Setup</string><string id="STRID_DIC3V5_Loading_Text">Loading Dictionary.com required files...</string><string id="STRID_DIC3V5_Loading_Title">Dictionary.com Setup</string><string id="STRID_Loading_Text">Loading required files...</string> <string id="STRID_AD5_Loading_Text">Loading Avery Template Installer required files...</string><string id="STRID_AD5_Loading_Title">Avery Template Installer</string> <string id="STRID_Loading_Title">Loading</string> <string id="STRID_Of_Text">of</string> <string id="STRID_Access_Analytics_Fail">There was a problem accessing the analytics file!</string><string id="STRID_Access_Analytics_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_Access_Config_Fail">There was a problem accessing the config file!</string><string id="STRID_Access_Config_Fail_Avery">There was a problem downloading the files. P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
rinfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rm-CH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rnal error. Error parsing. Actual value -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ro-RO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Roamable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
RPCRT4.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RpcStringFreeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rrentVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rSelection=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rsion=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
RSSSSSSQP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RtlUnwind
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ru-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Rule execution aborted- either local / remote succeeded.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rules
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rules.js
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rundll32 shell32, OpenAs_RunDLL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version < minimum version. Running version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version >= upgrade version. Running version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version allowed to continue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
runtime error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Runtime Error!Program:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rver 2k8
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rw-RW
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rXmlMiss
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
S-1-5-18
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
s[i] = "No Value";}for (i=0;i<arrURLParams.length;i++){if(arrParamNames[i] == paramName){return arrParamValues[i];}}return "No Parameters Found";}return "";}</script> <SCRIPT type="text/javascript">init();function load() {try{piprule.setRuleCallback(function(ruleName){try{logger.log("\r\n ****** pirule setRule callBackFired : function called is " + "Rule name: " + ruleName + "Number: " + arguments.length);var params = Array.prototype.slice.call(arguments, 1);return window[ruleName].apply(this, params);} catch(e) {logger.log("\r\n ****** inside load " + e.message + " Rule name: " + ruleName);}});} catch(e) {logger.log("\r\n ****** Load Function Error " + e.message);}} </SCRIPT></HEAD><BODY onload="load()"></BODY></HTML>/* http://www.JSON.org/json2.js 2011-02-23 Public Domain. NO WARRANTY EXPRESSED OR IMPLI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
sa-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sActual path %s . CreateDirectory last error %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SafeDllSearchMode
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sah-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
saturation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Saturday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SaveCurrentOfferState()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SavedLegacySettings
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Saving toolbar offer selections:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
screeenversion
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
screenNumber
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ScreenToClient
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Script Object CoClassW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Script Object InterfaceWWW9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Script Object Root CoClass
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ScriptObjectX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
scroll
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
scrolltext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
se-NO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
search("_IE") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "ie"}); } if (browsers.search("_CR") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "cr"}); } if (browsers.search("_FF") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "ff"}); } }} return result;} // GetInstalledToolbarsvar toolbars_on_ie;var toolbars_on_cr;var toolbars_on_ff;function Result(target_browser, all_browsers, t_f){ this.result = 0; this.errorDescription = ""; this.display = t_f === true ? 1 : 0; this.reporting = new Reporting(); this.lookupTable = t_f === true ? new LookupTable(arguments[3]) : {}; //this.tb_info = toolbar_to_be_installed; function Reporting() { this.trgb = target_browser.toUpperCase();
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
secondary
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondary_offers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferBottom
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferLeft
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferRight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferTop
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SecureProtocols
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Security
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Security_HKLM_only
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Segoe UI
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
selections:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SelectObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Send Beacon finished
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Send Reporting finished
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SendDlgItemMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SendMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
September
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Serial_Access_Num
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
server 2012
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k3
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k3 R2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k8
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k8 r2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SessionStartTimeDefaultDeltaSecs
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Set the logging levelW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetBkColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetBkMode
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetCapture
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetCursor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetDIBColorTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetEndOfFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetEnvironmentVariableA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetEvent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SetFilePointer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetFocus
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SetForegroundWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetForegroundWindow failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetHandleCount
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetLastError
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetLayeredWindowAttributes
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetRectEmpty
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Sets the rules callbackWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetStdHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetTextColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetThreadStackGuarantee
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Setting timer for:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetUnhandledExceptionFilter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWaitableTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowContextHelpId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowLongW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowPos
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowPos topmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowPos topmost success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowsHookExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowTextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowTheme
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHELL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Shell_NotifyIconW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShellExecuteW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHGetFolderPathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHGetSpecialFolderPathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
shldrunparam
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
shldrunresult
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHLWAPI.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHOpenFolderAndSelectItems
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Show_UI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ShowExecutionProgress
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowICONOnToolbar
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowLoadingScreen
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowPrevious
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
showSecondaryOffer = false;
Ansi based on Dropped File
(rules.js)
showSecondaryOffer=false;
Ansi based on Dropped File
(rules.js)
showSecondaryOffer=false;return true;}function aviraToolbarInstallCheck(){try{showSecondaryOffer=true;if(!offerAviraV6NewInstall){return getReasonCode(AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented);}}catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function checkPrimaryTlbrOffered() {try{showSecondaryOffer=true;if(primaryToolbarOfferFlag){return getReasonCode(PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected);}} catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function clientSupported() {try{var versionValue=cmpVersions(version,"2.6.12.1");if(versionValue >= 0){return true;}} catch(e){}return false;}function isAskSecureOfferEligible () {try{showSecondaryOffer=true;if (!isSupportedOS()) return false;if (!isOSServicePackCompatible()) {return getReasonCode(reasonString);}
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
showSecondaryOffer=true;
Ansi based on Dropped File
(rules.js)
ShowWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
si-LK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Signature
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SING error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SizeofResource
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sk Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
sk-SK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SkipAll
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
skipall
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
skipall:
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SkipAllAbort
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Skipping cancel for execution progress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Skipping further processing of offers. Offers processed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Skipping offer. File ID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sl-SI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Sleep
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
slovak
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
smooth
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sNotifying Tray delete false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Socket failed
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\APN PIP\ipc
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\APN PIP\{partnerid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\Main
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\SearchScopes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Internet Explorer\Settings
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\userchoice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Mozilla\Mozilla Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SON === 'function') { value = value.toJSON(key); }// If we were called with a replacer function, then call the replacer to// obtain a replacement value. if (typeof rep === 'function') { value = rep.call(holder, key, value); }// What happens next depends on the value's type. switch (typeof value) { case 'string': return quote(value); case 'number':// JSON numbers must be finite. Encode non-finite numbers as null. return isFinite(value) ? String(value) : 'null'; case 'boolean': case 'null':// If the value is a boolean or null, convert it to a string. Note:// typeof null does not produce 'null'. The case is included here in// the remote chance that this gets fixed someday. return String(value);// If the type is 'object', we might be dealing with an object or an array or// null. case 'object':// Due to a specification blund
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
SourcePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
south africa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south korea
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south-africa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south-korea
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
space for lowio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
spanish-argentina
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-bolivia
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-chile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-colombia
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-costa rica
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-dominican republic
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-ecuador
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-el salvador
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-guatemala
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-honduras
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-mexican
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-modern
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-nicaragua
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-panama
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-paraguay
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-peru
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-puerto rico
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-uruguay
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-venezuela
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sq-AL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SQMServiceList
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ssBarBackgroundColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ssembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="APNInstaller" type="win32"></assemblyIdentity><description>.NET control deployment tool</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevel level="requireAdministrator" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS> </application> </compatibility></assembly>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
stall
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
staller.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
standalone
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
standalone="
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
standalone="%s"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Start Page
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Start_Install
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - acknowledged
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - cancelled
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - connecting
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - queued
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - suspended
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - transferred
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - transferring
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Static
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
static
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stbpartnerid
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stdole2.tlbWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stomTitleHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
StopMonitor eventmanager handle %0x
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StopMonitor exiting.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StopMonitor waitonhandle %0x returning %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
STORE_HISTORY
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StoresServiceClassInfo
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
strCmdLineWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StrCmpW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Stream
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
StreamResource
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
StreamResourceType
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
stReporting...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
StretchBlt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
STRID_CANCEL_TEXT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strInfoTypeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
string { if (show_logger) logger.log("CheckVersion :<" + p_browser + ">"); if (!p_browser) return p_browser; p_browser = p_browser.toLowerCase(); if (p_browser != "ie" && p_browser != "ff" && p_browser != "cr") { reasonString = inputBrowserTypeNotSupported + " [" + p_browser + "]"; return ""; } if (p_browser == "ie") { if (all_browsers && all_browsers.ie) { var version = parseInt(all_browsers.ie, 10); if (version > 6) return "ie"; } reasonString = inputIEBrowserVersionNotSupported + " [" + all_browsers.ie + "]"; return ""; } if (p_browser == "cr") { if (show_logger) logger.log(" CheckVersion of Chrome"); if (all_browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
string too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
String.prototype.startsWith = function(prefix) {
Ansi based on Dropped File
(rules.js)
String.prototype.toJSON =
Ansi based on Dropped File
(orchestrator.html)
StringFileInfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StringFromGUID2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StringHexToRGB()...[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stringtable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strMessageWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strNodePathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strObjectNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strProductNameWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strRulesJSUrlWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Style
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
subctr
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
success
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Success
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
success. Return boolean true.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SuccessCheck()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Successfully terminated
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SuccessText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SullTotalPhysicalMemoryWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
summary
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Sunday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SunMonTueWedThuFriSat
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SupportedNameSpace
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SupressCancelDialog
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
suspend
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Suspend
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
SuspendThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sv-SE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sw-KE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
swedish-finland
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
switch (typeof value) {
Ansi based on Dropped File
(orchestrator.html)
switchcontroltype
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Symantec Corporation100.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Symantec Corporation1402
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SyncMode5
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Syntax error: value, object or array expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
syr-SY
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
system
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
SYSTEM
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
system = window.external.GetObject("system");
Ansi based on Dropped File
(objectmodel.js)
System Utility InterfaceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
System Utils CoClassWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SystemSetupInProgress
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SystemTimeToFileTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SystemUtilWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
t manager thread still active
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
T$$RWWj?P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
t]Ht@Ht$Hu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ta-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Tahoma
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tAHt7Ht-HuP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
target_browser = target_browser || CanBeInstalled("cr", true);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(CommandLineBrowser(), false);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(DefaultBrowser(), false);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(OriginBrowser(), false);
Ansi based on Dropped File
(rules.js)
tate - acknowledged
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tate - connecting
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tb_type : toolbar_type
Ansi based on Dropped File
(rules.js)
TCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z' : null; }; String.prototype.toJSON = Number.prototype.toJSON = Boolean.prototype.toJSON = function (key) { return this.valueOf(); }; } var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, gap, indent, meta = { // table of character substitutions '\b': '\\b', '\t': '\\t', '\n': '\\n', '\f': '\\f', '\r': '\\r', '"' : '\\"', '\\': '\\\\' }, rep; function quote(string) {// If the string contains
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tch error #%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TCONTROL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
td9~0u_jX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
te process started. Handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
te-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Terminate thread failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TerminateProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TerminateSubProcesses()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TerminateThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ternalName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
text = String(text);
Ansi based on Dropped File
(orchestrator.html)
text = text.replace(cx, function (a) {
Ansi based on Dropped File
(orchestrator.html)
tEXtSoftware
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tg-Cyrl-TJ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
th-TH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
thankyou
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Thawte Certification1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Thawte Timestamping CA0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The config.xml file is missing or invalid!Please try the Template Only option on the Avery.com template page.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
the internal timer and setting the dialog timer.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
The object was not available in the script object (outer object).
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The out pointer (dispatch pointer of the object) is NULL.
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
The PIP Application object
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The required key OfferXml is missing or invalid!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Theme on, turning off.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ThemeApiConnectionRequest
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
this.apn_dbr = all_browsers.dfBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.browser = p_browser;
Ansi based on Dropped File
(rules.js)
this.BROWSER_TEXT = "Browser_" + target_browser.toUpperCase() + "_TXT";
Ansi based on Dropped File
(rules.js)
this.cache = [];
Ansi based on Dropped File
(rules.js)
this.cache.push(t_obj);
Ansi based on Dropped File
(rules.js)
this.cache[i].result = result;
Ansi based on Dropped File
(rules.js)
this.cache[i].tb_info = toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
this.ChromeTB = toolbars_on_cr;
Ansi based on Dropped File
(rules.js)
this.ChromeVersionInstalled = all_browsers.cr;
Ansi based on Dropped File
(rules.js)
this.cmdb = all_browsers.cmdBr;
Ansi based on Dropped File
(rules.js)
this.display = t_f === true ? 1 : 0;
Ansi based on Dropped File
(rules.js)
this.errorDescription = "";
Ansi based on Dropped File
(rules.js)
this.FFTB = toolbars_on_ff;
Ansi based on Dropped File
(rules.js)
this.FFVersionInstalled = all_browsers.ff;
Ansi based on Dropped File
(rules.js)
this.fileid = "QRST_ABCD";
Ansi based on Dropped File
(rules.js)
this.getUTCFullYear() + '-' +
Ansi based on Dropped File
(orchestrator.html)
this.IETB = toolbars_on_ie;
Ansi based on Dropped File
(rules.js)
this.IEVersionInstalled = all_browsers.ie;
Ansi based on Dropped File
(rules.js)
this.lookupTable = t_f === true ? new LookupTable(arguments[3]) : {};
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase(); this.apn_dbr = all_browsers.dfBr.toUpperCase(); this.cmdb = all_browsers.cmdBr; this.IEVersionInstalled = all_browsers.ie; this.FFVersionInstalled = all_browsers.ff; this.ChromeVersionInstalled = all_browsers.cr; this.TrackID = ""; if (offers_gen_params && offers_gen_params.GeneralParameters && offers_gen_params.GeneralParameters.TrackID) this.TrackID = offers_gen_params.GeneralParameters.TrackID; toolbars_on_ie = toolbars_on_ie || GetToolbarsOnBrowser("ie"); toolbars_on_cr = toolbars_on_cr || GetToolbarsOnBrowser("cr"); toolbars_on_ff = toolbars_on_ff || GetToolbarsOnBrowser("ff"); this.IETB = toolbars_on_ie; this.FFTB = toolbars_on_ff; this.ChromeTB = toolbars_on_cr; this.TBPartnerid = toolbar_to_be_installed.PID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
this.PID = p_PID;
Ansi based on Dropped File
(rules.js)
this.reporting = new Reporting();
Ansi based on Dropped File
(rules.js)
this.result = 0;
Ansi based on Dropped File
(rules.js)
this.stubversion = "7.0.0";
Ansi based on Dropped File
(rules.js)
this.targetBrowser = target_browser.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.tb_type = p_tb_type;
Ansi based on Dropped File
(rules.js)
this.tbID = tb_info.PID;
Ansi based on Dropped File
(rules.js)
this.TBPartnerid = toolbar_to_be_installed.PID
Ansi based on Dropped File
(rules.js)
this.tbType = tb_info?tb_info.tb_type:"";
Ansi based on Dropped File
(rules.js)
this.TrackID = offers_gen_params.GeneralParameters.TrackID;
Ansi based on Dropped File
(rules.js)
this.TrackID = "";
Ansi based on Dropped File
(rules.js)
this.trgb = target_browser.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.value="";
Ansi based on Dropped File
(rules.js)
throw new Error('JSON.stringify');
Ansi based on Dropped File
(orchestrator.html)
throw new SyntaxError('JSON.parse');
Ansi based on Dropped File
(orchestrator.html)
Thursday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Time out reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timed out, aborting download
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timeout value:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timer not started
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timer started
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TimerProc() for timer id:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TimeStamp-2048-10
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TimeStamp-2048-20
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ting file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tion?</string> </Language> </stringtable> <offereula> <offer bgcolor="#EFEBDF" bkgImage="" color="" display="true" displayname="" icParams="" icProceed="" icUrl="" id="{cpf1}" imageheight="" imagewidth="" switchcontroltype="checkbox" title="STR
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
title
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Title
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tk-TM
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
TLGETHOST
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TLOSS error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TlsAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TlsFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TlsGetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TlsSetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tn-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tnerID) {try {for (var i=0; i < jsonString.makeofferdisabled.length; i++) {if(partnerID == jsonString.makeofferdisabled[i]){unsupportedBrowser = IneligibleChrome;return false;}}} catch(e) {}return true;}function isEmpty (checkObj) { var key; if (checkObj === "" || checkObj === 0 || checkObj === "0" || checkObj === null || checkObj === false || typeof checkObj === 'undefined') { return true;} if (typeof checkObj == 'object') { for (key in checkObj) { return false; } return true; } return false;}function getIncumbentPartners() {var incumbentPartners;var incumbentPartnerIDs=""; try {if(is64Bit()){incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);}else{incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
to cancel
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
to_be_installed); return JSON.stringify(return_JSON); } catch(e){if (show_logger) logger.log("\r\n******Error*****" + e.message);return false;} return false; function PrimarySaturationCheck(offer_id) { var return_JSON = {}; if (offer_id) { for (var i = 0; i < offers_gen_params.offers.length; ++i) { if (offers_gen_params.offers[i].id === offer_id) { //var toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; var offer_type = offers_gen_params.offers[i].offerType || ""; offer_type = offer_type.toLowerCase(); if (offer_type.indexOf("saturation") >= 0) is_saturation_offer = true; else if (offer_type.indexOf("toolbar") >= 0) { offertype_is_toolbar = true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
to_be_installed.push(toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
Too many links
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Too many open files
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Too many open files in system
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
toolbar
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
toolbar_id = r2;
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed = GetToolbarInfo(offer_id);
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed.browser = target_browser;
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed.PID = primaryTlbrID;
Ansi based on Dropped File
(rules.js)
toolbar_type = offers_gen_params.offers[i].tbType || "";
Ansi based on Dropped File
(rules.js)
toolbarDisableFlag = system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{D4027C7F-154A-4066-A1AD-4243D8127440}","Flags",0);
Ansi based on Dropped File
(rules.js)
toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
toolbarRegPath=getIncbumbentRegPath(installedToolbars[i]);
Ansi based on Dropped File
(rules.js)
toolbars_on_browser += installed_toolbars[i].PID + ":" + installed_toolbars[i].tb_type;
Ansi based on Dropped File
(rules.js)
toolbars_on_browser.push(installed_toolbars[i]);
Ansi based on Dropped File
(rules.js)
toolbars_on_cr = toolbars_on_cr || GetToolbarsOnBrowser("cr");
Ansi based on Dropped File
(rules.js)
toolbars_on_ff = toolbars_on_ff || GetToolbarsOnBrowser("ff");
Ansi based on Dropped File
(rules.js)
toolbars_on_ie = toolbars_on_ie || GetToolbarsOnBrowser("ie");
Ansi based on Dropped File
(rules.js)
toolbarTbType = pipgetRegValue(toolbarRegPath,"tb-type",0);
Ansi based on Dropped File
(rules.js)
tooltips_class32
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
total
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Total Memory status %I64d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Total number of eligible offers to report
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TotalNumberOfOffersToShow
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tr-TR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
trait
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
transferred
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TranslateMessage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Translation
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
transparency
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TransparentBlt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TransparentEnabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Transports
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Tray add success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Tray delete success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Tray modify success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TrayTipTime
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tring=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tringified. Values that do not have JSON representations, such as undefined or functions, will not be serialized. Such values in objects will be dropped; in arrays they will be replaced with null. You can use a replacer function to replace those with JSON values. JSON.stringify(undefined) returns undefined. The optional space parameter produces a stringification of the value that is filled with line breaks and indentation to make it easier to read. If the space parameter is a non-empty string, then that string will be used for indentation. If the space parameter is a number, then the indentation will be that many spaces. Example: text = JSON.stringify(['e', {pluribus: 'unum'}]); // text is '["e",{"pluribus":"unum"}]' text = JSON.stringify(['e', {pluribus: 'unum'}], null, '\t'); // text is '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
trinidad & tobago
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
trol id="txt1-of11" type="text" text="Frostwire Demo Starting....." width="400" height="60" x="0" y="0" color="" bgcolor="#FFD793" fontsize="20" isBold="true"></control></control></controls></offer></offereula><apnanalytics></apnanalytics></root><?xml version="1.0" encoding="utf-8"?><root><OwnerInformation><owner><name>Vishal Shah</name><organization>APN Toolbar</organization></owner></OwnerInformation><GeneralParameters><SetDateTime>2003/02/04 08:30:00</SetDateTime><Height>445</Height><Width>600</Width><bgcolor>efebdf</bgcolor><showprogcanceldlg>false</showprogcanceldlg><optintextsize>12</optintextsize><dlg_transparency>255</dlg_transparency><ShowOfferScreensOnly>false</ShowOfferScreensOnly><defaultLanguage>en</defaultLanguage><defaultbkg></defaultbkg><defaultbkgwidth>600</defaultbkgwidth><ShowProgressDlg>false</ShowProgressDlg><defaultbkgheight>400</defaultbkgheight><ProgressBarCancelClickable>true</ProgressBarCancelClickable>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
trueValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
try {
Ansi based on Dropped File
(rules.js)
tt-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Tuesday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
turday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
turn type -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tVersionString
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
twHHt,HHt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tWItHIt9It
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Type Descriptor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Type is not convertible to int
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Type is not convertible to string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TypeLib
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
typeof replacer.length !== 'number')) {
Ansi based on Dropped File
(orchestrator.html)
typeof value.toJSON === 'function') {
Ansi based on Dropped File
(orchestrator.html)
typeof window.external !== "undefined") {
Ansi based on Dropped File
(objectmodel.js)
tzm-Latn-DZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
u-9T$Lv'j
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
u09\$@v*j
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
u^9F$uT8^
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ub9|$,t\W
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ublisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ug-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ui.xml
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ui.xml_localmode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UI_Complete
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
uInternet\\","",0)}} } else {default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);}if(isEmpty(default_browser)){default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}} return default_browser;} // defaultBrowserfunction isSupportedBrowser(partnerID) {try {var defaultbrowserPath;var defaultbrowserAppPath;var defaultBrowser;var n=0;if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {def
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
uiReady
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UIReadyTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
uiRules
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
uk-UA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ula disclosure based on setting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ultbrowserAppPath=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);if(!isEmpty(defaultbrowserAppPath)) {defaultbrowserPath="HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";defaultBrowser=pipgetRegValue(defaultbrowserPath,"",0);}else{defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}} else {defaultBrowser=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);if(isEmpty(defaultBrowser)) {defaultBrowser=pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);}if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\",
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
UNCAsIntranet
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
unction GetToolbarsOnBrowser(p_browser) // ==> string { var toolbars_on_browser = ""; if (!p_browser) return toolbars_on_browser; for (var i = 0, N = installed_toolbars.length; i < N; ++i) { if (installed_toolbars[i].browser == p_browser) { if (toolbars_on_browser) toolbars_on_browser += ";" toolbars_on_browser += installed_toolbars[i].PID + ":" + installed_toolbars[i].tb_type; } } return toolbars_on_browser; } // GetToolbarsOnBrowser } function LookupTable(tb_info) { this.BROWSER_TEXT = "Browser_" + target_browser.toUpperCase() + "_TXT"; this.targetBrowser = target_browser.toUpperCase(); this.fileid = "QRST_ABCD"; this.orgb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
UnhandledExceptionFilter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UnhookWindowsHookEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UNICODE
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
united-kingdom
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
united-states
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
unknown
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Unknown command line argument:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown error 0x%0lX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown exception
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown host
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown Product
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
unnelid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
UnregisterClassA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
unsupportedBrowser = IneligibleChrome;
Ansi based on Dropped File
(rules.js)
unsupportedBrowser=unsupportedBrowser+defBrowser;
Ansi based on Dropped File
(rules.js)
UpdateWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Upgrade version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UpgradeVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UpgradeVersionPath
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
upported Variant Type of 0"){return false;}return true;}return false;}function secondaryOfferCheck(){try{if(!showSecondaryOffer && (hidePtnrSecondaryOffer=="true")){return getReasonCode(secondaryOfferRejected);}}catch(e){}return true;}function isProntoEligibleOffer() {try{ if(defBrowser.toLowerCase() == FIREFOX) return true; }catch(e){}return false;}function isProntoEligibleOfferForIE(){try{if(defBrowser == IE) return true;}catch(e){}return false;}function isAnchorFreeEligibleOffer() {try{var AFRegistryPath;if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 ||(window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){return AnchorFreeUnsupportedOS;}if(is64Bit()){AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ur-PK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
URLDownloadToFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
urlmon.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
urn registryValue;} catch (e) {}}function defaultBrowser(){var defaultbrowserAppPath;var defaultbrowserPath; var default_browser; if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) { defaultbrowserAppPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0); if(!isEmpty(defaultbrowserAppPath)) { defaultbrowserPath = "HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\"; default_browser = pipgetRegValue(defaultbrowserPath,"",0); } else{default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMe
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
UseDelayedAcceptance
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
UseHostnameAsAlias
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
UseOldHostResolutionOrder
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
User Agent
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
USER32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
USER32.DLL
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
user_pref("browser.startup.homepage", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
user_pref("keyword.URL", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Users
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
uspended
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ute.*//*jslint evil: true, strict: false, regexp: false *//*members "", "\b", "\t", "\n", "\f", "\r", "\"", JSON, "\\", apply, call, charCodeAt, getUTCDate, getUTCFullYear, getUTCHours, getUTCMinutes, getUTCMonth, getUTCSeconds, hasOwnProperty, join, lastIndex, length, parse, prototype, push, replace, slice, stringify, test, toJSON, toString, valueOf*/// Create a JSON object only if one does not already exist. We create the// methods in a closure to avoid creating global variables.var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; } if (typeof Date.prototype.toJSON !== 'function') { Date.prototype.toJSON = function (key) { return isFinite(this.valueOf()) ? this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.get
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
UTF-16LE
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UTF-8
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UuidCreate
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UuidToStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UxTheme.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
uz-Latn-UZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
v = partial.length === 0 ? '[]' : gap ?
Ansi based on Dropped File
(orchestrator.html)
v = partial.length === 0 ? '{}' : gap ?
Ansi based on Dropped File
(orchestrator.html)
v = str(k, value);
Ansi based on Dropped File
(orchestrator.html)
v = walk(value, k);
Ansi based on Dropped File
(orchestrator.html)
v, // The member value.
Ansi based on Dropped File
(orchestrator.html)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0) || "";
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0) || "";
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
v5ToolbarInstalled = v5ToolbarInstalled +" "+v5TlbrID;
Ansi based on Dropped File
(rules.js)
v5toolbarOffered=true;
Ansi based on Dropped File
(rules.js)
v6SatInstalled=v6SatInstalled +" "+ partnerid.value;
Ansi based on Dropped File
(rules.js)
v6SaturationToolbarOfferFlag = false;
Ansi based on Dropped File
(rules.js)
v6SaturationToolbarOfferFlag = true;
Ansi based on Dropped File
(rules.js)
Valid dependent offer index but no offer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
value
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
value = holder[key];
Ansi based on Dropped File
(orchestrator.html)
value = rep.call(holder, key, value);
Ansi based on Dropped File
(orchestrator.html)
value = value.toJSON(key);
Ansi based on Dropped File
(orchestrator.html)
value:
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
value[k] = v;
Ansi based on Dropped File
(orchestrator.html)
vapi32.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
var incumbant_AVIRA = false;
Ansi based on Dropped File
(rules.js)
var name;
Ansi based on Dropped File
(rules.js)
var pid_str = "";
Ansi based on Dropped File
(rules.js)
var PID_to_be_installed = [];
Ansi based on Dropped File
(rules.js)
var PIDs_on_Machine = [];
Ansi based on Dropped File
(rules.js)
var result = 1;
Ansi based on Dropped File
(rules.js)
var result;
Ansi based on Dropped File
(rules.js)
var return_JSON = {};
Ansi based on Dropped File
(rules.js)
var t_obj = {id : offers_gen_params.offers[i].id};
Ansi based on Dropped File
(rules.js)
var to_be_installed = [];
Ansi based on Dropped File
(rules.js)
var ttt = offers_gen_params.offers[i].id;
Ansi based on Dropped File
(rules.js)
var all_browsers;
Ansi based on Dropped File
(rules.js)
var cascade_count = 0;
Ansi based on Dropped File
(rules.js)
var checkness;
Ansi based on Dropped File
(rules.js)
var checkness_parts = checkness[i].split(':');
Ansi based on Dropped File
(rules.js)
var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");
Ansi based on Dropped File
(rules.js)
var current_time = new Date();
Ansi based on Dropped File
(rules.js)
var CUTOVER_DATE = new Date(2013, 05, 26);
Ansi based on Dropped File
(rules.js)
var default_browser;
Ansi based on Dropped File
(rules.js)
var defaultbrowserAppPath;
Ansi based on Dropped File
(rules.js)
var defaultbrowserPath;
Ansi based on Dropped File
(rules.js)
var incumbentPartnerRegPath;
Ansi based on Dropped File
(rules.js)
var installed_toolbars;
Ansi based on Dropped File
(rules.js)
var is_saturation_offer = false;
Ansi based on Dropped File
(rules.js)
var list_1 = tb_type_1.split(",");
Ansi based on Dropped File
(rules.js)
var list_2 = tb_type_2.split(",");
Ansi based on Dropped File
(rules.js)
var lu_table = [["cr", "ie", "ff"], ["ie", "cr", "ff"], ["ff", "cr", "ie"]];
Ansi based on Dropped File
(rules.js)
var lu_table = [["cr", "ie", "ff"], ["ie", "cr", "ff"], ["ff", "cr", "ie"]]; if (!p_browser) return p_browser; if (cascade_count <= 0) return p_browser; if (cascade_count >=3) return ""; for (var i = 0; i < lu_table.length; ++i) { if (lu_table[i][0] === p_browser) { return lu_table[i][cascade_count]; } } return ""; } // CascadeThroughBrowsers(p_browser, cascade_count) function MoreToCascade(cascade_count, potential_browser, run_cycle) // ==> bool { if (!run_cycle) return false; if (cascade_count >= 3) return false; if (potential_browser) return false; return true; } // MoreToCascade function CheckVersion(p_browser) // ==>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var MAX_NUMBER_OF_TOOLBARS_ON_BROWSER = 3;
Ansi based on Dropped File
(rules.js)
var MAX_NUMBER_OF_TOOLBARS_ON_MACHINE = 3;
Ansi based on Dropped File
(rules.js)
var name;
Ansi based on Dropped File
(rules.js)
var offer_id = GetOfferID(param);
Ansi based on Dropped File
(rules.js)
var offer_ids = param.split('-');
Ansi based on Dropped File
(rules.js)
var offer_ids = param.split('-')[0].split('|');
Ansi based on Dropped File
(rules.js)
var offer_type = offers_gen_params.offers[i].offerType || "";
Ansi based on Dropped File
(rules.js)
var Offers = {};
Ansi based on Dropped File
(rules.js)
var offers_gen_params;
Ansi based on Dropped File
(rules.js)
var offertype_is_toolbar = false;
Ansi based on Dropped File
(rules.js)
var p_param = param.split("|");
Ansi based on Dropped File
(rules.js)
var partners = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var pids = {};
Ansi based on Dropped File
(rules.js)
var potential_browser;
Ansi based on Dropped File
(rules.js)
var primary_toolbar_ok_to_present = 1;
Ansi based on Dropped File
(rules.js)
var ps_check = PrimarySaturationCheck (offer_id);
Ansi based on Dropped File
(rules.js)
var r1 = toolbar_id.match(reg_exp);
Ansi based on Dropped File
(rules.js)
var r2;
Ansi based on Dropped File
(rules.js)
var reg_exp = /-?(V5|V6|V7)$/i;
Ansi based on Dropped File
(rules.js)
var result = [];
Ansi based on Dropped File
(rules.js)
var return_JSON;
Ansi based on Dropped File
(rules.js)
var return_obj = {};
Ansi based on Dropped File
(rules.js)
var show_logger = true;
Ansi based on Dropped File
(rules.js)
var target_browser = "";
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.orBr);
Ansi based on Dropped File
(rules.js)
var tb_incumbent_path = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
var tb_path = tb_incumbent_path + partners[i] + "\\Macro\\"
Ansi based on Dropped File
(rules.js)
var toolbar_id = "";
Ansi based on Dropped File
(rules.js)
var toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
var toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
var toolbar_type = "";
Ansi based on Dropped File
(rules.js)
var toolbars_on_browser = "";
Ansi based on Dropped File
(rules.js)
var toolbars_on_cr;
Ansi based on Dropped File
(rules.js)
var toolbars_on_ff;
Ansi based on Dropped File
(rules.js)
var toolbars_on_ie;
Ansi based on Dropped File
(rules.js)
var pid_name = installed_toolbars[i].PID;
Ansi based on Dropped File
(rules.js)
var AviraToolbarPresentAskSecureOfferRejected = "19: Avira Toolbar present, Ask secure offer rejected";
Ansi based on Dropped File
(rules.js)
var AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented = "22:Avira V6 new Install offer rejected, Avira V6 Upgrade Offer/Ask Secure Offer presented";
Ansi based on Dropped File
(rules.js)
var OldClientAskSecureOfferNotSupported = "24:Old Client AskSecure offer not supported";
Ansi based on Dropped File
(rules.js)
var PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected = "23:Primary Toolbar Offer presented, The default primary offer rejected";
Ansi based on Dropped File
(rules.js)
var v7_result = v7installChecker(param);
Ansi based on Dropped File
(rules.js)
var AFRegistryPath;
Ansi based on Dropped File
(rules.js)
var AlreadyAtMaxNumberOfPartnersPerBrowser = "34:Already At Maximum Number of Partners Per Browser";
Ansi based on Dropped File
(rules.js)
var AnchorFreeUnsupportedOS = "18: AnchorFree unsupported OS XP or Vista 64bit ";
Ansi based on Dropped File
(rules.js)
var arrParamNames = new Array(arrURLParams.length);
Ansi based on Dropped File
(orchestrator.html)
var arrParams = sURL.split("?");
Ansi based on Dropped File
(orchestrator.html)
var arrParamValues = new Array(arrURLParams.length);
Ansi based on Dropped File
(orchestrator.html)
var arrURLParams = arrParams[1].split("&");
Ansi based on Dropped File
(orchestrator.html)
var AskSecureToolbarPresentAviraOfferRejected = "20:Ask Secure toolbar present, Avira offer rejected";
Ansi based on Dropped File
(rules.js)
var AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit = "20: Audials offer not eligible as unsupported OS XP 32 or Vista 64 bit";
Ansi based on Dropped File
(rules.js)
var AviraV6InstallOfferPresentedAviraV6UpgradeRejected = "21:Avira V6 new Install offer presented, Avira V6 Upgrade rejected";
Ansi based on Dropped File
(rules.js)
var blocklistedPartner = "5:Block V6 ? New toolbar listed in the block list";
Ansi based on Dropped File
(rules.js)
var BlockListV6IncumbentToolbarIsListedInLockList = "6:Block list v6 - incumbent toolbar is listed as block list ";
Ansi based on Dropped File
(rules.js)
var c = meta[a];
Ansi based on Dropped File
(orchestrator.html)
var checkObj;
Ansi based on Dropped File
(rules.js)
var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");
Ansi based on Dropped File
(rules.js)
var CHROME="Google Chrome";
Ansi based on Dropped File
(rules.js)
var cpuSpeed;
Ansi based on Dropped File
(rules.js)
var CPUSpeedLessThan1000MHZ = "14:CPU speed less than 1000 MHZ ";;
Ansi based on Dropped File
(rules.js)
var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
Ansi based on Dropped File
(orchestrator.html)
var defaultBrowser;
Ansi based on Dropped File
(rules.js)
var defaultbrowserAppPath;
Ansi based on Dropped File
(rules.js)
var defaultbrowserPath;
Ansi based on Dropped File
(rules.js)
var defBrowser="";
Ansi based on Dropped File
(rules.js)
var diskFreeSize;
Ansi based on Dropped File
(rules.js)
var DPRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\DealPly","InstallStatus",0);
Ansi based on Dropped File
(rules.js)
var FIREFOX="firefox";
Ansi based on Dropped File
(rules.js)
var getIEversion ="";
Ansi based on Dropped File
(rules.js)
var getIEversion=browser.ieVersion;
Ansi based on Dropped File
(rules.js)
var hidePtnrSecondaryOffer=getURLParameters("hideSecondary");
Ansi based on Dropped File
(orchestrator.html)
var i = 0;
Ansi based on Dropped File
(orchestrator.html)
var i, // The loop counter.
Ansi based on Dropped File
(orchestrator.html)
var i, l, d;
Ansi based on Dropped File
(rules.js)
var i;
Ansi based on Dropped File
(orchestrator.html)
var IE="Internet Explorer";
Ansi based on Dropped File
(rules.js)
var incumbentPartnerIDs="";
Ansi based on Dropped File
(rules.js)
var incumbentPartnerList = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var incumbentPartnerRegPath;
Ansi based on Dropped File
(rules.js)
var incumbentPartners;
Ansi based on Dropped File
(rules.js)
var incumbentTbType;
Ansi based on Dropped File
(rules.js)
var incumbentTlbrList;
Ansi based on Dropped File
(rules.js)
var IneligibleChrome = "3:Ineligible Chrome";
Ansi based on Dropped File
(rules.js)
var inputBrowserTypeNotSupported = "27:Input Browser Type is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputCRBrowserVersionNotSupported = "29:CR Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputCRBrowserVersionNotSupported = "29:CR Browser Version Is NOT Supported";var inputFFBrowserVersionNotSupported = "30:FF Browser Version Is NOT Supported";var PIDsAreSameOnSameBrowser = "31:PIDs Are the Same, On the Same Browser";var toolbarTypeCollision = "32:On the Same Browser, Toolbar Types Collide";var PIDIsOnBlockedList = "33:PID is on Block List"var AlreadyAtMaxNumberOfPartnersPerBrowser = "34:Already At Maximum Number of Partners Per Browser";var uniquePIDTbType = "35:Toolbar Type is already owned by PID";var jsonString={ "blocklistedPartners": ["FTB","FTB4","OVO2","WCL2","WCL3"], "makeofferdisabled": ["WCL2","ACDS","ADS","AF3-SRS","AGH","ALSV5-DL","AM2","AM3","AMG","APLV5","APL1V5","APL2V5","ATR","ATU","ATU-DL","ATU-ASK","ATU-QBD","ATU-SRS"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var inputFFBrowserVersionNotSupported = "30:FF Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputIEBrowserVersionNotSupported = "28:IE Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var installedPartners = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var installedToolbars = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var isIE9extnenabled="";
Ansi based on Dropped File
(rules.js)
var j;
Ansi based on Dropped File
(orchestrator.html)
var JSON;
Ansi based on Dropped File
(orchestrator.html)
var jsonString={
Ansi based on Dropped File
(rules.js)
var k, v, value = holder[key];
Ansi based on Dropped File
(orchestrator.html)
var key;
Ansi based on Dropped File
(rules.js)
var MachineDiskFreeSpaceLessThan2000MB = "15:64 bit machine Disk free space less than 2000MB ";
Ansi based on Dropped File
(rules.js)
var MachineDiskFreeSpaceLessThan850MB = "16:32 bit machine Disk free space less than 850MB ";
Ansi based on Dropped File
(rules.js)
var maxNumberOfPartnersExceeded = "25:Maximum Number of Unique Partners Already Exists";
Ansi based on Dropped File
(rules.js)
var n;
Ansi based on Dropped File
(rules.js)
var n=0;
Ansi based on Dropped File
(rules.js)
var NortonSafeSearchToolbarInstalled = "17:Norton Safe search Toolbar installed";
Ansi based on Dropped File
(rules.js)
var nortonToolbarKey;
Ansi based on Dropped File
(rules.js)
var obj = {
Ansi based on Dropped File
(rules.js)
var objectModel = {};
Ansi based on Dropped File
(objectmodel.js)
var objectModel = {};objectModel.initialized = false;function init() { if (objectModel.initialized === false && typeof window !== "undefined" && typeof window.external !== "undefined") { logger = {}; _logger = window
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
var offerAviraV6NewInstall = false;
Ansi based on Dropped File
(rules.js)
var overinstallFlag=false;
Ansi based on Dropped File
(rules.js)
var paramName;
Ansi based on Dropped File
(orchestrator.html)
var params = Array.prototype.slice.call(arguments, 1);
Ansi based on Dropped File
(orchestrator.html)
var partnerid =new partneridfunc();
Ansi based on Dropped File
(rules.js)
var partnerID;
Ansi based on Dropped File
(rules.js)
var partnerRegPath="";
Ansi based on Dropped File
(rules.js)
var physicalMemory;
Ansi based on Dropped File
(rules.js)
var PIDIsOnBlockedList = "33:PID is on Block List"
Ansi based on Dropped File
(rules.js)
var PIDsAreSameOnSameBrowser = "31:PIDs Are the Same, On the Same Browser";
Ansi based on Dropped File
(rules.js)
var pipPartnerID = getURLParameters("PIPPID");
Ansi based on Dropped File
(orchestrator.html)
var precheckSecondary = "10:Secondary offer rejected as Manycam Saturation offer was made";
Ansi based on Dropped File
(rules.js)
var primaryTlbrID = getURLParameters("PTBPartnerID");
Ansi based on Dropped File
(orchestrator.html)
var primaryToolbarOfferFlag=false;
Ansi based on Dropped File
(rules.js)
var PriorToolbarType_Vanilla_SecureVanilla = "4:Prior toolbar type(Vanilla)/Secure Vanilla ";
Ansi based on Dropped File
(rules.js)
var productVersion =system.getProductVersion(productCode);
Ansi based on Dropped File
(rules.js)
var PTRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Paltalk","InstallerAppDir",0);
Ansi based on Dropped File
(rules.js)
var reasonString="";
Ansi based on Dropped File
(rules.js)
var registryPath;
Ansi based on Dropped File
(rules.js)
var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";
Ansi based on Dropped File
(rules.js)
var registryValue=system.getRegValue(registryPath,regValue,n);
Ansi based on Dropped File
(rules.js)
var regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";
Ansi based on Dropped File
(rules.js)
var regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";var checkObj;var n;var registryPath;var regValue="";var partnerID;v
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
var regValue="";
Ansi based on Dropped File
(rules.js)
var satTlbrID = getURLParameters("STBPartnerID");
Ansi based on Dropped File
(orchestrator.html)
var SCRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Speedchecker Limited\\PC Speed Up","Uninstaller",0);
Ansi based on Dropped File
(rules.js)
var secondaryOfferInstalled = "11:Secondary Offer was not made as offer already exists";
Ansi based on Dropped File
(rules.js)
var secondaryOfferRejected = "9:Secondary offer rejected as Primary or Saturation offer was made";
Ansi based on Dropped File
(rules.js)
var SFRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\AppDataLow\\Software\\superfish","InstallStatus",0);
Ansi based on Dropped File
(rules.js)
var showSecondaryOffer=true;
Ansi based on Dropped File
(rules.js)
var SideBySideLimitExceeded = "8:Side by side limit exceeded";
Ansi based on Dropped File
(rules.js)
var sParam = arrURLParams[i].split("=");
Ansi based on Dropped File
(orchestrator.html)
var sURL = window.document.URL.toString();
Ansi based on Dropped File
(orchestrator.html)
var SystemPhysicalMemoryIsVeryLow = "17:System Physical Memory is very low";
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.cmdBr);
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.dfBr);
Ansi based on Dropped File
(rules.js)
var tbType=getURLParameters("tbType");
Ansi based on Dropped File
(orchestrator.html)
var tbtypeOfBlockPIDNotEqual = "26:A Toolbar Type is of type block, PIDs are NOT equal";
Ansi based on Dropped File
(rules.js)
var toolbarDisableFlag="";
Ansi based on Dropped File
(rules.js)
var toolbarID;
Ansi based on Dropped File
(rules.js)
var toolbarRegPath;
Ansi based on Dropped File
(rules.js)
var toolbars_on_browser = [];
Ansi based on Dropped File
(rules.js)
var toolbarTypeCollision = "32:On the Same Browser, Toolbar Types Collide";
Ansi based on Dropped File
(rules.js)
var UBRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Uniblue\\SpeedUpMyPC","InstalledLocation",0);
Ansi based on Dropped File
(rules.js)
var uniquePIDTbType = "35:Toolbar Type is already owned by PID";
Ansi based on Dropped File
(rules.js)
var unsupportedBrowser = "2:Unsupported default browser";
Ansi based on Dropped File
(rules.js)
var UnsupportedOSXP64bit = "11:Unsupported OS XP 64 bit";
Ansi based on Dropped File
(rules.js)
var v5Offerpresented = "7:Saturation offer was not made because primary offer was made";
Ansi based on Dropped File
(rules.js)
var v5TlbrID;
Ansi based on Dropped File
(rules.js)
var v5ToolbarInstalled = "1:Offer cannot be installed as offer already exists";
Ansi based on Dropped File
(rules.js)
var v5toolbarOffered = false;
Ansi based on Dropped File
(rules.js)
var V6OfferAlreadyPresentWithSamePartnerID = "1:V6 Offer already present with same partnerID";
Ansi based on Dropped File
(rules.js)
var v6SatInstalled = "4:Prior toolbar typet (Shopping)";
Ansi based on Dropped File
(rules.js)
var v6SaturationToolbarOfferFlag = false;
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.cr, 10);
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.ff, 10);
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.ie, 10);
Ansi based on Dropped File
(rules.js)
var version=getURLParameters("version");
Ansi based on Dropped File
(orchestrator.html)
var versionresult=cmpVersions(clientversion,"2.6.8.0");
Ansi based on Dropped File
(rules.js)
var versionValue=cmpVersions(version,"2.6.12.1");
Ansi based on Dropped File
(rules.js)
var winServicePackRegValue;
Ansi based on Dropped File
(rules.js)
var XPServicePackNotCompatible = "13:XP Service Pack not compatible ";
Ansi based on Dropped File
(rules.js)
varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || "";
Ansi based on Dropped File
(rules.js)
VarFileInfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\";
Ansi based on Dropped File
(rules.js)
varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Macro\\";
Ansi based on Dropped File
(rules.js)
vartb_type = pipgetRegValue (partner_path, "tb-type", 0) || "";
Ansi based on Dropped File
(rules.js)
vartb_type = pipgetRegValue (tb_path, "tb-type", 0) || "";
Ansi based on Dropped File
(rules.js)
vector<T> too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSign Trust Network1:08
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSign Trust Network1;09
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSign, Inc.1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSignMPKI-2-80
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VerQueryValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
version
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Version
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
VERSION.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
version="
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
version="%s"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VersionString
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
vertical
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
vi-VN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
vice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
VirtualAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualProtect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualQuery
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
vista
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Visual C++ CRT: Not enough memory to complete call to strerror.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VSORootWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VstrOfferIDWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on execution thread failure
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on execution thread success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on mutex returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on thread handle result %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait result for DefaultUiReadyTimeout returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait result on new time returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitForDownloadCompleteInternal File Name %s BytesTotal %I64d BytesTransferred %I64d FileIndex %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitForMultipleObjects
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitForSingleObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waitforsingleobject failed Last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waiting for show UI signal.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waitwindow not found
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitWnd %x WaitWnd PID %d WaitWnd TID %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
walk({'': j}, '') : j;
Ansi based on Dropped File
(orchestrator.html)
WARE\Microsoft\Internet Explorer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ware\Microsoft\Windows\Shell\Associations\UrlAssociations\http\userchoice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
watchWnd
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
watchwndCreatedByChild
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
watchWndLookupMaxTimeout
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wednesday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Western Cape1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WFType=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
while (MoreToCascade(cascade_count, potential_browser, run_cycle)); return potential_browser; function CheckForBlockedPID() { var PID_to_be_installed = []; var PIDs_on_Machine = []; PID_to_be_installed.push(toolbar_to_be_installed.PID); for (var i = 0, N = installed_toolbars.length; i < N; ++i) { PIDs_on_Machine.push(installed_toolbars[i].PID); } if (PIDOnBlockedList(PIDs_on_Machine) || PIDOnBlockedList(PID_to_be_installed) ) { if (show_logger) logger.log(" PID on Blocked List: " + JSON.stringify(PIDs_on_Machine) + " and " + JSON.stringify(toolbar_to_be_installed) + "\n"); reasonString = PIDIsOnBlockedList + " " + toolbar_to_be_installed.PID; return true; } return false; function PIDOnBlockedList(p_toolbartypes) // ==> bool
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
WideCharToMultiByte
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
width
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Width
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Win31FileSystem
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
windows
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
WinExec
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
WININET.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
winServicePackRegValue=pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion","CSDVersion",0);
Ansi based on Dropped File
(rules.js)
WinSock 2.0 Provider ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
WinSock_Registry_Version
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
WINTRUST.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WinVerifyTrust
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
with params
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WM_ATLGETCONTROL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WM_ATLGETHOST
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
wnloader(BITS)::InitializeBITS::CoInitializeSecurity : Error = 0x%X - %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
wo-SN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
WriteConsoleW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WriteFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WriteRegister()... name:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Writes a message to the console and opens a nested block to indent all future messages sent to the console. Call console.groupEnd() to close the block.WWW1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WS2_32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ws2_32NumHandleBuckets
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Ws2_32SpinCount
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
WSA Startup error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WTL_ColorHyperLink
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WUSER32.DLL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
www.ask.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
www.google.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
xh-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
xp 64
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
xt failed with error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
xtWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
y_local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
YDeleteMemberByDispID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
yo-NG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ypipPartnerName=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
YTES_TOTAL}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
yxiOO
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
zh-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
zh-Hans
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
zh-TW
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ZstrNameW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
zu-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
{ for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = walk(value, k); if (v !== undefined) { value[k] = v; } else { delete value[k]; } } } } return reviver.call(holder, key, value); }// Parsing happens in four stages. In the first stage, we replace certain// Unicode characters with escape sequences. JavaScript handles many characters// incorrectly, either silently deleting them, or treating them as line endings. text = String(text); cx.lastIndex = 0; if (cx.test(text)) { text = text.replace(cx, function (a) { return '\\u' + ('0000' + a.charCodeAt(0).toStri
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (jsonString.blocklistedPartners.length === 0) return false; for (var i = 0; i < p_toolbartypes.length; ++i) { for (var j = 0; j < jsonString.blocklistedPartners.length; ++j) { if (jsonString.blocklistedPartners[j] === p_toolbartypes[i]) return true; } } return false; } // PIDOnBlockedList } // CheckForBlockedPID function UniquePIDTbType() { for (var i = 0; i < installed_toolbars.length; ++i) { if (TbTypesIntersect(installed_toolbars[i].tb_type, toolbar_to_be_installed.tb_type)) { if (installed_toolbars[i].PID != toolbar_to_be_installed.PID) { reasonString = uniquePIDTbType;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (this.cache[i].result) return this.cache[i].result; } } return {};} // Offers.RetrieveResultOffers.OfferedToolbars = function (installed_toolbars, offer_id){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) return; if (this.cache[i].tb_info && this.cache[i].tb_info.PID) installed_toolbars.push(this.cache[i].tb_info); } } // Offers.OfferedToolbarsOffers.StoreResult = function (offer_id, result, toolbar_to_be_installed){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) { this.cache[i].result = result; this.cache[i].tb_info = toolbar_to_be_installed; break; } } for (++i; i < this.cache.length; ++i) { delete this.cache[i].result; }} // Offers.StoreResultfunction InstallCheck(param){ i
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (offers_gen_params.offers[i].id === p_offer_id) { toolbar_type = offers_gen_params.offers[i].tbType || ""; toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; break; } } var reg_exp = /-?(V5|V6|V7)$/i; var r1 = toolbar_id.match(reg_exp); var r2; var current_time = new Date(); if (current_time > CUTOVER_DATE) { if (r1) { r2 = toolbar_id.slice(0, -r1[0].length); if (r1[0].length === 3) r2 += "-V7"; else r2 += "V7"; } else { r2 = toolbar_id + "-V7" } toolbar_id = r2; } var obj = { PID : toolbar_id, tb_type : toolbar_type }; return obj;} // GetToolbarInfofunction v7installChecker(param) { var MAX_NUMBER_OF_TOOLBARS_ON_BROWSER = 3; var MAX_NUMBER_OF_TO
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{blocklistedPartner=blocklistedPartner+" "+primaryTlbrID;return getReasonCode(blocklistedPartner);}if(!isV6TlbrEligible()){v6SaturationToolbarOfferFlag = false;return getReasonCode(reasonString);}}catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function partneridfunc(){this.value="";}function offerV6SaturationToolbar(){try{var partnerid =new partneridfunc();if(v6SaturationToolbarOfferFlag) {return getReasonCode(v5Offerpresented);}showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowser(satTlbrID)){return getReasonCode(unsupportedBrowser);}if (isBlockListed(satTlbrID)){return getReasonCode(blocklistedPartner);}if (isSaturationInstalled(partnerid)){v6SatInstalled=v6SatInstalled +" "+ partnerid.value;return getReasonCode(v6SatInstalled);}showSecondaryOffer = false;return true;}catch(e)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{BYTES_TOTAL}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{BYTES_XFER}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{current}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{downloads}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{FILENAME}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{funnelid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{locale}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{mydocuments}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{partnerid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{PERCENT}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{SPEED}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
{temp}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{version}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{}return false;}function checkOverinstall() {try{var getIEversion ="";var isIE9extnenabled="";var toolbarDisableFlag="";var getIEversion=browser.ieVersion;if(parseInt(getIEversion) > 8){parseInt(isIE9extnenabled,2)=system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Approved Extensions","{D4027C7F-154A-4066-A1AD-4243D8127440}",0);}toolbarDisableFlag = system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{D4027C7F-154A-4066-A1AD-4243D8127440}","Flags",0);if ( parseInt(toolbarDisableFlag) == 64 || parseInt(toolbarDisableFlag) == 1){return true;}}catch(e){if(parseInt(getIEversion) > 8){if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 3"){return false;}if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 0"){return true;}}if(e.message =="CSystemUtil::getRegValue Failed : Un
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
|$89|$(t4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
|pHWNDWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
|| ""; result.push({PID: partners[i], tb_type : tb_type, browser : "ie"}); result.push({PID: partners[i], tb_type : tb_type, browser : "ff"}); result.push({PID: partners[i], tb_type : tb_type, browser : "cr"}); } } // // V7 // if (!isEmpty(partners)) { if(is64Bit()) incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\"; else incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; var tb_incumbent_path = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; for (i = 0; i < partners.length; ++i) { varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\"; var tb_path = tb_incumbent_path + partners[i] + "\\Macro\\" varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || ""; vartb_type = pipgetRegValue (tb_path, "tb-type", 0) || ""; if (browsers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
} // CanBeInstalled
Ansi based on Dropped File
(rules.js)
} // CascadeThroughBrowsers(p_browser, cascade_count)
Ansi based on Dropped File
(rules.js)
} // CheckForBlockedPID
Ansi based on Dropped File
(rules.js)
} // CheckVersion
Ansi based on Dropped File
(rules.js)
} // defaultBrowser
Ansi based on Dropped File
(rules.js)
} // GetInstalledToolbars
Ansi based on Dropped File
(rules.js)
} // GetOfferID
Ansi based on Dropped File
(rules.js)
} // GetToolbarInfo
Ansi based on Dropped File
(rules.js)
} // GetToolbarsOnBrowser
Ansi based on Dropped File
(rules.js)
} // incumbantAVIRACheck
Ansi based on Dropped File
(rules.js)
} // InstallCheck
Ansi based on Dropped File
(rules.js)
} // isObjEmpty
Ansi based on Dropped File
(rules.js)
} // isSaturationOffer
Ansi based on Dropped File
(rules.js)
} // isUniquePIDOnMachine
Ansi based on Dropped File
(rules.js)
} // MoreToCascade
Ansi based on Dropped File
(rules.js)
} // Offers.Check
Ansi based on Dropped File
(rules.js)
} // Offers.OfferedToolbars
Ansi based on Dropped File
(rules.js)
} // Offers.RetrieveResult
Ansi based on Dropped File
(rules.js)
} // Offers.StoreResult
Ansi based on Dropped File
(rules.js)
} // PIDOnBlockedList
Ansi based on Dropped File
(rules.js)
} // Result
Ansi based on Dropped File
(rules.js)
} // TbTypesIntersect
Ansi based on Dropped File
(rules.js)
} // ToolbarInfo
Ansi based on Dropped File
(rules.js)
} // toolbarsHaveTypeBlock
Ansi based on Dropped File
(rules.js)
} // UniquePIDTbType
Ansi based on Dropped File
(rules.js)
} // v7installChecker
Ansi based on Dropped File
(rules.js)
} // ValidBrowser(p_browser)
Ansi based on Dropped File
(rules.js)
} catch (e)
Ansi based on Dropped File
(rules.js)
} catch (x) {
Ansi based on Dropped File
(objectmodel.js)
} catch(e)
Ansi based on Dropped File
(rules.js)
} catch(e) {
Ansi based on Dropped File
(orchestrator.html)
} else if (typeof space === 'string') {
Ansi based on Dropped File
(orchestrator.html)
} else {
Ansi based on Dropped File
(rules.js)
} while (MoreToCascade(cascade_count, potential_browser, run_cycle));
Ansi based on Dropped File
(rules.js)
}());
Ansi based on Dropped File
(orchestrator.html)
}) + '"' : '"' + string + '"';
Ansi based on Dropped File
(orchestrator.html)
}// If the replacer is an array, use it to select the members to be stringified. if (rep && typeof rep === 'object') { length = rep.length; for (i = 0; i < length; i += 1) { if (typeof rep[i] === 'string') { k = rep[i]; v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } } else {// Otherwise, iterate through all of the keys in the object. for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } }// Join all of the member
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
}?2g[]a`T_
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}catch (e)
Ansi based on Dropped File
(rules.js)
}catch(e)
Ansi based on Dropped File
(rules.js)
}catch(e){
Ansi based on Dropped File
(rules.js)
}else
Ansi based on Dropped File
(rules.js)
}else {
Ansi based on Dropped File
(rules.js)
}else{
Ansi based on Dropped File
(rules.js)
}if(isEmpty(incumbentPartners)){return incumbentPartnerIDs;}incumbentPartnerIDs = incumbentPartners.split(",");}catch (e){}return incumbentPartnerIDs;}function isBlockListed(tlbrID) {try {for(var j=0; j<jsonString.blocklistedPartners.length;j++){if(tlbrID == jsonString.blocklistedPartners[j]) {return true;}}} catch (e){}return false;}function getReasonCode(reasonDescription) {if(isLatestClient(version)) return reasonDescription;return false;}function v6eligibleChecklist(partnerID,incPartners){try{var incumbentTbType;var incumbentPartnerRegPath;if(incPartners.length < 1 || incPartners.length >= 4) {reasonString = SideBySideLimitExceeded;return false; }for(var k=0; k<incPartners.length;k++){incumbentPartnerRegPath= getIncbumbentRegPath(incPartners[k]);incumbentTbType = pipgetRegValue(incumbentPartnerRegPath,"tb-type",0);if(partnerID == incPartners[k]){reasonSt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
}varResultWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"%d.%d.%d.%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
", browser : "ie"}); result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ff"}); result.push({PID: v5TlbrID, tb_type : "ALL", browser : "cr"}); } // // V6 // var partners = getIncumbentPartners(); var incumbentPartnerRegPath; if (!isEmpty(partners)) { if(is64Bit()) incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\"; else incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; for (i = 0; i < partners.length; ++i) { // Check if V7 toolbar, if so go to next; varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\"; varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || ""; if (browsers) continue; varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Macro\\"; vartb_type = pipgetRegValue (partner_path, "tb-type", 0)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
",0);if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}}if(!isEmpty(defaultBrowser)){if(defaultBrowser.toLowerCase().indexOf("firefox.exe") > -1){ defBrowser =FIREFOX;return true;}if(defaultBrowser.toLowerCase().indexOf("iexplore.exe") > -1 ){defBrowser =IE;return true;}if(defaultBrowser.toLowerCase().indexOf("chrome") > -1 && makeoffer(partnerID)) {defBrowser =CHROME;return true;}n=defaultBrowser.lastIndexOf("\\");if(n==-1) n=0;defBrowser=defaultBrowser.substring(n,defaultBrowser.length-1);defBrowser=defBrowser.replace(/[^\w\s]/gi, '');unsupportedBrowser=unsupportedBrowser+defBrowser;} } catch (e){}return false;}function isV5TlbrEligible(){try{var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");if(isEmpty(checkV5Installed)) return true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"\Google\Chrome\User Data\Default\Preferences
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AVERYERROR.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AXBX","BBY","BBY-SRS","BBY2","BBY2-SRS","BCC","BCPAP","BUD","BLP-DL","BGM","BOO","BOO2","BS","BT-SRS-T3","BT-T1","BT-T2","BT-T3","BT-ASK-T4","BUD","BW","C2P","CCS","CDS","CDS2","CDS3","CDS4","CEBV5","CFTPV5","CFTP2V5","CIE","CLA","CLM-DL","CNB","CNET","CNET2","CNET3","CPUID-DL","CPUID-ST","CS","CS-ST","CS2","CS3","CWN","DAT","DDI","DDIS","DDIS2","DGY","DIG-A","DIG-N","DIG-OFF","DIG-ON","DIG-P","DIG-S","DNA","DNA2","DPO","DVDX","DVDX2","EAC","F-CT","F-ET","FAC","FF2-DL","FJS","FKR","FLV","FM","FTB","FTB2","FTB3","FW-ASK","FW-QBD","FW-SRS","FWT","FW2V5","FXTV5-DL","GAM4","GAM-ASK-T4","GAM-SRS","GAM-SRS-T3","GAM-QBD","GAM-T1","GAM-T2","GAM-T3","GET-SRS","GET2-SRS","GET3-SRS","GGSV5","GGSV5-DL","GOM","GYG","HIY-SRS","HULU","ICM-SRS","IEAK9","IMB","IMB-DL","IMT","JDR","JMYV5","KG-ASK","KYT","LMW","LMW2","LMW3","LMW4","LMW-BETA","LMW-BETA2","LOL","LPLV5","LUC","MDG","MEB","MGN","MGX","MMB","MMG","MOV","MOV-DL","MP3","MP3DS","MP3FB","MP3P2","MP3R-ASK","MP3R-DL","MP3R-QBD","MP3R-SRS","MP3R4","MP3R5","MP3R6","MP3SF"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"blocklistedPartners": ["FTB","FTB4","OVO2","WCL2","WCL3"],
Ansi based on Dropped File
(rules.js)
"cmdBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"GeneralParameters":{
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Uniblue\\SpeedUpMyPC","InstalledLocation",0);if(!isEmpty(UBRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isPalTalkEligibleOffer() {try{var PTRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Paltalk","InstallerAppDir",0);if(!isEmpty(PTRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isSuperFishEligibleOffer() {try{var SFRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\AppDataLow\\Software\\superfish","InstallStatus",0);if(!isEmpty(SFRegistryPath) && SFRegistryPath.toLowerCase() =="ok"){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function preCheckSecondaryOffer() {try{if(!v6SaturationToolbarOfferFlag &&!showSecondaryOffer &&(primaryTlbrID.toLowerCase().indexOf("myc") > -1 || satTlbrID.toLowerCase().indexOf("myc-sat") >
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"makeofferdisabled": [
Ansi based on Dropped File
(rules.js)
"MP3SW","MP3TR","MP3SD","MPC","MPC2","MROV5","MYC","MYC-ASK","MYC-DL","MYC-SRS","MYC-QBD","NG1V5","NG2V5","NG3V5","NG4V5","NSC-S","NSC-O","NSC-E","NSC-P","NSC-A","NSC-N","NSC-NS","NR1V5","NRV5","NXZ","ORJ-SAT","ORJ2","ORJ2-SAT","OSUB","OTV5","OVO","PCH","PDF","PDF2","PDO","PFN","PLF3","PLF4","PLTV5","PLTV5-DL","PLTV5-DL2","POS","POS2","PTF","PTJ","PTV2","PTV2-DL","PTV5","QSYS","RAD","S99","SBES","SCV5","SDT","SE","SF","SKR","SNAPT","SNP-ST","SP","SP2","SPC","SPT","SRFV5","SS2V5","SS3V5","STC2","STC4","STC-SRS","STC2-SRS","STC3-SRS","STC4-SRS","STK","STK2","STK3","STK4","TEMU","THE","TKR","TM","TMN2","TTB","TTR","TVTYV5","UKT","UNI","URS","VDJ","VRS","VD","VD-DL","VZ3","WBG-DL","WBG-ST","WBM2","WBV5-DL","WCL","WCLV5","WCL2V5","WCR","WCV5","WME","WSV5","WZP","YLC","ZMR","ZTV","ZTV-DL","FBK","FB-BETA","FB-PRO","FB-APP","FB-ASK","FB-OD","FB-SEM","MDF","MDF-BETA","NRO","NRO2","NRO3","UTR","UTR2","WID","WID-BETA"]}function cmpVersions (a, b) { var i, l, d; a = a.split('.'); b = b.split('.');
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"OBJECTMODEL.JS""RULES.JS"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"offers": [
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ORCHESTRATOR.HTML"JAVASCRIPT"JSON.JS"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"TB.PNG""V7TB.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"WCL2","ACDS","ADS","AF3-SRS","AGH","ALSV5-DL","AM2","AM3","AMG","APLV5","APL1V5","APL2V5","ATR","ATU","ATU-DL","ATU-ASK","ATU-QBD","ATU-SRS","AXBX","BBY","BBY-SRS","BBY2","BBY2-SRS","BCC","BCPAP","BUD","BLP-DL","BGM","BOO","BOO2","BS","BT-SRS-T3","BT-T1","BT-T2","BT-T3","BT-ASK-T4","BUD","BW","C2P","CCS","CDS","CDS2","CDS3","CDS4","CEBV5","CFTPV5","CFTP2V5","CIE","CLA","CLM-DL","CNB","CNET","CNET2","CNET3","CPUID-DL","CPUID-ST","CS","CS-ST","CS2","CS3","CWN","DAT","DDI","DDIS","DDIS2","DGY","DIG-A","DIG-N","DIG-OFF","DIG-ON","DIG-P","DIG-S","DNA","DNA2","DPO","DVDX","DVDX2","EAC","F-CT","F-ET","FAC","FF2-DL","FJS","FKR","FLV","FM","FTB","FTB2","FTB3","FW-ASK","FW-QBD","FW-SRS","FWT","FW2V5","FXTV5-DL","GAM4","GAM-ASK-T4","GAM-SRS","GAM-SRS-T3","GAM-QBD","GAM-T1","GAM-T2","GAM-T3","GET-SRS","GET2-SRS","GET3-SRS","GGSV5","GGSV5-DL","GOM","GYG","HIY-SRS","HULU","ICM-SRS","IEAK9","IMB","IMB-DL","IMT","JDR","JMYV5","KG-ASK","KYT","LMW","LMW2","LMW3","LMW4","LMW-BETA","LMW-BETA2","LOL","LPLV5","LUC","MDG","MEB","MGN","MGX","MMB","MMG","MOV","MOV-DL","MP3","MP3DS","MP3FB","MP3P2","MP3R-ASK","MP3R-DL","MP3R-QBD","MP3R-SRS","MP3R4","MP3R5","MP3R6","MP3SF","MP3SW","MP3TR","MP3SD","MPC","MPC2","MROV5","MYC","MYC-ASK","MYC-DL","MYC-SRS","MYC-QBD","NG1V5","NG2V5","NG3V5","NG4V5","NSC-S","NSC-O","NSC-E","NSC-P","NSC-A","NSC-N","NSC-NS","NR1V5","NRV5","NXZ","ORJ-SAT","ORJ2","ORJ2-SAT","OSUB","OTV5","OVO","PCH","PDF","PDF2","PDO","PFN","PLF3","PLF4","PLTV5","PLTV5-DL","PLTV5-DL2","POS","POS2","PTF","PTJ","PTV2","PTV2-DL","PTV5","QSYS","RAD","S99","SBES","SCV5","SDT","SE","SF","SKR","SNAPT","SNP-ST","SP","SP2","SPC","SPT","SRFV5","SS2V5","SS3V5","STC2","STC4","STC-SRS","STC2-SRS","STC3-SRS","STC4-SRS","STK","STK2","STK3","STK4","TEMU","THE","TKR","TM","TMN2","TTB","TTR","TVTYV5","UKT","UNI","URS","VDJ","VRS","VD","VD-DL","VZ3","WBG-DL","WBG-ST","WBM2","WBV5-DL","WCL","WCLV5","WCL2V5","WCR","WCV5","WME","WSV5","WZP","YLC","ZMR","ZTV","ZTV-DL","FBK","FB-BETA","FB-PRO","FB-APP","FB-ASK","FB-OD","FB-SEM","MDF","MDF-BETA","NRO","NRO2","NRO3","UTR","UTR2","WID","WID-BETA"]}
Ansi based on Dropped File
(rules.js)
#http://crl.verisign.com/pca3-g5.crl04
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#http://logo.verisign.com/vslogo.gif04
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%4d-%02d-%02dT%02d:%02d:%02d_%2d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%b %d %H : %M : %S %Y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%d / %m / %y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%d.%d.%d.%d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%H : %M : S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%I : %M : %S %p
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%m / %d / %y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s %d %2d/%02d/%04d %02d:%02d:%02d.%03d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&& all_browsers.cr) { var version = parseInt(all_browsers.cr, 10); if (show_logger) logger.log(" CheckVersion of Chrome, version : " + version); if (version > 0) return "cr"; } reasonString = inputCRBrowserVersionNotSupported + " [" + all_browsers.cr + "]"; return ""; } if (p_browser == "ff") { if (all_browsers && all_browsers.ff) { var version = parseInt(all_browsers.ff, 10); if (version > 2) return "ff"; } reasonString = inputFFBrowserVersionNotSupported + " [" + all_browsers.ff + "]"; return ""; } } // CheckVersion function ValidBrowser(p_browser) // ==> string { var toolbars_on_browser = [];
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
&; expires=Sat,01-Jan-2020 00:00:00 GMT;
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&RemoteQueryServiceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'"' : '\\"',
Ansi based on Dropped File
(orchestrator.html)
':') + v); } } } } else {// Otherwise, iterate through all of the keys in the object. for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } }// Join all of the member texts together, separated with commas,// and wrap them in braces. v = partial.length === 0 ? '{}' : gap ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' : '{' + partial.join(',') + '}'; gap = mind; return v; } }// If the JSON object does not yet have a stringify method, give it one. if (typeof JSON.stringify !== 'function') { JSON.stringify = funct
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
'@' (a non-JSON character). Second, we// replace all simple value tokens with ']' characters. Third, we delete all// open brackets that follow a colon or comma or that begin the text. Finally,// we look to see that the remaining characters are only whitespace or ']' or// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval. if (/^[\],:{}\s]*$/ .test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@') .replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']') .replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {// In the third stage we use the eval function to compile the text into a// JavaScript structure. The '{' operator is subject to a syntactic ambiguity// in JavaScript: it can begin a block or an object literal. We wrap the text// in parens to eliminate the ambiguity. j = eval('(' + text + ')');// In the optional fourth stage, we recursively wa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
'[' + partial.join(',') + ']';
Ansi based on Dropped File
(orchestrator.html)
'[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' :
Ansi based on Dropped File
(orchestrator.html)
'\\': '\\\\'
Ansi based on Dropped File
(orchestrator.html)
'\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
Ansi based on Dropped File
(orchestrator.html)
'\b': '\\b',
Ansi based on Dropped File
(orchestrator.html)
'\f': '\\f',
Ansi based on Dropped File
(orchestrator.html)
'\n': '\\n',
Ansi based on Dropped File
(orchestrator.html)
'\r': '\\r',
Ansi based on Dropped File
(orchestrator.html)
'\t': '\\t',
Ansi based on Dropped File
(orchestrator.html)
'{' + partial.join(',') + '}';
Ansi based on Dropped File
(orchestrator.html)
'{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' :
Ansi based on Dropped File
(orchestrator.html)
('0000' + a.charCodeAt(0).toString(16)).slice(-4);
Ansi based on Dropped File
(orchestrator.html)
((((( H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
()... complete.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
(function () {
Ansi based on Dropped File
(orchestrator.html)
(null)
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
(p_installed_toolbars[i].PID.substring(0, 6) === "AVIRA-") )
Ansi based on Dropped File
(rules.js)
(primaryTlbrID)){v6SaturationToolbarOfferFlag = false;return getReasonCode(unsupportedBrowser);}if(!isV5TlbrEligible()){v6SaturationToolbarOfferFlag = false;if(is64Bit()){v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);} else {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);}if(v5TlbrID == primaryTlbrID) v5ToolbarInstalled=v5ToolbarInstalled+"Same Partner ID "+v5TlbrID+"";v5ToolbarInstalled = v5ToolbarInstalled +" "+v5TlbrID;return getReasonCode(v5ToolbarInstalled);} }catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function v6installChecker() {try{showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowser(primaryTlbrID)){v6SaturationToolbarOfferFlag = false;return getReasonCode(unsupportedBrowser);}if(isBlockListed(primaryTlbrID)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
(show_logger) logger.log(" --- Enter InstallCheck with param of : " + JSON.stringify(param)); var is_saturation_offer = false; var return_JSON; var offer_id = GetOfferID(param); var current_time = new Date(); if (current_time > CUTOVER_DATE) { var v7_result = v7installChecker(param); return v7_result; } if (!isSupportedOS() || !isOSServicePackCompatible()) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; return JSON.stringify(return_JSON); } offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); toolbar_to_be_installed = GetToolbarInfo(offer_id); toolbar_to_be_installed.PID = primaryTlbrID; if (Offers.Check(offer_id)) return JSON.stringify(Offers.RetrieveResult(offer_id)); installed_toolbars = installed_to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
(typeof replacer !== 'object' ||
Ansi based on Dropped File
(orchestrator.html)
) {try{var nortonToolbarKey;if(is64Bit()){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);if(isEmpty(nortonToolbarKey)){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);}}else {nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);if(isEmpty(nortonToolbarKey)){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);}}if(!isEmpty(nortonToolbarKey)){logger.log("\r\n******************Norton Toolbar Installed****************");reasonString = NortonSafeSearchToolbarInstalled;return false;}} catch(e){
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
******* PIP Remote Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
*************** PIP Local Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Local Mode start ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Remote Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Remote Mode start ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******Second instance failed to launch******
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******Second instance ran successfully. Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+ p_browser + ">\n"); if (!p_browser) return ""; if (show_logger) logger.log(" Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n"); var pids = {}; for (var i = 0, N = installed_toolbars.length; i < N; ++i) { var pid_name = installed_toolbars[i].PID; pids[pid_name] = 1; } var name; var pid_str = ""; i = 0; for (name in pids) { if (i > 0) pid_str += ","; pid_str += name; if (name === toolbar_to_be_installed.PID) break; ++i; } if (i >= MAX_NUMBER_OF_TOOLBARS_ON_MACHINE) { reasonString = maxNumberOfPartnersExceeded + " [" + pid_str + "]"; return ""; } if (!UniquePIDTbType()) { return ""; } if (CheckForBlockedPID(reasonString)) {
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
++primary_toolbar_ok_to_present; } break; } } } if (primary_toolbar_ok_to_present && is_saturation_offer) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(secondaryOfferRejected, 10); return_JSON.errorDescription = secondaryOfferRejected; } return return_JSON; } function OriginBrowser() { var tb = "" || (all_browsers && all_browsers.orBr); return tb.slice(0, 2); } function DefaultBrowser() { var tb = "" || (all_browsers && all_browsers.dfBr); return tb.slice(0, 2); } function CommandLineBrowser() { var tb = "" || (all_browsers && all_browsers.cmdBr); return tb.slice(0, 2); } function CanBeInstalled(p_browser, run_cycle) // ==> string { if (show_logger) logger.log("\nCanBeInstalled :<"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
+http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Acquisition of context failed with error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error --CryptGetHashParam failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error --ReadFile failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error CryptHashData failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error during CryptBeginHash!
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-1)){return getReasonCode(precheckSecondary);}}catch (e){}return true;}function isSpeedCheckerInstalled() {try{var SCRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Speedchecker Limited\\PC Speed Up","Uninstaller",0);if(!isEmpty(SCRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isOSServicePackCompatible() {try{var winServicePackRegValue;if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1){winServicePackRegValue=pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion","CSDVersion",0);if(!isEmpty(winServicePackRegValue)){if(winServicePackRegValue == "Service Pack 2" || winServicePackRegValue == "Service Pack 2"){reasonString= XPServicePackNotCompatible + winServicePackRegValue;return false;}}}if(window.navigator.appVersion.indexOf("Windows NT 5.2") != -1) { reasonString = Unsupporte
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
-UseLocalServer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.%s PIP UI ready exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
... UI button controls-->
Ansi based on Dropped File
(APNAnalytics.xml)
...%s-->
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.8.1.0
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
.?AU_ATL_MODULE70@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUctype_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAdviseSink@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinAmbientDispatch@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinAmbientDispatchEx@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinHostWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinHostWindowLic@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIBindStatusCallback@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIBrowserInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIClassFactory@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIDispatch@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIDocHostUIHandler@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIEnumUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUILogger@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIObjectWithSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleClientSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleContainer@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleControlSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceFrame@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSiteEx@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSiteWindowless@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceUIWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIParseDisplayName@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIPIPClient@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIPIPRulesExecutor@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIRegistrarBase@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIScriptObject@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIServiceProvider@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISORoot@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISupportErrorInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISystemUtil@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUmessages_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUmoney_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUtime_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_IDispEventLocator@$0A@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Iosb@H@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_fstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ifstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ios@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_iostream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_istream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ofstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAtlModuleT@VCComModule@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAxDialogImpl@VCInstallerDialog@@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAxWindowEx@VCAxView@@@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CBitmapButtonImpl@VCBitmapButton@WTL@@V?$CButtonT@VCWindow@ATL@@@2@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CButtonT@VCWindow@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCAxHostWindow@ATL@@$1?GUID_NULL@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCBrowserInfo@@$1?CLSID_BrowserInfo@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCLoggerSO@@$1?CLSID_Logger@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCPIPClient@@$1?CLSID_PIPClient@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCPIPRuleManager@@$1?CLSID_PIPRuleManager@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCScriptObject@@$1?CLSID_ScriptObject@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCSORoot@@$1?CLSID_SORoot@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCSystemUtil@@$1?CLSID_SystemUtil@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComEnum@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@VCComSingleThreadModel@6@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComEnumImpl@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@V?$CComEnum@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@VCComSingleThreadModel@6@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCAxFrameWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCAxUIWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCBrowserInfo@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCPIPClient@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCSystemUtil@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectNoLock@VCComClassFactory@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectRootEx@VCComMultiThreadModel@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectRootEx@VCComSingleThreadModel@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComPolyObject@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CDialogImplBaseT@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CEditT@VCWindow@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CHyperLinkImpl@VCColorHyperlink@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@_WDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@DDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@GDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxFrameWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxHostWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxTranslateAcclWnd@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxUIWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCBitmapButton@WTL@@V?$CButtonT@VCWindow@ATL@@@2@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorCheckbox@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorHyperlink@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorRadio@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorScrollText@@V?$CEditT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorStatic@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCCustomButton@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCView@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@V?$CButtonT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@V?$CEditT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@V?$CButtonT@VCWindow@ATL@@@WTL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@V?$CEditT@VCWindow@ATL@@@WTL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIAxWinAmbientDispatchEx@@$1?_GUID_b2d0778b_ac99_4c58_a5c8_e7724e5316b5@@3U__s_GUID@@B$1?m_libid@CAtlModule@ATL@@2U_GUID@@A$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIBrowserInfo@@$1?IID_IBrowserInfo@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UILogger@@$1?IID_ILogger@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIPIPClient@@$1?IID_IPIPClient@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIPIPRulesExecutor@@$1?IID_IPIPRulesExecutor@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIScriptObject@@$1?IID_IScriptObject@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UISystemUtil@@$1?IID_ISystemUtil@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispEventSimpleImpl@$0A@V?$CAxWindowEx@VCAxView@@@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IObjectWithSiteImpl@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@_W$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@_W$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@D$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@D$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@G$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@G$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIBrowserInfo@@$1?IID_IBrowserInfo@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UILogger@@$1?IID_ILogger@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIPIPClient@@$1?IID_IPIPClient@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIPIPRulesExecutor@@$1?IID_IPIPRulesExecutor@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIScriptObject@@$1?IID_IScriptObject@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UISystemUtil@@$1?IID_ISystemUtil@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$utf8cvt@$00@stdx@gel@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_com_error@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Generic_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_IDispEvent@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Iostream_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Locimp@locale@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_System_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_cast@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_exception@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVBitmap@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAtlException@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAtlModule@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxFrameWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxHostWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxTranslateAcclWnd@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxUIWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxView@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCBitmapButton@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCBrowserInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorCheckbox@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorHyperlink@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorRadio@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorScrollText@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorStatic@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComClassFactory@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComModule@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComObjectRootBase@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCCustomButton@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCDestroyerAndUrlBinderCallback@CDownloader@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCImage@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCInstallerDialog@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCLoggerSO@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCMessageMap@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVcodecvt_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCOwnerButton@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPClient@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPHost@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPRuleManager@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCRegObject@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCScriptObject@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCSORoot@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCSystemUtil@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCView@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVDefaultValueAllocator@Json@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVerror_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVfacet@locale@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVfailure@ios_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVGdiplusBase@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVImage@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVios_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVlength_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVlogic_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVout_of_range@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVruntime_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVsystem_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlAttribute@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlBase@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlComment@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlDeclaration@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlDocument@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlElement@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlNode@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlText@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVutf_error@stdx@gel@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVValueAllocator@Json@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.http://crl.thawte.com/ThawteTimestampingCA.crl0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.ICColorStaticWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']')
Ansi based on Dropped File
(orchestrator.html)
.replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']') .replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {// In the third stage we use the eval function to compile the text into a// JavaScript structure. The '{' operator is subject to a syntactic ambiguity// in JavaScript: it can begin a block or an object literal. We wrap the text// in parens to eliminate the ambiguity. j = eval('(' + text + ')');// In the optional fourth stage, we recursively walk the new structure, passing// each name/value pair to a reviver function for possible transformation. return typeof reviver === 'function' ? walk({'': j}, '') : j; }// If the text is not JSON parseable, then a SyntaxError is thrown. throw new SyntaxError('JSON.parse'); }; }}());</script><script type="text/javascript" src="./objectModel.js"></script> <script type="text/
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
.replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {
Ansi based on Dropped File
(orchestrator.html)
.test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@')
Ansi based on Dropped File
(orchestrator.html)
// Check if V7 toolbar, if so go to next;
Ansi based on Dropped File
(rules.js)
// check to see if trying to install another AVIRA === OK, or vanilla === OK,
Ansi based on Dropped File
(rules.js)
// Checks to see if AVIRA is already installed on the machine; if so,
Ansi based on Dropped File
(rules.js)
// If cache
Ansi based on Dropped File
(rules.js)
// If we come back to the same page, the offer, as presented before, will be
Ansi based on Dropped File
(rules.js)
// Keeps a cache of offers, by offer id. This will be useful if for previous/next.
Ansi based on Dropped File
(rules.js)
// param is in the form: CurrentID|PreviousID-(checkboxID:(true|false)|)*
Ansi based on Dropped File
(rules.js)
// presented, and ALL subsequent offers will be deleted.
Ansi based on Dropped File
(rules.js)
// secure === NOT OK. Assumes PIDTb collision has already been run.
Ansi based on Dropped File
(rules.js)
// V5
Ansi based on Dropped File
(rules.js)
// V6
Ansi based on Dropped File
(rules.js)
// V7
Ansi based on Dropped File
(rules.js)
// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval.
Ansi based on Dropped File
(orchestrator.html)
// A default replacer method can be provided. Use of the space parameter can
Ansi based on Dropped File
(orchestrator.html)
// a JavaScript value if the text is a valid JSON text.
Ansi based on Dropped File
(orchestrator.html)
// and wrap them in braces.
Ansi based on Dropped File
(orchestrator.html)
// backslash characters, then we can safely slap some quotes around it.
Ansi based on Dropped File
(orchestrator.html)
// because they can cause invocation, and '=' because it can cause mutation.
Ansi based on Dropped File
(orchestrator.html)
// brackets.
Ansi based on Dropped File
(orchestrator.html)
// But just to be safe, we want to reject all unexpected forms.
Ansi based on Dropped File
(orchestrator.html)
// crippling inefficiencies in IE's and Safari's regexp engines. First we
Ansi based on Dropped File
(orchestrator.html)
// Due to a specification blunder in ECMAScript, typeof null is 'object',
Ansi based on Dropped File
(orchestrator.html)
// each name/value pair to a reviver function for possible transformation.
Ansi based on Dropped File
(orchestrator.html)
// for non-JSON patterns. We are especially concerned with '()' and 'new'
Ansi based on Dropped File
(orchestrator.html)
// for non-JSON values.
Ansi based on Dropped File
(orchestrator.html)
// Format integers to have at least two digits.
Ansi based on Dropped File
(orchestrator.html)
// If the JSON object does not yet have a parse method, give it one.
Ansi based on Dropped File
(orchestrator.html)
// If the JSON object does not yet have a stringify method, give it one.
Ansi based on Dropped File
(orchestrator.html)
// If the replacer is an array, use it to select the members to be stringified.
Ansi based on Dropped File
(orchestrator.html)
// If the space parameter is a number, make an indent string containing that
Ansi based on Dropped File
(orchestrator.html)
// If the space parameter is a string, it will be used as the indent string.
Ansi based on Dropped File
(orchestrator.html)
// If the string contains no control characters, no quote characters, and no
Ansi based on Dropped File
(orchestrator.html)
// If the text is not JSON parseable, then a SyntaxError is thrown.
Ansi based on Dropped File
(orchestrator.html)
// If the type is 'object', we might be dealing with an object or an array or
Ansi based on Dropped File
(orchestrator.html)
// If the value has a toJSON method, call it to obtain a replacement value.
Ansi based on Dropped File
(orchestrator.html)
// If the value is a boolean or null, convert it to a string. Note:
Ansi based on Dropped File
(orchestrator.html)
// If there is a replacer, it must be a function or an array.
Ansi based on Dropped File
(orchestrator.html)
// If we were called with a replacer function, then call the replacer to
Ansi based on Dropped File
(orchestrator.html)
// in JavaScript: it can begin a block or an object literal. We wrap the text
Ansi based on Dropped File
(orchestrator.html)
// in parens to eliminate the ambiguity.
Ansi based on Dropped File
(orchestrator.html)
// In the optional fourth stage, we recursively walk the new structure, passing
Ansi based on Dropped File
(orchestrator.html)
// In the second stage, we run the text against regular expressions that look
Ansi based on Dropped File
(orchestrator.html)
// In the third stage we use the eval function to compile the text into a
Ansi based on Dropped File
(orchestrator.html)
// incorrectly, either silently deleting them, or treating them as line endings.
Ansi based on Dropped File
(orchestrator.html)
// Is the value an array?
Ansi based on Dropped File
(orchestrator.html)
// JavaScript structure. The '{' operator is subject to a syntactic ambiguity
Ansi based on Dropped File
(orchestrator.html)
// Join all of the elements together, separated with commas, and wrap them in
Ansi based on Dropped File
(orchestrator.html)
// Join all of the member texts together, separated with commas,
Ansi based on Dropped File
(orchestrator.html)
// JSON numbers must be finite. Encode non-finite numbers as null.
Ansi based on Dropped File
(orchestrator.html)
// Make a fake root object containing our value under the key of ''.
Ansi based on Dropped File
(orchestrator.html)
// Make an array to hold the partial results of stringifying this object value.
Ansi based on Dropped File
(orchestrator.html)
// many spaces.
Ansi based on Dropped File
(orchestrator.html)
// null.
Ansi based on Dropped File
(orchestrator.html)
// obtain a replacement value.
Ansi based on Dropped File
(orchestrator.html)
// open brackets that follow a colon or comma or that begin the text. Finally,
Ansi based on Dropped File
(orchestrator.html)
// Otherwise we must also replace the offending characters with safe escape
Ansi based on Dropped File
(orchestrator.html)
// Otherwise, iterate through all of the keys in the object.
Ansi based on Dropped File
(orchestrator.html)
// Otherwise, throw an error.
Ansi based on Dropped File
(orchestrator.html)
// Parsing happens in four stages. In the first stage, we replace certain
Ansi based on Dropped File
(orchestrator.html)
// Produce a string from holder[key].
Ansi based on Dropped File
(orchestrator.html)
// produce text that is more easily readable.
Ansi based on Dropped File
(orchestrator.html)
// replace all simple value tokens with ']' characters. Third, we delete all
Ansi based on Dropped File
(orchestrator.html)
// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we
Ansi based on Dropped File
(orchestrator.html)
// Return the result of stringifying the value.
Ansi based on Dropped File
(orchestrator.html)
// sequences.
Ansi based on Dropped File
(orchestrator.html)
// so watch out for that case.
Ansi based on Dropped File
(orchestrator.html)
// space parameter, and returns a JSON text. The replacer can be a function
Ansi based on Dropped File
(orchestrator.html)
// that can replace values, or an array of strings that will select the keys.
Ansi based on Dropped File
(orchestrator.html)
// that modifications can be made.
Ansi based on Dropped File
(orchestrator.html)
// The parse method takes a text and an optional reviver function, and returns
Ansi based on Dropped File
(orchestrator.html)
// the remote chance that this gets fixed someday.
Ansi based on Dropped File
(orchestrator.html)
// The stringify method takes a value and an optional replacer, and an optional
Ansi based on Dropped File
(orchestrator.html)
// The value is an array. Stringify every element. Use null as a placeholder
Ansi based on Dropped File
(orchestrator.html)
// The walk method is used to recursively walk the resulting structure so
Ansi based on Dropped File
(orchestrator.html)
// typeof null does not produce 'null'. The case is included here in
Ansi based on Dropped File
(orchestrator.html)
// Unicode characters with escape sequences. JavaScript handles many characters
Ansi based on Dropped File
(orchestrator.html)
// we look to see that the remaining characters are only whitespace or ']' or
Ansi based on Dropped File
(orchestrator.html)
// We split the second stage into 4 regexp operations in order to work around
Ansi based on Dropped File
(orchestrator.html)
// What happens next depends on the value's type.
Ansi based on Dropped File
(orchestrator.html)
//target_browser = CanBeInstalled(target_browser);
Ansi based on Dropped File
(rules.js)
//this.tb_info = toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
//var CUTOVER_DATE = new Date(2010, 06, 01);
Ansi based on Dropped File
(rules.js)
//var toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/PIP2.5/OfferAccept.jhtml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(000<0\0d0p0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(0@0D0\0`0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(0@0P0T0d0h0l0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0(000<0\0h0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0(040@0L0X0d0p0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0)01060=0]0c0n0t0{0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,141L1\1`1d1h1p1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(181<1L1P1T1X1\1d1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1.3.6.1.4.1.311.2.1.12
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2(2,282L6T6\6d6l6t6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2<2@2X2\2t2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2(20282@2L2l2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2!2/2=2G2T2Y2c2o2t2~2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2.2\2b2}2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(292@2\2m2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2@2L2X2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2.5.4.11
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2.8.1.0
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2010 (c) Ask.com. All rights reserved.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
28-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, gap, indent, meta = { // table of character substitutions '\b': '\\b', '\t': '\\t', '\n': '\\n', '\f': '\\f', '\r': '\\r', '"' : '\\"', '\\': '\\\\' }, rep; function quote(string) {// If the string contains no control characters, no quote characters, and no// backslash characters, then we can safely slap some quotes around it.// Otherwise we must also replace the offending characters with safe escape// sequences. escapable.lastIndex = 0; return escapable.test(string) ? '"' + string.replace(escapable, function (a) { var c = meta[a]; return typeof c === 'string' ? c : '\\u' + ('0000' + a.charCodeAt(0).toSt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
289<9@9D9H9L9\=`=d=h=(>,>0>4>8><>@>D>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2Terms of use at https://www.verisign.com/rpa (c)101.0,
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,3034383<3@3D3H3`3d3h3l3p3p4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3(30383@3H3P3X3`3h3p3x3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3(3@3D3\3`3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3,3<3@3D3L3d3t3x3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3*303:3@3N3T3Z3`3e3k3r3x3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3.373n3{3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4$4(4,4044484<4@4D4H4L4P4T4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4(40484@4H4P4X4`4h4p4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4@4H4P4\4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4(4,444L4\4`4p4t4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4(484<4@4D4H4P4h4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4.4:4?4I4V4_4p4u4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4H4p45(5:5@5H5P5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5$5*5.54585>5B5G5M5Q5W5[5a5e5k5o5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5(50585@5H5P5X5`5p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!595@5T5l5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!5@5k5~5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5(5,5054585@5X5h5l5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(50585@5H5P5X5`5h5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5*5/595M5R5\5i5u5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5,5<5@5P5T5X5\5`5d5h5p5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5/656:6B6R6\6b6v6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(60686@6L6l6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(6@6P6T6d6h6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6!6&6]6j6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6&6:6a6!9x9v:H<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6'6-6:6@6P6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(646@6L6X6d6n6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(686<6@6D6H6L6T6l6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6)6/686K6o6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6-636:6@6Z6g6v67m7y7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6[6!7c7G8Z89H9{9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6http://sp.ask.com/en/docs/about/terms_of_service.shtml0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6j7<8G8`9s;D=]=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7(707H7X7\7`7d7h7l7p7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7(70787@7H7P7\7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"7'7/747<7A7H7W7\7b7k7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7(7H7P7\7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7,7074787<7@7D7H7L7P7T7X7\7d7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 8(80888@8L8l8x8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(8/8?8h8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(848:8@8F8L8R8X8^8d8j8r8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8':,:1:h:m:%;Z;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8,8084888<8@8D8H8L8P8T8X8`8x8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8H8P8\8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(9-9?9]9q9w9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,808@8D8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
88@8P8j8{8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8:KR$l'}f
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8M9s97:B:W:k:u:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8o9B:P:m:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8Q8z9::^:l:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8zIPIPRulesExecutorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9l9p9t9x9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,949L9\9`9p9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9(9@9P9T9d9h9l9p9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9@9H9P9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9!9+919:9K9Z9b9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9(9@9D9\9l9p9t9x9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(959B9\9c9o9u9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9,9c9u9+:R:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
909@9D9T9X9\9`9d9l9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
99!9H9]9f9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9:<:T:[:c:h:l:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9http://apnpip.ask.com/PIP/partners/{partnerid}/config.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9V9^9m9~:/<7<L<}<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :(:0:8:D:d:l:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :8:H:L:\:`:p:t:x:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :<:@:H:P:X:\:d:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :L:h:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:!:V:p:w:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:#:+:4:;:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:(:8:<:@:D:L:d:t:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:(:8:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:\:d:l:t:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:\:h:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:`:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:<:L:P:`:d:h:l:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:D:L:T:`:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:4:<:T:\:d:l:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:8:<:L:P:T:\:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:<:H:P:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:=:F:}:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:[:j:s:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:):8:G:V:e:p:{:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:*:D:K:j:p:w:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:6:t:z:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:<:@:D:H:L:P:X:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:<:h:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:L:\:d:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:-:B:Z:m:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:1:F:l:r:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:3:G:^:L;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:::G:[:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:@:L:T:Z:e:o:w:}:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@;R;d;v;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@;X;g;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:AM:am:PM:pm
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:J<V<\<a<g<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:k;!<:<?<v<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:L>R>[>b>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00013032-00003596.00000000.13355.008D1000.00000020.mdmp)
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;(;,;0;4;8;<;@;D;H;L;P;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;(;0;8;@;L;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;(;4;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; expires=Sat,01-Jan-2020 00:00:00 GMT;
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;%;);-;1;5;9;=;A;E;I;M;Q;U;Y;];a;e;i;m;q;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;(;8;<;@;D;H;L;P;T;X;\;`;d;l;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;0;4;8;<;@;D;P;T;X;\;`;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<0<H<X<\<`<d<h<p<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <(<@<P<T<X<\<d<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<![CDATA[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<![CDATA[%s...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<?xml version="1.0" encoding="utf-8"?>
Ansi based on Dropped File
(APNAnalytics.xml)
<?xml version="1.0" encoding="utf-8"?><root> <GeneralParameters> <PreviousX>250</PreviousX> <PreviousY>37</PreviousY> <NextX>169</NextX> <NextY>37</NextY> <CancelX>88</CancelX> <CancelY>37</CancelY> <Height>399</Height>
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
<?xml version="1.0" encoding="utf-8"?><root><GeneralParameters><PreviousX>250</PreviousX><PreviousY>37</PreviousY><NextX>169</NextX><NextY>37</NextY><CancelX>88</CancelX><CancelY>37</CancelY><Height>445</Height><Width>600</Width><bgColor>EFEBDF</bgColor><RegistryKey>HKEY_CURRENT_USER\Software\APN PIP\Analytics\{partnerid}</RegistryKey><ReportSever>anx.apnanalytics.com/200/pip/test.gif?</ReportSever><PIPReportSever>pipoffers.apnpartners.com/PIP/OfferAccept.jhtml</PIPReportSever><HideEula>1</HideEula><GetServer>http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}</GetServer> <Parameters> <lang id="language" position="2" report="Y" get="Y"/> </Parameters></GeneralParameters><stringtable><Language langID="en"><string id="STRID_TITLE">FrostWire Setup</string><string id="STRID_TEXT1">Press Page Down to see the rest of the agreement.</string><string id="STRID_EULA">If you accept t
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<BODY onload="load()">
Ansi based on Dropped File
(orchestrator.html)
<control bgcolor="#FFD793" color="" fontsize="20" height="60" id="txt1-of11" isBold="true" text="Frostwire Demo Starting....." type="text" width="400" x="0" y="0"></control>
Ansi based on Dropped File
(APNAnalytics.xml)
<GetServer>http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}</GetServer>
Ansi based on Dropped File
(APNAnalytics.xml)
<HTML><HEAD><script type="text/javascript">var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; }
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
<offer bgcolor="#EFEBDF" bkgImage="" color="" display="true" displayname="" icParams="" icProceed="" icUrl="" id="{cpf1}" imageheight="" imagewidth="" switchcontroltype="checkbox" title="STRID_TITLE" transparency="255">
Ansi based on Dropped File
(APNAnalytics.xml)
<PIPReportSever>pipoffers.apnpartners.com/PIP/OfferAccept.jhtml</PIPReportSever>
Ansi based on Dropped File
(APNAnalytics.xml)
<pProductID get="Y" id="pProductID" position="2" report="Y"/>
Ansi based on Dropped File
(APNAnalytics.xml)
<RegistryKey>HKEY_CURRENT_USER\Software\APN PIP\Analytics\{partnerid}</RegistryKey>
Ansi based on Dropped File
(APNAnalytics.xml)
<ReportSever>anx.apnanalytics.com/200/pip/test.gif?</ReportSever>
Ansi based on Dropped File
(APNAnalytics.xml)
<script type="text/javascript" src="./objectModel.js"></script>
Ansi based on Dropped File
(orchestrator.html)
<script type="text/javascript" src="./rules.js"></script>
Ansi based on Dropped File
(orchestrator.html)
<string id="STRID_CANCEL_TEXT">Are you sure you want to cancel installation?</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_EULA">If you accept the terms of the agreement, click I Agree to continue. You must accept the agreement to install FrostWire 4.21.3</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_EULA1">www.FrostWire.com</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_Success_Text">The installation has completed successfully.</string> <string id="STRID_Eula_Text">If you do not want to share technical information with ASK, please un_check and click Next</string> <string id="STRID_Optin_Text">By clicking 'NEXT', I agree to the</string> <string id="STRID_AveryLabel2">APN Toolbar</string> <string id="STRID_Downloading_Text">Downloading file</string> <string id="STRID_No_Offer_Text">There is a problem with the installer. Please contact your software provider and inform them of the issue.</string> <string id="STRID_Downloading_Error">There was a problem downloading the files. Please check that you have a valid Internet connection and try again.</string> <string id="STRID_Downloading_Error_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string><string id="STRID_DIC2V5_Loading_Text">Loading Dictionary.com required files...</string> <string id="S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<string id="STRID_TEXT1">Press Page Down to see the rest of the agreement.</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<TrayTipTime>2000</TrayTipTime><ShowLoadingScreen>false</ShowLoadingScreen><PreviousX>250</PreviousX><PreviousY>37</PreviousY><CancelX>88</CancelX><CancelY>37</CancelY><MessageUser>false</MessageUser><installpic_x>0</installpic_x><installpic_y>0</installpic_y><downloadpic_x>0</downloadpic_x><downloadpic_y>0</downloadpic_y><installpic_width>594</installpic_width><installpic_height>65</installpic_height><downloadpic_width>594</downloadpic_width><downloadpic_height>65</downloadpic_height><CancelDeclinesOffer>true</CancelDeclinesOffer><NumberOfSecOffersToShow>0</NumberOfSecOffersToShow><Orchestrator>./orchestrator.html?PIPPID=AVR2V6&PTBPartnerID=AVR2V6&tbType=vanilla&version={version}</Orchestrator><CBID>AVX</CBID></GeneralParameters><LanguageParameters><CancelContinue id="default">STRID_CContinue</CancelContinue><CancelForce id="default">STRID_CForce</CancelForce><WaitAndTerminate id="default">STRID_WaitAndTerminate</WaitAndTer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
= "14:CPU speed less than 1000 MHZ ";;var MachineDiskFreeSpaceLessThan2000MB = "15:64 bit machine Disk free space less than 2000MB ";var MachineDiskFreeSpaceLessThan850MB = "16:32 bit machine Disk free space less than 850MB ";var SystemPhysicalMemoryIsVeryLow = "17:System Physical Memory is very low";var NortonSafeSearchToolbarInstalled = "17:Norton Safe search Toolbar installed";var AnchorFreeUnsupportedOS = "18: AnchorFree unsupported OS XP or Vista 64bit ";var AviraToolbarPresentAskSecureOfferRejected = "19: Avira Toolbar present, Ask secure offer rejected";var AskSecureToolbarPresentAviraOfferRejected = "20:Ask Secure toolbar present, Avira offer rejected";var AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit = "20: Audials offer not eligible as unsupported OS XP 32 or Vista 64
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=4=8=<=@=D=H=L=P=T=X=\=`=d=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =(=9=A=I=U=a=i=u=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =(=@=P=T=d=h=l=p=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= all_browsers.orBr.toUpperCase(); this.stubversion = "7.0.0"; if (tb_info) { this.tbType = tb_info?tb_info.tb_type:""; this.tbID = tb_info.PID; } }} // Result//// param is in the form: CurrentID|PreviousID-(checkboxID:(true|false)|)*//function UIRule(param) { var return_obj = {}; return_obj.result = 1; return_obj.errorDescription = "Value Was False"; return_obj.display = 0; try { var result = 1;if (show_logger) logger.log("\r\n ****** Frog UI. Parameter " + param); if (show_logger) logger.log ("type of param is " + typeof param); var offer_ids = param.split('-'); if (show_logger) logger.log("offer_ids after split"); if (show_logger) logger.log("offer_ids " + offer_ids); var offer_ids = param.split('-')[0].split('|'); if (show_logger) logger.log(" ---
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=)=/=8=?=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=:=C=v=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> <string id="STRID_Next">Next</string> <string id="STRID_Accept">Accept</string> <string id="STRID_Accept_BCPA">I Accept</string> <string id="STRID_Accept_Continue">Accept and Continue</string><string id="STRID_Install_BCPA">Install</string><string id="STRID_Accept_SFT">I Agree</string> <string id="STRID_Decline">Decline</string> <string id="STRID_Next_FXTV5">Next</string> <string id="STRID_Finish">Next</string> <string id="STRID_Finish2">Finish</string> <string id="STRID_Install">Install</string> <string id="STRID_OK">OK</string> <string id="STRID_Cancel">Cancel</string><string id="STRID_IAgree">I Agree</string> <string id="STRID_Idisagree">I Disagree</string> <string id="STRID_Cancel_Text">Are you sure you want to cancel?</string><string id="STRID_FXTV5_Cancel_Text">Setup is not complete. If you exit now, the program will not be installed. You may run Setup again another time to complete the installation. Exit Setup?</string>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>(>0>4>8><>@>D>H>L>P>T>X>\>d>h>l>p>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >(>0>8>@>H>P>X>`>h>t>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>!>&>6>;>A>G>]>d>q?v?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>">(>6>J>j>p>{>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>%>*>4>@>E>O>[>`>j>z>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>,>0>4>8><>D>\>l>p>t>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?$?(?0?H?X?\?l?p?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?(?8?<?@?D?H?L?P?T?X?\?d?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?%?*?4?@?E?O?[?`?j?v?{?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?0?8?@?P?X?d?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Google\Chrome\User Data\Default\Preferences
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\HotspotShield","Publisher",0);}else{ AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);}if(!isEmpty(AFRegistryPath)){return getReasonCode(secondaryOfferInstalled);}} catch(e){}return true;}function isAudialsEligibleOffer(){try{if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){return AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit;}}catch(e){}return true;}function isDealPlyEligibleOffer() {try{var DPRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\DealPly","InstallStatus",0);if(!isEmpty(DPRegistryPath) && DPRegistryPath.toLowerCase() =="ok"){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isUniBlueEligibleOffer() {try{var UBRegistryPath = pipgetRegValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
\Mozilla\Firefox
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\n\t"e",\n\t{\n\t\t"pluribus": "unum"\n\t}\n]' text = JSON.stringify([new Date()], function (key, value) { return this[key] instanceof Date ? 'Date(' + this[key] + ')' : value; }); // text is '["Date(---current time---)"]' JSON.parse(text, reviver) This method parses a JSON text to produce an object or array. It can throw a SyntaxError exception. The optional reviver parameter is a function that can filter and transform the results. It receives each of the keys and values, and its return value is used instead of the original value. If it returns what it received, then the structure is not modified. If it returns undefined then the member is deleted. Example: // Parse the text. Values that look like ISO date strings will // be converted to Date objects. myData = JSON.par
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\prefs.js
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\profiles.ini
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Sessions\1\Windows\ApiPort
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
\shell\open\command\
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\system32\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\ThemeApiPort
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
_Cancel_Install_text">Cancelling this process is not advised. You will need to uninstall via Add/Remove programs.</string> <string id="STRID_Executingfile">PIP Installing...</string><string id="STRID_IE_STRING">*Toolbar installs and browser settings apply in Internet Explorer.</string><string id="STRID_FF_STRING">*Toolbar installs and browser settings apply in Firefox.</string><string id="STRID_CR_STRING">*Toolbar installs and browser settings apply in Chrome.</string><string id="STRID_ALL_STRING">*Toolbar installs and browser settings apply in IE, Firefox and Chrome.</string> </language></stringtable><primary_offers> <offer id = "AVR_ERROR" title="Avery Download" offerType="Static offer" bkgImage="http://ak.pipoffers.apnpartners.com/static/partners/AVR/images/AveryError.png" icUrl="" cancelHeight="23" cancelText="Close" cancelWidth="75" cancelX="97" cancelY="47" icParams="" icProceed="" color="" imagewidth= "594" bgcolor="" imageheight="360" transparency="255" cancelchoose="true
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
_LOCAL_MACHINE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_logger = window.external.GetObject("logger");
Ansi based on Dropped File
(objectmodel.js)
`local static guard'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local static thread guard'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local vftable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
a = a.split('.');
Ansi based on Dropped File
(rules.js)
a\shell\open\command\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Actual path %s . CreateDirectory last error %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
AD<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="APNInstaller" type="win32"/><description>.NET control deployment tool</description><dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*" /> </dependentAssembly></dependency> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> ...The ID below ind
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);
Ansi based on Dropped File
(rules.js)
AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);
Ansi based on Dropped File
(rules.js)
ailed. Invalid Return Type, JSON was Malformed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al error. Error description -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al\PIP_Local_Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al\PIP_UI_Ready_Local
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
all_browsers = all_browsers || JSON.parse(browser.allBrowsers);
Ansi based on Dropped File
(rules.js)
all_browsers.dfBr = defaultBrowser();
Ansi based on Dropped File
(rules.js)
AllowSetForegroundWindow failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Another installer is running.Please try the Template Only option on the Avery.com template page.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
any spaces. if (typeof space === 'number') { for (i = 0; i < space; i += 1) { indent += ' '; }// If the space parameter is a string, it will be used as the indent string. } else if (typeof space === 'string') { indent = space; }// If there is a replacer, it must be a function or an array.// Otherwise, throw an error. rep = replacer; if (replacer && typeof replacer !== 'function' && (typeof replacer !== 'object' || typeof replacer.length !== 'number')) { throw new Error('JSON.stringify'); }// Make a fake root object containing our value under the key of ''.// Return the result of stringifying the value. return str('', {'': value}); }; }// If the JSON object does not yet have a parse method, give it one. if (typeof JSON.parse !== 'function')
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
apn_pip_local
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
apn_pip_local\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AreThereOffersToDownloadAndExecute : False
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AreThereOffersToDownloadAndExecute : true. Identified fileid:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
arrParamNames[i] = sParam[0];
Ansi based on Dropped File
(orchestrator.html)
arrParamValues[i] = "No Value";
Ansi based on Dropped File
(orchestrator.html)
arrParamValues[i] = unescape(sParam[1]);
Ansi based on Dropped File
(orchestrator.html)
Ask.com1>0<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AskInstaller.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Async attribute specified, skipping wait on process completion.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
avascript" src="./rules.js"></script><script type="text/javascript">var primaryTlbrID = getURLParameters("PTBPartnerID");var satTlbrID = getURLParameters("STBPartnerID");var pipPartnerID = getURLParameters("PIPPID");var tbType=getURLParameters("tbType");var version=getURLParameters("version");var hidePtnrSecondaryOffer=getURLParameters("hideSecondary");var paramName;function getURLParameters(paramName) {var sURL = window.document.URL.toString(); if (sURL.indexOf("?") > 0){var arrParams = sURL.split("?"); var arrURLParams = arrParams[1].split("&"); var arrParamNames = new Array(arrURLParams.length);var arrParamValues = new Array(arrURLParams.length); var i = 0;for (i=0;i<arrURLParams.length;i++){var sParam = arrURLParams[i].split("=");arrParamNames[i] = sParam[0];if (sParam[1] != "")arrParamValues[i] = unescape(sParam[1]);elsearrParamValu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
b = b.split('.');
Ansi based on Dropped File
(rules.js)
bad locale name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad unicode escape sequence in string: four digits expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad unicode escape sequence in string: hexadecimal digit expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon HttpOpenRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon HttpSendRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Boolean.prototype.toJSON = function (key) {
Ansi based on Dropped File
(orchestrator.html)
browser = window.external.GetObject("browserinfo");
Ansi based on Dropped File
(objectmodel.js)
Browser and Toolbar Utils InterfaceWWW(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
C:\.jenkins\jobs\PIP2.0_INSTALLER\workspace\release\AskInstaller_1_.pdb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
C:\OffercastInstaller_AVR_U_0363_01_P_.exe
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Callback for rules executorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
catch(e)
Ansi based on Dropped File
(rules.js)
cates application support for Windows Vista --> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/> ...The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility></assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
cgetCommandLineWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
checkness = checkness.split('|');
Ansi based on Dropped File
(rules.js)
checkness = checkness[checkness.length-1];
Ansi based on Dropped File
(rules.js)
checkness = param.split('-');
Ansi based on Dropped File
(rules.js)
chrome.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInternetCombineIUriCacheSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
COMCTL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command line
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Command line argument "
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command line arguments - check the log file for details
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Comments must start with /
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Connecting...
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Content-Type: application/x-www-form-urlencoded
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cpuSpeed = system.getRegValue("HKLM\\Hardware\\Description\\System\\Centralprocessor\\0","~MHZ",0);
Ansi based on Dropped File
(rules.js)
Create a script object to be injected into the PIP ViewWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Create thread failed in ExecuteAllOfferFiles()
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Created by MIDL version 7.00.0555 at Tue Jun 11 16:42:01 2013
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
csXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CSystemUtil::getRegValue Failed : UnSupported Variant Type of %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
d = parseInt(a[i], 10) - parseInt(b[i], 10);
Ansi based on Dropped File
(rules.js)
D$$!|$\!|$`
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
D. USE AT YOUR OWN RISK. See http://www.JSON.org/js.html This code should be minified before deployment. See http://javascript.crockford.com/jsmin.html USE YOUR OWN COPY. IT IS EXTREMELY UNWISE TO LOAD CODE FROM SERVERS YOU DO NOT CONTROL. This file creates a global JSON object containing two methods: stringify and parse. JSON.stringify(value, replacer, space) value any JavaScript value, usually an object or array. replacer an optional parameter that determines how object values are stringified for objects. It can be a function or an array of strings. space an optional parameter that specifies the indentation of nested structures. If it is omitted, the text will be packed without extra whitespace. If it is a number, it will specify the number of spaces to indent at each
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Date.prototype.toJSON = function (key) {
Ansi based on Dropped File
(orchestrator.html)
debugWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
default_browser = pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue(defaultbrowserPath,"",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue(defaultbrowserPath,"",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserAppPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserAppPath=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserPath = "HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";
Ansi based on Dropped File
(rules.js)
defaultbrowserPath="HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";
Ansi based on Dropped File
(rules.js)
defBrowser=defaultBrowser.substring(n,defaultBrowser.length-1);
Ansi based on Dropped File
(rules.js)
defBrowser=defBrowser.replace(/[^\w\s]/gi, '');
Ansi based on Dropped File
(rules.js)
delete this.cache[i].result;
Ansi based on Dropped File
(rules.js)
delete value[k];
Ansi based on Dropped File
(orchestrator.html)
delete[]
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteRegister:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisableLocalOverride
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisablePassport
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
diskFreeSize = system.getDiskFreeSize();
Ansi based on Dropped File
(rules.js)
DisplayDynamicUI()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayOffer()... complete.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dNext()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
donwload progress pointer. Skipping progress update.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Download APNAnalytics.xml file failed, attempting to use local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download balloon icon file failed:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download Config.xml file failed, attempting to use local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download file error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadAllDynamicImage()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadAllDynamicImages()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()... return false.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()... return true.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... return false.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... return true.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBtnBkg()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadDefaultBkgFile()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : Empty String For From!!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : Empty String for To!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : NULL the Source or(and) Destination!!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader(BITS)::InitializeBITS::CoInitializeSecurity : Error = 0x%X - %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadScrollFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadSingleFile()... url:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dpipoffers.apnpartners.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
e terms of the agreement, click I Agree to continue. You must accept the agreement to install FrostWire 4.21.3</string><string id="STRID_EULA1">www.FrostWire.com</string><string id="STRID_NEXT">I Agree</string><string id="STRID_CANCEL">Cancel</string><string id="STRID_CANCEL_TEXT">Are you sure you want to cancel installation?</string></Language> </stringtable> <offereula><offer id = "{cpf1}" title="STRID_TITLE" icUrl="" icParams="" icProceed="" color="" transparency="255" display="true" bkgImage="" imagewidth= "" bgcolor="#EFEBDF" imageheight="" displayname="" switchcontroltype="checkbox"><apps></apps>... UI button controls--><controls><control id="txt1-of10" type="text" text="" width="420" height="190" x="30" y="80" color="" bgcolor="#ffffff" isBold="false"><control id="eula" type="checkbox" text="STRID_EULA" width="400" height="40" x="50" y="90" color="" bgcolor="" checked="false" isBold="true" ctrltype="offer" ctrlvalue="true" subctr=""></control><co
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
e(text, function (key, value) { var a; if (typeof value === 'string') { a =/^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2}(?:\.\d*)?)Z$/.exec(value); if (a) { return new Date(Date.UTC(+a[1], +a[2] - 1, +a[3], +a[4], +a[5], +a[6])); } } return value; }); myData = JSON.parse('["Date(09/09/2001)"]', function (key, value) { var d; if (typeof value === 'string' && value.slice(0, 5) === 'Date(' && value.slice(-1) === ')') { d = new Date(value.slice(5, -1)); if (d) { return d; } } return value; }); This is a reference implementation. You are free to copy, modify, or redistri
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ease try the Template Only option on the Avery.com template page.</string><string id="STRID_Access_OfferXml_Fail">There was a problem accessing the offer definition file!</string><string id="STRID_Access_OfferXml_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_OfferXml_Miss">The installation files have been corrupted. Please re-download the application and try again.</string> <string id="STRID_OfferXml_Miss_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_Unexpected_DownLoad_Fail">There was a problem downloading the files. Please check that you have a valid Internet connection and try again.</string><string id="STRID_Unexpected_DownLoad_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string><string id="STRI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
eGetExitCode returning %d Remote process exitcode %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
else if (offer_type.indexOf("toolbar") >= 0)
Ansi based on Dropped File
(rules.js)
EnumSystemLocalesA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
er : Empty String for To!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Error document empty.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error end tag.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error in command line arguments - check the log file for details
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error null (0) or unexpected EOF found in input stream.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing CDATA.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Comment.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Declaration.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Element.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Unknown.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error reading Attributes.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error reading Element value.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error when TiXmlDocument added to document, because TiXmlDocument can only be at the root.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error: empty tag.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
errorWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ers must be finite. Encode non-finite numbers as null. return isFinite(value) ? String(value) : 'null'; case 'boolean': case 'null':// If the value is a boolean or null, convert it to a string. Note:// typeof null does not produce 'null'. The case is included here in// the remote chance that this gets fixed someday. return String(value);// If the type is 'object', we might be dealing with an object or an array or// null. case 'object':// Due to a specification blunder in ECMAScript, typeof null is 'object',// so watch out for that case. if (!value) { return 'null'; }// Make an array to hold the partial results of stringifying this object value. gap += indent; partial = [];// Is the value an array? if (Object.prototype.toString.apply(value) === '[object Array]') {// The value is an array. Stringify every element. Use null as a plac
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ersion. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
Ansi based on Dropped File
(orchestrator.html)
et_browser || CanBeInstalled("cr", true);//target_browser = CanBeInstalled(target_browser); if (target_browser) { return_JSON = new Result(target_browser, all_browsers, true, toolbar_to_be_installed); return_JSON.errorDescription = ""; } else { return_JSON = new Result(target_browser, all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; if (offertype_is_toolbar) --primary_toolbar_ok_to_present; } if (show_logger) logger.log("\r\n********** V7 Stringified JSON " + JSON.stringify(return_JSON)); if (return_JSON.result !== 0) { if (primary_toolbar_ok_to_present === 1) primary_toolbar_ok_to_present = 0; } toolbar_to_be_installed.browser = target_browser; Offers.StoreResult(offer_id, return_JSON, toolbar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Exec format error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExecuteAllOfferFiles()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExecuteSingleFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Executing file:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Export
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
exts together, separated with commas,// and wrap them in braces. v = partial.length === 0 ? '{}' : gap ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' : '{' + partial.join(',') + '}'; gap = mind; return v; } }// If the JSON object does not yet have a stringify method, give it one. if (typeof JSON.stringify !== 'function') { JSON.stringify = function (value, replacer, space) {// The stringify method takes a value and an optional replacer, and an optional// space parameter, and returns a JSON text. The replacer can be a function// that can replace values, or an array of strings that will select the keys.// A default replacer method can be provided. Use of the space parameter can// produce text that is more easily readable. var i; gap = ''; indent = '';// If the space parameter is a number, make an indent string containing that//
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
f("keyword.URL", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
f(this.getUTCDate()) + 'T' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCHours()) + ':' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCMinutes()) + ':' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCMonth() + 1) + '-' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCSeconds()) + 'Z' : null;
Ansi based on Dropped File
(orchestrator.html)
F=ieVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to execute file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get Chrome version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get FF DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get FF Hpr value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get Firefox version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get GChrome DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get GChrome HPR value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE default Search provider. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE Hpr value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get memory status. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed to set recv timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed to set send timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed, with Error of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid JSON, no result member or resultString, was returned.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, JSON was Malformed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, Return String Was NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, was not of type BSTR but
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Reason code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Return type
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ffer_ids -- " + offer_ids[0] + " : " + offer_ids[1]); var checkness; checkness = param.split('-'); if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); checkness = checkness[checkness.length-1]; if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); checkness = checkness.split('|'); if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); for (var i = 0; i < checkness.length; ++i) { if (checkness[i].search("oi") >= 0) { if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness[i])); var checkness_parts = checkness[i].split(':'); if (checkness_parts[1] == "true") { if (show_logger) logger.log(" --- checkyness is true "); return_obj.errorDescription = "";
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ffVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
figXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Finished Parsing the config.xml file, ... show previous :
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FinshUIOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
firefox.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
for (++i; i < this.cache.length; ++i)
Ansi based on Dropped File
(rules.js)
for (i = 0; i < length; i += 1) {
Ansi based on Dropped File
(orchestrator.html)
for (i = 0; i < partners.length; ++i)
Ansi based on Dropped File
(rules.js)
for (i = 0; i < space; i += 1) {
Ansi based on Dropped File
(orchestrator.html)
for (i=0; i<l; i++) {
Ansi based on Dropped File
(rules.js)
for (i=0;i<arrURLParams.length;i++)
Ansi based on Dropped File
(orchestrator.html)
for (k in value) {
Ansi based on Dropped File
(orchestrator.html)
for (key in checkObj) {
Ansi based on Dropped File
(rules.js)
for (name in obj)
Ansi based on Dropped File
(rules.js)
for (name in pids)
Ansi based on Dropped File
(rules.js)
for (var i = 0, N = installed_toolbars.length; i < N; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0, N = installed_toolbars.length; i < N; ++i) { if (installed_toolbars[i].browser == p_browser) toolbars_on_browser.push(installed_toolbars[i]); } if (toolbars_on_browser.length == 0) { if (show_logger) logger.log(" Toolbars on Browser == 0 return " + p_browser + "\n"); return p_browser; } if (toolbars_on_browser[0].PID == toolbar_to_be_installed.PID) { if (show_logger) logger.log(" PID === PID : " + toolbars_on_browser[0].PID + " : " + toolbar_to_be_installed.PID + "\n"); reasonString = PIDsAreSameOnSameBrowser + ", Browser " + p_browser + " PIDS [" + toolbar_to_be_installed.PID + "]"; return ""; } if (toolbars_on_browser.length >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER) { if (show_logger) logger.log(" >= MAX_NUMBER
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
for (var i = 0; i < checkness.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < installed_toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < list_1.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < lu_table.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < offers_gen_params.offers.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < p_installed_toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < p_toolbartypes.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < this.cache.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i=0; i < jsonString.makeofferdisabled.length; i++) {
Ansi based on Dropped File
(rules.js)
for (var j = 0; j < jsonString.blocklistedPartners.length; ++j)
Ansi based on Dropped File
(rules.js)
for (var j = 0; j < list_2.length; ++j)
Ansi based on Dropped File
(rules.js)
for(var i=0; i<incumbentTlbrList.length;i++){
Ansi based on Dropped File
(rules.js)
for(var i=0; i<installedPartners.length;i++){
Ansi based on Dropped File
(rules.js)
for(var i=0; i<installedToolbars.length;i++){
Ansi based on Dropped File
(rules.js)
for(var j=0; j<jsonString.blocklistedPartners.length;j++){
Ansi based on Dropped File
(rules.js)
for(var k=0; k<incPartners.length;k++){
Ansi based on Dropped File
(rules.js)
ftware\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
function askSecureToolbarCheck(){
Ansi based on Dropped File
(rules.js)
function aviraToolbarInstallCheck(){
Ansi based on Dropped File
(rules.js)
function CanBeInstalled(p_browser, run_cycle) // ==> string
Ansi based on Dropped File
(rules.js)
function CascadeThroughBrowsers(p_browser, cascade_count) // ==> string
Ansi based on Dropped File
(rules.js)
function CheckForBlockedPID()
Ansi based on Dropped File
(rules.js)
function checkOverinstall() {
Ansi based on Dropped File
(rules.js)
function checkPrimaryTlbrOffered() {
Ansi based on Dropped File
(rules.js)
function checkPrimaryToolbarOffered(){
Ansi based on Dropped File
(rules.js)
function checkV5ToolbarInstalled(){
Ansi based on Dropped File
(rules.js)
function CheckVersion(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function clientSupported() {
Ansi based on Dropped File
(rules.js)
function cmpVersions (a, b) {
Ansi based on Dropped File
(rules.js)
function CommandLineBrowser()
Ansi based on Dropped File
(rules.js)
function defaultBrowser()
Ansi based on Dropped File
(rules.js)
function DefaultBrowser()
Ansi based on Dropped File
(rules.js)
function f(n) {
Ansi based on Dropped File
(orchestrator.html)
function getIncbumbentRegPath(partnersID){
Ansi based on Dropped File
(rules.js)
function getIncumbentPartners() {
Ansi based on Dropped File
(rules.js)
function GetInstalledToolbars()
Ansi based on Dropped File
(rules.js)
function GetOfferID(param)
Ansi based on Dropped File
(rules.js)
function getProductVersion(productCode){
Ansi based on Dropped File
(rules.js)
function getReasonCode(reasonDescription) {
Ansi based on Dropped File
(rules.js)
function GetToolbarInfo(p_offer_id)
Ansi based on Dropped File
(rules.js)
function GetToolbarsOnBrowser(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function getURLParameters(paramName)
Ansi based on Dropped File
(orchestrator.html)
function incumbantAVIRACheck(p_installed_toolbars, p_toolbar_to_be_installed)
Ansi based on Dropped File
(rules.js)
function init() {
Ansi based on Dropped File
(objectmodel.js)
function InstallCheck(param)
Ansi based on Dropped File
(rules.js)
function is64Bit(){
Ansi based on Dropped File
(rules.js)
function isAnchorFreeEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isAskSecureOfferEligible () {
Ansi based on Dropped File
(rules.js)
function isAudialsEligibleOffer(){
Ansi based on Dropped File
(rules.js)
function isAviraV5UpgTlbrOffered(){
Ansi based on Dropped File
(rules.js)
function isBlockListed(tlbrID) {
Ansi based on Dropped File
(rules.js)
function isCPUSpeedComp() {
Ansi based on Dropped File
(rules.js)
function isDealPlyEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isDiskSpaceComp(){
Ansi based on Dropped File
(rules.js)
function isEmpty (checkObj) {
Ansi based on Dropped File
(rules.js)
function isLatestClient(clientversion) {
Ansi based on Dropped File
(rules.js)
function isObjEmpty(obj)
Ansi based on Dropped File
(rules.js)
function isOSServicePackCompatible() {
Ansi based on Dropped File
(rules.js)
function isPalTalkEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isProntoEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isProntoEligibleOfferForIE(){
Ansi based on Dropped File
(rules.js)
function isSaturationInstalled(partnerid) {
Ansi based on Dropped File
(rules.js)
function isSaturationOffer(offer_id)
Ansi based on Dropped File
(rules.js)
function isSpeedCheckerInstalled() {
Ansi based on Dropped File
(rules.js)
function isSuperFishEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isSupportedBrowser(partnerID) {
Ansi based on Dropped File
(rules.js)
function isSupportedOS() {
Ansi based on Dropped File
(rules.js)
function isUniBlueEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isUniquePIDOnMachine(installed_toolbars, to_be_pid)
Ansi based on Dropped File
(rules.js)
function isV5TlbrEligible(){
Ansi based on Dropped File
(rules.js)
function isV5ToolbarOffered(){
Ansi based on Dropped File
(rules.js)
function isV6TlbrEligible() {
Ansi based on Dropped File
(rules.js)
function load() {
Ansi based on Dropped File
(orchestrator.html)
function LookupTable(tb_info)
Ansi based on Dropped File
(rules.js)
function makeoffer(partnerID) {
Ansi based on Dropped File
(rules.js)
function MoreToCascade(cascade_count, potential_browser, run_cycle) // ==> bool
Ansi based on Dropped File
(rules.js)
function nortonToolbarCheck() {
Ansi based on Dropped File
(rules.js)
function offerV6SaturationToolbar(){
Ansi based on Dropped File
(rules.js)
function OriginBrowser()
Ansi based on Dropped File
(rules.js)
function partneridfunc(){
Ansi based on Dropped File
(rules.js)
function PIDOnBlockedList(p_toolbartypes) // ==> bool
Ansi based on Dropped File
(rules.js)
function pipgetRegValue(registryPath,regValue,n){
Ansi based on Dropped File
(rules.js)
function preCheckSecondaryOffer() {
Ansi based on Dropped File
(rules.js)
function PrimarySaturationCheck(offer_id)
Ansi based on Dropped File
(rules.js)
function quote(string) {
Ansi based on Dropped File
(orchestrator.html)
function Reporting()
Ansi based on Dropped File
(rules.js)
function Result(target_browser, all_browsers, t_f)
Ansi based on Dropped File
(rules.js)
function secondaryOfferCheck(){
Ansi based on Dropped File
(rules.js)
function str(key, holder) {
Ansi based on Dropped File
(orchestrator.html)
function summaryRule(param) {
Ansi based on Dropped File
(rules.js)
function TbTypesIntersect (tb_type_1, tb_type_2)
Ansi based on Dropped File
(rules.js)
function ToolbarInfo(p_PID, p_tb_type, p_browser)
Ansi based on Dropped File
(rules.js)
function toolbarsHaveTypeBlock(toolbars)
Ansi based on Dropped File
(rules.js)
function UIRule(param)
Ansi based on Dropped File
(rules.js)
function UniquePIDTbType()
Ansi based on Dropped File
(rules.js)
function v5incumbentPartnerCheck(partnerids){
Ansi based on Dropped File
(rules.js)
function v6eligibleChecklist(partnerID,incPartners){
Ansi based on Dropped File
(rules.js)
function v6incumbentPartnerCheck(partner){
Ansi based on Dropped File
(rules.js)
function v6installChecker() {
Ansi based on Dropped File
(rules.js)
function v7installChecker(param)
Ansi based on Dropped File
(rules.js)
function ValidBrowser(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function walk(holder, key) {
Ansi based on Dropped File
(orchestrator.html)
function(ruleName){
Ansi based on Dropped File
(orchestrator.html)
g(16)).slice(-4); }); }// In the second stage, we run the text against regular expressions that look// for non-JSON patterns. We are especially concerned with '()' and 'new'// because they can cause invocation, and '=' because it can cause mutation.// But just to be safe, we want to reject all unexpected forms.// We split the second stage into 4 regexp operations in order to work around// crippling inefficiencies in IE's and Safari's regexp engines. First we// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we// replace all simple value tokens with ']' characters. Third, we delete all// open brackets that follow a colon or comma or that begin the text. Finally,// we look to see that the remaining characters are only whitespace or ']' or// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval. if (/^[\],:{}\s]*$/ .test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@')
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
GB()...[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GdipCreateBitmapFromScan0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Commandline of current process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Internet Explorer browserWW.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get File or Directory in MBWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get object from ScriptObject Map using object name as keyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Product InfoWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Product VersionWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get registry value
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Firefox browser$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Google Chrome browserWW8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Internet Explorer browserWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClassInfoExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCommandLineW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCPInfo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDispIDWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDownloadProgress percent %I64d bytesTransferred %I64d total %I64d @ %I64dB/s result %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCode returning %d Remote process exitcode %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCodeProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLastError
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocaleInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocalTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMemberNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMonitorInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetNextDispIDWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getObjectWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getOffersWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetOfferUIControl()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPartnerID()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcAddress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcessHeap
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getProductInfoWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getProductVersionWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStartupInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemInfo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTimeZoneInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTokenInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetUserObjectInformationW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetVersion
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetVersionExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowThreadID failed last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowThreadProcessId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Local_Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Mutex
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Remote_Exit
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Local
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Remote
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
groupWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
guage={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
h %s . CreateDirectory last error %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
h(((( H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents returning abort. LastError %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_local_error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_remote_data
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling remote exit event
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling remote process exited.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
he block list";var BlockListV6IncumbentToolbarIsListedInLockList = "6:Block list v6 - incumbent toolbar is listed as block list ";var v5Offerpresented = "7:Saturation offer was not made because primary offer was made";var SideBySideLimitExceeded = "8:Side by side limit exceeded";var secondaryOfferRejected = "9:Secondary offer rejected as Primary or Saturation offer was made";var precheckSecondary = "10:Secondary offer rejected as Manycam Saturation offer was made";var secondaryOfferInstalled = "11:Secondary Offer was not made as offer already exists";var UnsupportedOSXP64bit = "11:Unsupported OS XP 64 bit";var XPServicePackNotCompatible = "13:XP Service Pack not compatible ";var CPUSpeedLessThan1000MHZ
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
HH:mm:ss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
HKCU{Software{Classes
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CLASSES_ROOT\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_LOCAL_MACHINE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
holder// for non-JSON values. length = value.length; for (i = 0; i < length; i += 1) { partial[i] = str(i, value) || 'null'; }// Join all of the elements together, separated with commas, and wrap them in// brackets. v = partial.length === 0 ? '[]' : gap ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' : '[' + partial.join(',') + ']'; gap = mind; return v; }// If the replacer is an array, use it to select the members to be stringified. if (rep && typeof rep === 'object') { length = rep.length; for (i = 0; i < length; i += 1) { if (typeof rep[i] === 'string') { k = rep[i]; v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
host/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
http://
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ak.pipoffers.apnpartners.com/static/partners/{partnerid}/APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://localhost/APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://localhost/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.thawte.com0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.verisign.com0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.verisign.com0;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ts-ocsp.ws.symantec.com07
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://www.163.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http\shell\open\command\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpOpenRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpQueryInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https://www.verisign.com/cps0*
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https://www.verisign.com/rpa0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpSendRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icrosoft\Internet Explorer\SearchScopes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iexec.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iexplore.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
if ( parseInt(toolbarDisableFlag) == 64 || parseInt(toolbarDisableFlag) == 1){
Ansi based on Dropped File
(rules.js)
if (!all_browsers.dfBr)
Ansi based on Dropped File
(rules.js)
if (!isEmpty(partners))
Ansi based on Dropped File
(rules.js)
if (!isObjEmpty(ps_check))
Ansi based on Dropped File
(rules.js)
if (!isOSServicePackCompatible()) {
Ansi based on Dropped File
(rules.js)
if (!isSupportedOS() || !isOSServicePackCompatible())
Ansi based on Dropped File
(rules.js)
if (!isSupportedOS()) return false;
Ansi based on Dropped File
(rules.js)
if (!JSON) {
Ansi based on Dropped File
(orchestrator.html)
if (!offer_id)
Ansi based on Dropped File
(rules.js)
if (!p_browser)
Ansi based on Dropped File
(rules.js)
if (!param)
Ansi based on Dropped File
(rules.js)
if (!run_cycle)
Ansi based on Dropped File
(rules.js)
if (!this.cache)
Ansi based on Dropped File
(rules.js)
if (!UniquePIDTbType())
Ansi based on Dropped File
(rules.js)
if (!value) {
Ansi based on Dropped File
(orchestrator.html)
if ((p_installed_toolbars[i].PID.substring(0, 4) === "AVR-") ||
Ansi based on Dropped File
(rules.js)
if (/^[\],:{}\s]*$/
Ansi based on Dropped File
(orchestrator.html)
if (all_browsers && all_browsers.cr)
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.ff)
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.ie)
Ansi based on Dropped File
(rules.js)
if (browsers)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_CR") > 0)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_FF") > 0)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_IE") > 0)
Ansi based on Dropped File
(rules.js)
if (cascade_count <= 0)
Ansi based on Dropped File
(rules.js)
if (cascade_count >= 3)
Ansi based on Dropped File
(rules.js)
if (cascade_count >=3)
Ansi based on Dropped File
(rules.js)
if (CheckForBlockedPID(reasonString))
Ansi based on Dropped File
(rules.js)
if (checkness[i].search("oi") >= 0)
Ansi based on Dropped File
(rules.js)
if (checkness_parts[1] == "true")
Ansi based on Dropped File
(rules.js)
if (checkObj === "" || checkObj === 0 || checkObj === "0" || checkObj === null || checkObj === false || typeof checkObj === 'undefined') {
Ansi based on Dropped File
(rules.js)
if (cpuSpeed<1000){
Ansi based on Dropped File
(rules.js)
if (current_time > CUTOVER_DATE)
Ansi based on Dropped File
(rules.js)
if (cx.test(text)) {
Ansi based on Dropped File
(orchestrator.html)
if (d !== 0) {
Ansi based on Dropped File
(rules.js)
if (i > 0) pid_str += ",";
Ansi based on Dropped File
(rules.js)
if (i >= MAX_NUMBER_OF_TOOLBARS_ON_MACHINE)
Ansi based on Dropped File
(rules.js)
if (incumbant_AVIRA)
Ansi based on Dropped File
(rules.js)
if (incumbantAVIRACheck(installed_toolbars, toolbar_to_be_installed))
Ansi based on Dropped File
(rules.js)
if (installed_toolbars.length && isUniquePIDOnMachine(installed_toolbars, toolbar_to_be_installed.PID))
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].browser == p_browser)
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].PID != toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].PID == toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (isBlockListed(satTlbrID))
Ansi based on Dropped File
(rules.js)
if (isSaturationInstalled(partnerid))
Ansi based on Dropped File
(rules.js)
if (isSaturationOffer(offer_id))
Ansi based on Dropped File
(rules.js)
if (jsonString.blocklistedPartners.length === 0)
Ansi based on Dropped File
(rules.js)
if (jsonString.blocklistedPartners[j] === p_toolbartypes[i])
Ansi based on Dropped File
(rules.js)
if (list_1[i].toLowerCase() == list_2[j].toLowerCase())
Ansi based on Dropped File
(rules.js)
if (lu_table[i][0] === p_browser)
Ansi based on Dropped File
(rules.js)
if (name === toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (Object.prototype.hasOwnProperty.call(value, k)) {
Ansi based on Dropped File
(orchestrator.html)
if (Object.prototype.toString.apply(value) === '[object Array]') {
Ansi based on Dropped File
(orchestrator.html)
if (objectModel.initialized === false && typeof window !== "undefined" &&
Ansi based on Dropped File
(objectmodel.js)
if (offer_id)
Ansi based on Dropped File
(rules.js)
if (offer_type.indexOf("saturation") >= 0)
Ansi based on Dropped File
(rules.js)
if (Offers.Check(offer_id))
Ansi based on Dropped File
(rules.js)
if (offers_gen_params && offers_gen_params.GeneralParameters && offers_gen_params.GeneralParameters.TrackID)
Ansi based on Dropped File
(rules.js)
if (offers_gen_params.offers[i].id === offer_id)
Ansi based on Dropped File
(rules.js)
if (offers_gen_params.offers[i].id === p_offer_id)
Ansi based on Dropped File
(rules.js)
if (offertype_is_toolbar)
Ansi based on Dropped File
(rules.js)
if (p_browser != "ie" && p_browser != "ff" && p_browser != "cr")
Ansi based on Dropped File
(rules.js)
if (p_browser == "cr")
Ansi based on Dropped File
(rules.js)
if (p_browser == "ff")
Ansi based on Dropped File
(rules.js)
if (p_browser == "ie")
Ansi based on Dropped File
(rules.js)
if (p_toolbar_to_be_installed.PID.substring(0, 6) === "AVIRA-")
Ansi based on Dropped File
(rules.js)
if (p_toolbar_to_be_installed.tb_type.toLowerCase() === "secure")
Ansi based on Dropped File
(rules.js)
if (PIDOnBlockedList(PIDs_on_Machine) || PIDOnBlockedList(PID_to_be_installed) )
Ansi based on Dropped File
(rules.js)
if (potential_browser)
Ansi based on Dropped File
(rules.js)
if (primary_toolbar_ok_to_present && is_saturation_offer)
Ansi based on Dropped File
(rules.js)
if (primary_toolbar_ok_to_present === 1)
Ansi based on Dropped File
(rules.js)
if (r1)
Ansi based on Dropped File
(rules.js)
if (r1[0].length === 3)
Ansi based on Dropped File
(rules.js)
if (rep && typeof rep === 'object') {
Ansi based on Dropped File
(orchestrator.html)
if (replacer && typeof replacer !== 'function' &&
Ansi based on Dropped File
(orchestrator.html)
if (replacer && typeof replacer !== 'function' && (typeof replacer !== 'object' || typeof replacer.length !== 'number')) { throw new Error('JSON.stringify'); }// Make a fake root object containing our value under the key of ''.// Return the result of stringifying the value. return str('', {'': value}); }; }// If the JSON object does not yet have a parse method, give it one. if (typeof JSON.parse !== 'function') { JSON.parse = function (text, reviver) {// The parse method takes a text and an optional reviver function, and returns// a JavaScript value if the text is a valid JSON text. var j; function walk(holder, key) {// The walk method is used to recursively walk the resulting structure so// that modifications can be made. var k, v, value = holder[key]; if (value && typeof value === 'object'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if (result === false)
Ansi based on Dropped File
(rules.js)
if (result === true)
Ansi based on Dropped File
(rules.js)
if (return_JSON.result !== 0)
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log ("type of param is " + typeof param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log (JSON.stringify(return_obj));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness[i]));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness is true ");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- offer_ids -- " + offer_ids[0] + " : " + offer_ids[1]);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- Enter InstallCheck with param of : " + JSON.stringify(param));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER \n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" PID === PID : " + toolbars_on_browser[0].PID + " : " + toolbar_to_be_installed.PID + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" PID on Blocked List: " + JSON.stringify(PIDs_on_Machine) + " and " + JSON.stringify(toolbar_to_be_installed) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" Toolbars on Browser == 0 return " + p_browser + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" CheckVersion of Chrome");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" CheckVersion of Chrome, version : " + version);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\nCanBeInstalled :<" + p_browser + ">\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n ****** Frog UI. Parameter " + param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n ****** UI rule. Parameter " + param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n All browsers values: " + JSON.stringify(all_browsers) + " : ");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n********** V7 Stringified JSON " + JSON.stringify(return_JSON));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n******Error*****" + e.message);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Actual Param " + param + " *******Returned offers " + JSON.stringify(offers_gen_params) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("CheckVersion :<" + p_browser + ">");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("offer_ids " + offer_ids);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("offer_ids after split");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("RETURN RESULT FOR V6 CALL : " + JSON.stringify(return_JSON));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Toolbar To Be Installed : " + JSON.stringify(toolbar_to_be_installed) + "\n");
Ansi based on Dropped File
(rules.js)
if (sParam[1] != "")
Ansi based on Dropped File
(orchestrator.html)
if (sURL.indexOf("?") > 0)
Ansi based on Dropped File
(orchestrator.html)
if (target_browser)
Ansi based on Dropped File
(rules.js)
if (tb_info)
Ansi based on Dropped File
(rules.js)
if (TbTypesIntersect(installed_toolbars[i].tb_type, toolbar_to_be_installed.tb_type))
Ansi based on Dropped File
(rules.js)
if (this.cache[i].id === offer_id)
Ansi based on Dropped File
(rules.js)
if (this.cache[i].result)
Ansi based on Dropped File
(rules.js)
if (this.cache[i].tb_info && this.cache[i].tb_info.PID)
Ansi based on Dropped File
(rules.js)
if (toolbar_id.indexOf("-SAT") > 0)
Ansi based on Dropped File
(rules.js)
if (toolbars[i].tb_type === "blocked")
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser) toolbars_on_browser += ";"
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser.length == 0)
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser.length >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER)
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser[0].PID == toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (toolbarsHaveTypeBlock(to_be_installed) || toolbarsHaveTypeBlock(installed_toolbars) )
Ansi based on Dropped File
(rules.js)
if (typeof checkObj == 'object') {
Ansi based on Dropped File
(rules.js)
if (typeof Date.prototype.toJSON !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof JSON.parse !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof JSON.stringify !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof rep === 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof rep[i] === 'string') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof space === 'number') {
Ansi based on Dropped File
(orchestrator.html)
if (v !== undefined) {
Ansi based on Dropped File
(orchestrator.html)
if (v) {
Ansi based on Dropped File
(orchestrator.html)
if (value && typeof value === 'object') {
Ansi based on Dropped File
(orchestrator.html)
if (version > 0)
Ansi based on Dropped File
(rules.js)
if (version > 2)
Ansi based on Dropped File
(rules.js)
if (version > 6)
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 )
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {
Ansi based on Dropped File
(rules.js)
if(!askSecureToolbarCheck()){
Ansi based on Dropped File
(rules.js)
if(!clientSupported()){
Ansi based on Dropped File
(rules.js)
if(!clientSupported()){return getReasonCode(OldClientAskSecureOfferNotSupported);}if(!isCPUSpeedComp()){return getReasonCode(reasonString);}if(!isDiskSpaceComp()){return getReasonCode(reasonString);}if(!nortonToolbarCheck()){return getReasonCode(reasonString);}if(!v6incumbentPartnerCheck("AVIRA-") || !v5incumbentPartnerCheck("AVR-")){return getReasonCode(AviraToolbarPresentAskSecureOfferRejected);}}catch(e){}primaryToolbarOfferFlag=true;v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}var offers_gen_params;var all_browsers;var installed_toolbars;var toolbar_to_be_installed;var CUTOVER_DATE = new Date(2013, 05, 26);//var CUTOVER_DATE = new Date(2010, 06, 01);var primary_toolbar_ok_to_present = 1;var show_logger = true;//// Keeps a cache of offers, by offer id. This will be useful if for previous/next.// If we come back to the same page, the
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(!isCPUSpeedComp()){
Ansi based on Dropped File
(rules.js)
if(!isDiskSpaceComp()){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(AFRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(checkV5Installed) )
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultBrowser)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultbrowserAppPath))
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultbrowserAppPath)) {
Ansi based on Dropped File
(rules.js)
if(!isEmpty(DPRegistryPath) && DPRegistryPath.toLowerCase() =="ok"){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(incumbentTlbrList)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(nortonToolbarKey)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(PTRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(SCRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(SFRegistryPath) && SFRegistryPath.toLowerCase() =="ok"){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(UBRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(winServicePackRegValue)){
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(primaryTlbrID))
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(primaryTlbrID)){
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(satTlbrID))
Ansi based on Dropped File
(rules.js)
if(!isV5TlbrEligible()){
Ansi based on Dropped File
(rules.js)
if(!isV6TlbrEligible()){
Ansi based on Dropped File
(rules.js)
if(!nortonToolbarCheck()){
Ansi based on Dropped File
(rules.js)
if(!offerAviraV6NewInstall){
Ansi based on Dropped File
(rules.js)
if(!showSecondaryOffer && (hidePtnrSecondaryOffer=="true")){
Ansi based on Dropped File
(rules.js)
if(!v6incumbentPartnerCheck("AVIRA-") || !v5incumbentPartnerCheck("AVR-")){
Ansi based on Dropped File
(rules.js)
if(!v6SaturationToolbarOfferFlag &&!showSecondaryOffer &&(primaryTlbrID.toLowerCase().indexOf("myc") > -1 || satTlbrID.toLowerCase().indexOf("myc-sat") > -1)){
Ansi based on Dropped File
(rules.js)
if((incumbentTlbrList[i].indexOf("-SAT") > -1 && satTlbrID.indexOf("-SAT")> -1)) {
Ansi based on Dropped File
(rules.js)
if(arrParamNames[i] == paramName){
Ansi based on Dropped File
(orchestrator.html)
if(checkOverinstall()) {
Ansi based on Dropped File
(rules.js)
if(checkOverinstall()) {v6SaturationToolbarOfferFlag = true;return true;}}catch(e){}return false;}function isV6TlbrEligible() {try{var incumbentPartnerList = getIncumbentPartners(); if(isEmpty(incumbentPartnerList)) return true;if(v6eligibleChecklist(primaryTlbrID,incumbentPartnerList)){v6SaturationToolbarOfferFlag = true;return true;}}catch(e){}return false;}function isSaturationInstalled(partnerid) {try{var incumbentTlbrList;incumbentTlbrList = getIncumbentPartners();if(!isEmpty(incumbentTlbrList)){for(var i=0; i<incumbentTlbrList.length;i++){if((incumbentTlbrList[i].indexOf("-SAT") > -1 && satTlbrID.indexOf("-SAT")> -1)) {partnerid.value=incumbentTlbrList[i];return true;}}}}catch(e){}return false;}function checkV5ToolbarInstalled(){try{var v5TlbrID;showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowse
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(defaultBrowser.toLowerCase().indexOf("chrome") > -1 && makeoffer(partnerID)) {
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("firefox.exe") > -1){
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("iexplore.exe") > -1 ){
Ansi based on Dropped File
(rules.js)
if(defBrowser == IE) return true;
Ansi based on Dropped File
(rules.js)
if(defBrowser.toLowerCase() == FIREFOX) return true;
Ansi based on Dropped File
(rules.js)
if(diskFreeSize <2000){
Ansi based on Dropped File
(rules.js)
if(diskFreeSize <850){
Ansi based on Dropped File
(rules.js)
if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 0"){
Ansi based on Dropped File
(rules.js)
if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 3"){
Ansi based on Dropped File
(rules.js)
if(incPartners.length < 1 || incPartners.length >= 4) {
Ansi based on Dropped File
(rules.js)
if(incumbentTbType.toLowerCase().startsWith("vanilla") && tbType.toLowerCase().startsWith("vanilla")){
Ansi based on Dropped File
(rules.js)
if(installedPartners[i].startsWith(partner)){
Ansi based on Dropped File
(rules.js)
if(is64Bit())
Ansi based on Dropped File
(rules.js)
if(is64Bit()){
Ansi based on Dropped File
(rules.js)
if(isBlockListed(incPartners[k])) {
Ansi based on Dropped File
(rules.js)
if(isBlockListed(primaryTlbrID))
Ansi based on Dropped File
(rules.js)
if(isEmpty(checkV5Installed)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(default_browser))
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser))
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser)) {
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser)){
Ansi based on Dropped File
(rules.js)
if(isEmpty(incumbentPartnerList)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(incumbentPartners)){
Ansi based on Dropped File
(rules.js)
if(isEmpty(installedPartners)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(installedToolbars)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(nortonToolbarKey)){
Ansi based on Dropped File
(rules.js)
if(isLatestClient(version)) return reasonDescription;
Ansi based on Dropped File
(rules.js)
if(n==-1) n=0;
Ansi based on Dropped File
(rules.js)
if(parseInt(getIEversion) > 8){
Ansi based on Dropped File
(rules.js)
if(partnerID == incPartners[k]){
Ansi based on Dropped File
(rules.js)
if(partnerID == jsonString.makeofferdisabled[i]){
Ansi based on Dropped File
(rules.js)
if(physicalMemory < 512){
Ansi based on Dropped File
(rules.js)
if(primaryToolbarOfferFlag){
Ansi based on Dropped File
(rules.js)
if(tlbrID == jsonString.blocklistedPartners[j]) {
Ansi based on Dropped File
(rules.js)
if(toolbarID.startsWith(partnerids)){
Ansi based on Dropped File
(rules.js)
if(toolbarID.startsWith(partnerids)){return false;}}catch(e){}return true;}function askSecureToolbarCheck(){try{var toolbarRegPath;var installedToolbars = getIncumbentPartners(); if(isEmpty(installedToolbars)) return true;for(var i=0; i<installedToolbars.length;i++){toolbarRegPath=getIncbumbentRegPath(installedToolbars[i]);toolbarTbType = pipgetRegValue(toolbarRegPath,"tb-type",0);if(toolbarTbType == "vanilla-sec") return false;}}catch(e){}return true;}String.prototype.startsWith = function(prefix) { return this.indexOf(prefix) === 0;}function isAviraV5UpgTlbrOffered(){try{showSecondaryOffer=true;if(!askSecureToolbarCheck()){return getReasonCode(AskSecureToolbarPresentAviraOfferRejected);}if(v5incumbentPartnerCheck("AVR-")){offerAviraV6NewInstall=true;return getReasonCode(AviraV6InstallOfferPresentedAviraV6UpgradeRejected);}}catch(e){}v6SaturationToolbarOfferFlag = true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(toolbarTbType == "vanilla-sec") return false;
Ansi based on Dropped File
(rules.js)
if(v5incumbentPartnerCheck("AVR-")){
Ansi based on Dropped File
(rules.js)
if(v5TlbrID == primaryTlbrID) v5ToolbarInstalled=v5ToolbarInstalled+"Same Partner ID "+v5TlbrID+"";
Ansi based on Dropped File
(rules.js)
if(v5toolbarOffered){
Ansi based on Dropped File
(rules.js)
if(v6eligibleChecklist(primaryTlbrID,incumbentPartnerList)){
Ansi based on Dropped File
(rules.js)
if(v6SaturationToolbarOfferFlag) {
Ansi based on Dropped File
(rules.js)
if(versionresult >= 0){
Ansi based on Dropped File
(rules.js)
if(versionValue >= 0){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 ||(window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.2") != -1) {
Ansi based on Dropped File
(rules.js)
if(window.navigator.userAgent.indexOf('WOW64')>-1 || window.navigator.platform=='Win64')
Ansi based on Dropped File
(rules.js)
if(winServicePackRegValue == "Service Pack 2" || winServicePackRegValue == "Service Pack 2")
Ansi based on Dropped File
(rules.js)
IHKCU{Software{Classes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
image/gif0!0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
inate><Previous id="default">STRID_Previous</Previous><Next id="default">STRID_Next</Next><Finish id="default">STRID_Finish</Finish><Cancel id="default">STRID_Cancel</Cancel><CancelText id="default">STRID_Cancel_Text</CancelText><EulaText id="default">STRID_Eula_Text</EulaText><OptinText id="default">STRID_Optin_Text</OptinText><AveryLabel2 id="default">STRID_AveryLabel2</AveryLabel2><DownloadingText id="default">STRID_Downloading_Text</DownloadingText><NoOfferText id="default">STRID_No_Offer_Text</NoOfferText><DownloadingError id="default">STRID_Downloading_Error</DownloadingError><LoadingText id="default">STRID_Loading_Text</LoadingText><LoadingTitle id="default">STRID_Loading_Title</LoadingTitle><OfText id="default">STRID_Of_Text</OfText><AnalyticsFail id="default">STRID_Access_Analytics_Fail</AnalyticsFail><AccessConfigFail id="default">STRID_Access_Config_Fail</AccessConfigFail><AccessOfferXmlFail id="default">STRID_Access_OfferXml_Fail</AccessOfferX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
incumbentPartnerIDs = incumbentPartners.split(",");
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath= getIncbumbentRegPath(incPartners[k]);
Ansi based on Dropped File
(rules.js)
incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Dropped File
(rules.js)
incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Dropped File
(rules.js)
incumbentTbType = pipgetRegValue(incumbentPartnerRegPath,"tb-type",0);
Ansi based on Dropped File
(rules.js)
incumbentTlbrList = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
ing = V6OfferAlreadyPresentWithSamePartnerID;return false;}if(incumbentTbType.toLowerCase().startsWith("vanilla") && tbType.toLowerCase().startsWith("vanilla")){reasonString = PriorToolbarType_Vanilla_SecureVanilla + incPartners[k];return false}if(isBlockListed(incPartners[k])) {reasonString = BlockListV6IncumbentToolbarIsListedInLockList + incPartners[k];return false;}}} catch(e){}return true;}function isV5ToolbarOffered(){try{v5toolbarOffered=true;return true;}catch(e){}}function checkPrimaryToolbarOffered(){try{if(v5toolbarOffered){return false;}return true;}catch(e){}}function getProductVersion(productCode){try{var productVersion =system.getProductVersion(productCode);return productVersion;}catch(e){}}function pipgetRegValue(registryPath,regValue,n){try {var registryValue=system.getRegValue(registryPath,regValue,n);re
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ing Tray delete false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ing(0, 4) === "AVR-") || (p_installed_toolbars[i].PID.substring(0, 6) === "AVIRA-") ) { incumbant_AVIRA = true; break; } } if (incumbant_AVIRA) { if (p_toolbar_to_be_installed.PID.substring(0, 6) === "AVIRA-") return false; if (p_toolbar_to_be_installed.tb_type.toLowerCase() === "secure") { reasonString = AviraToolbarPresentAskSecureOfferRejected; return true; } return false; } return false; } // incumbantAVIRACheck function TbTypesIntersect (tb_type_1, tb_type_2) { var list_1 = tb_type_1.split(","); var list_2 = tb_type_2.split(","); for (var i = 0; i < list_1.length; ++i) { for (var j = 0; j <
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ing(16)).slice(-4); }) + '"' : '"' + string + '"'; } function str(key, holder) {// Produce a string from holder[key]. var i, // The loop counter. k, // The member key. v, // The member value. length, mind = gap, partial, value = holder[key];// If the value has a toJSON method, call it to obtain a replacement value. if (value && typeof value === 'object' && typeof value.toJSON === 'function') { value = value.toJSON(key); }// If we were called with a replacer function, then call the replacer to// obtain a replacement value. if (typeof rep === 'function') { value = rep.call(holder, key, value); }// What happens next depends on the value's type. switch (typeof value) { case 'string': return quote(value); case 'number':// JSON num
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
init();
Ansi based on Dropped File
(orchestrator.html)
InitializeInformation()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Input/output error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Install checker download failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker exe run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker exe validation failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
installed_toolbars = installed_toolbars || GetInstalledToolbars();
Ansi based on Dropped File
(rules.js)
installed_toolbars.push(this.cache[i].tb_info);
Ansi based on Dropped File
(rules.js)
Internal error.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Error description -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Error parsing. Actual value -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Member result not provided.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Result string empty.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Return string NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Return type string expected, actual return type -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration. Could NOT Parse File.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid File donwload progress pointer. Skipping progress update.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ion. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ios_base::badbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::eofbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::failbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iready of %I64d ms. Local UIReady time expired: %I64u ms, UIReady time remaining (relative to remote server data): %I64d ms.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IsValidLocale
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
it";var AviraV6InstallOfferPresentedAviraV6UpgradeRejected = "21:Avira V6 new Install offer presented, Avira V6 Upgrade rejected";var AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented = "22:Avira V6 new Install offer rejected, Avira V6 Upgrade Offer/Ask Secure Offer presented";var PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected = "23:Primary Toolbar Offer presented, The default primary offer rejected";var OldClientAskSecureOfferNotSupported = "24:Old Client AskSecure offer not supported";var maxNumberOfPartnersExceeded = "25:Maximum Number of Unique Partners Already Exists";var tbtypeOfBlockPIDNotEqual = "26:A Toolbar Type is of type block, PIDs are NOT equal";var inputBrowserTypeNotSupported = "27:Input Browser Type is NOT Supported";var inputIEBrowserVersionNotSupported = "28:IE Browser Version Is NOT Supported";
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
IThe out pointer (dispatch pointer of the object) is NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
j = eval('(' + text + ')');
Ansi based on Dropped File
(orchestrator.html)
JSON = {};
Ansi based on Dropped File
(orchestrator.html)
JSON.parse = function (text, reviver) {
Ansi based on Dropped File
(orchestrator.html)
JSON.parse = function (text, reviver) {// The parse method takes a text and an optional reviver function, and returns// a JavaScript value if the text is a valid JSON text. var j; function walk(holder, key) {// The walk method is used to recursively walk the resulting structure so// that modifications can be made. var k, v, value = holder[key]; if (value && typeof value === 'object') { for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = walk(value, k); if (v !== undefined) { value[k] = v; } else { delete value[k]; } } } } return reviver.call(holder, key, value); }// Parsing ha
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
JSON.stringify = function (value, replacer, space) {
Ansi based on Dropped File
(orchestrator.html)
k = rep[i];
Ansi based on Dropped File
(orchestrator.html)
k the new structure, passing// each name/value pair to a reviver function for possible transformation. return typeof reviver === 'function' ? walk({'': j}, '') : j; }// If the text is not JSON parseable, then a SyntaxError is thrown. throw new SyntaxError('JSON.parse'); }; }}());PADvar objectModel = {};objectModel.initialized = false;function init() { if (objectModel.initialized === false && typeof window !== "undefined" && typeof window.external !== "undefined") { logger = {}; _logger = window.external.GetObject("logger"); try { logger.log = function(var1) { return _logger.log(var1); }; logger.error = function(var1) { return _logger.error(var1); }; logger.debug = function(var1) { return _logger.debug(var1); };
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
k, // The member key.
Ansi based on Dropped File
(orchestrator.html)
k.com. All rights reserved.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ked="false" color="" ctrltype="offer" ctrlvalue="true" height="40" id="eula" isBold="true" subctr="" text="STRID_EULA" type="checkbox" width="400" x="50" y="90"></control> <control bgcolor="#FFD793" color="" fontsize="20" height="60" id="txt1-of11"
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Killing the dialog timer due to parent cancellation..
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
l = Math.min(a.length, b.length);
Ansi based on Dropped File
(rules.js)
l = Math.min(a.length, b.length); for (i=0; i<l; i++) { d = parseInt(a[i], 10) - parseInt(b[i], 10); if (d !== 0) { return d; } } return a.length - b.length;}function isLatestClient(clientversion) {try{var versionresult=cmpVersions(clientversion,"2.6.8.0");if(versionresult >= 0){return true;}}catch(e){}return false;}function is64Bit(){if(window.navigator.userAgent.indexOf('WOW64')>-1 || window.navigator.platform=='Win64')return true;else return false;}function isSupportedOS() {try {if (window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {return true}} catch(e){}return false;}function makeoffer(pa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
l already send the event exiting remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
layOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lbars || GetInstalledToolbars(); Offers.OfferedToolbars(installed_toolbars, offer_id); var result; if (isSaturationOffer(offer_id)) result = offerV6SaturationToolbar(); else result = v6installChecker(param); all_browsers = all_browsers || JSON.parse(browser.allBrowsers); if (result === true) return_JSON = new Result("ALL", all_browsers, true , toolbar_to_be_installed); else return_JSON = new Result("", all_browsers, false); if (result === true) return_JSON.result = 0; else { if (result === false) return_JSON.result = 1; else return_JSON.result = parseInt(result, 10); } return_JSON.errorDescription = result; return_JSON.lookupTable.fileid = "v6ic"; return_JSON.lookupTable.stubversion = "6.6.0"; Offers.StoreResult(offer_id, return_JSON, toolbar_to_be_installed); if (show_logger) logger.log("RETURN RESULT FOR V6 CALL : " + JS
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LBARS_ON_MACHINE = 3; var is_saturation_offer = false; var offer_id = GetOfferID(param); var offertype_is_toolbar = false; if (!isSupportedOS() || !isOSServicePackCompatible()) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; return JSON.stringify(return_JSON); } offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); toolbar_to_be_installed = GetToolbarInfo(offer_id); if (Offers.Check(offer_id)) return Offers.RetrieveResult(offer_id); var ps_check = PrimarySaturationCheck (offer_id); if (!isObjEmpty(ps_check)) return JSON.stringify(ps_check); try { var return_JSON; var target_browser = ""; installed_toolbars = installed_toolbars || GetInstalledToolbars(); Offers.OfferedToolbars(inst
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ler.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
level. If it is a string (such as '\t' or ' '), it contains the characters used to indent at each level. This method produces a JSON text from a JavaScript value. When an object value is found, if the object contains a toJSON method, its toJSON method will be called and the result will be stringified. A toJSON method does not serialize: it returns the value represented by the name/value pair that should be serialized, or undefined if nothing should be serialized. The toJSON method will be passed the key associated with the value, and this will be bound to the value For example, this would serialize Dates as ISO strings. Date.prototype.toJSON = function (key) { function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lFail><OfferXmlMiss id="default">STRID_OfferXml_Miss</OfferXmlMiss><UnexpectedDownLoadFail id="default">STRID_Unexpected_DownLoad_Fail</UnexpectedDownLoadFail><CancelInstalling id="default">STRID_Cancel_Install_text</CancelInstalling><CancelOptContinue id="default">STRID_Cancel_Continue</CancelOptContinue><CancelOptForce id="default">STRID_Cancel_Force</CancelOptForce><CancelOptWait id="default">STRID_Cancel_Wait</CancelOptWait><Executingfile>STRID_Executingfile</Executingfile><Browser_ALL_TXT>STRID_ALL_STRING</Browser_ALL_TXT><Browser_CR_TXT>STRID_CR_STRING</Browser_CR_TXT><Browser_FF_TXT>STRID_FF_STRING</Browser_FF_TXT><Browser_IE_TXT>STRID_IE_STRING</Browser_IE_TXT></LanguageParameters><stringtable> <language langid="en"> <string id="STRID_CContinue">Continue</string> <string id="STRID_CForce">Force Cancel</string> <string id="STRID_Previous">Previous</string> <string id="STRID_Back">Back</string> <string id="STRID_Back_FXTV5">Back</strin
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Like group, but the block is initially collapsed.W@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
list_2.length; ++j) { if (list_1[i].toLowerCase() == list_2[j].toLowerCase()) return true; } } return false; } // TbTypesIntersect function toolbarsHaveTypeBlock(toolbars) { for (var i = 0; i < toolbars.length; ++i) { if (toolbars[i].tb_type === "blocked") return true; } return false; } // toolbarsHaveTypeBlock function isUniquePIDOnMachine(installed_toolbars, to_be_pid) { for (var i = 0; i < installed_toolbars.length; ++i) { if (installed_toolbars[i].PID == toolbar_to_be_installed.PID) return false; } return true; } // isUniquePIDOnMachine function CascadeThroughBrowsers(p_browser, cascade_count) // ==> string {
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lled_toolbars, offer_id); all_browsers = all_browsers || JSON.parse(browser.allBrowsers); if (!all_browsers.dfBr) { all_browsers.dfBr = defaultBrowser(); } if (show_logger) logger.log("\r\n All browsers values: " + JSON.stringify(all_browsers) + " : ");offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers());if (show_logger) logger.log("Actual Param " + param + " *******Returned offers " + JSON.stringify(offers_gen_params) + "\n");if (show_logger) logger.log("Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");if (show_logger) logger.log("Toolbar To Be Installed : " + JSON.stringify(toolbar_to_be_installed) + "\n"); target_browser = target_browser || CanBeInstalled(CommandLineBrowser(), false); target_browser = target_browser || CanBeInstalled(OriginBrowser(), false); target_browser = target_browser || CanBeInstalled(DefaultBrowser(), false); target_browser = tar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
load balloon icon file failed:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Local
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local .xml will be used:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local already send the event exiting remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local AppData
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Local mode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local ui.xml will be used:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
locale
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalizedName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LocalRedirectOnly
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
logger = {};
Ansi based on Dropped File
(objectmodel.js)
logger.debug = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.dir = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.error = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.error(x);
Ansi based on Dropped File
(objectmodel.js)
logger.group = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.info = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.log = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.log("\r\n ****** inside load " + e.message + " Rule name: " + ruleName);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** Load Function Error " + e.message);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** pirule setRule callBackFired : function called is " + "Rule name: " + ruleName + "Number: " + arguments.length);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n******************Norton Toolbar Installed****************");
Ansi based on Dropped File
(rules.js)
logger.warn = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
Logger: Beacon InternetConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger::Initialize()... InternetConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the ERROR categoryWWW=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the INFO category)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Lookup breaking. Parent exitcode %d waitWindow %x
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lse. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Message and Exit error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageAndExit()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
meta = { // table of character substitutions
Ansi based on Dropped File
(orchestrator.html)
Minimum version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MM/dd/yy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
MonitorAndCompleteJob
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
mscoree.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
msctls_progress32
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
msi.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
msiexec.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MSIMG32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
N getRegValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
N.stringify(return_JSON)); return JSON.stringify(return_JSON);} // InstallCheckfunction isObjEmpty(obj){ var name; for (name in obj) return false; return true;} // isObjEmptyfunction GetOfferID(param){ if (!param) return ""; var p_param = param.split("|"); return p_param[0];} // GetOfferIDfunction isSaturationOffer(offer_id){ if (!offer_id) return false; for (var i = 0; i < offers_gen_params.offers.length; ++i) { if (offers_gen_params.offers[i].id === offer_id) { var toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; if (toolbar_id.indexOf("-SAT") > 0) return true; break; } } return false;} // isSaturationOfferfunction GetToolbarInfo(p_offer_id){ var toolbar_type = ""; var toolbar_id = ""; for (var i = 0; i < offers_gen_params.offers.length; ++i)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
n; } return this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.getUTCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z'; }; You can provide an optional replacer method. It will be passed the key and value of each member, with this bound to the containing object. The value that is returned from your method will be serialized. If your method returns undefined, then the member will be excluded from the serialization. If the replacer parameter is an array of strings, then it will be used to select the members to be serialized. It filters the results such that only members with keys listed in the replacer array are
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
n=defaultBrowser.lastIndexOf("\\");
Ansi based on Dropped File
(rules.js)
n\Mozilla\Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ndleEvents returning abort. LastError %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
netConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
new[]
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nished Parsing the config.xml file, ... show previous :
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
No .xml file is found:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
no control characters, no quote characters, and no// backslash characters, then we can safely slap some quotes around it.// Otherwise we must also replace the offending characters with safe escape// sequences. escapable.lastIndex = 0; return escapable.test(string) ? '"' + string.replace(escapable, function (a) { var c = meta[a]; return typeof c === 'string' ? c : '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4); }) + '"' : '"' + string + '"'; } function str(key, holder) {// Produce a string from holder[key]. var i, // The loop counter. k, // The member key. v, // The member value. length, mind = gap, partial, value = holder[key];// If the value has a toJSON method, call it to obtain a replacement value. if (value && typeof value === 'object' && typeof value.to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
No local file available for copy
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);
Ansi based on Dropped File
(rules.js)
Notifying Tray add false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray delete false. Lasterror %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray modify false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ntime Error!Program:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Number.prototype.toJSON =
Ansi based on Dropped File
(orchestrator.html)
OF_TOOLBARS_ON_BROWSER \n"); reasonString = AlreadyAtMaxNumberOfPartnersPerBrowser + " [" + pid_str + "]"; return ""; } return p_browser; } // ValidBrowser(p_browser) } // CanBeInstalled function ToolbarInfo(p_PID, p_tb_type, p_browser) { this.PID = p_PID; this.tb_type = p_tb_type; this.browser = p_browser; } // ToolbarInfo} // v7installCheckerfunction GetInstalledToolbars(){ var result = []; // // V5 // var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");if(!isEmpty(checkV5Installed) ) { if(is64Bit()) {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0) || "";} else {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0) || "";} result.push({PID: v5TlbrID, tb_type : "AL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
offer, as presented before, will be // presented, and ALL subsequent offers will be deleted.//var Offers = {};Offers.Check = function (offer_id){ offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); // // If cache // if (!this.cache) { this.cache = []; for (var i = 0; i < offers_gen_params.offers.length; ++i) { var ttt = offers_gen_params.offers[i].id; var t_obj = {id : offers_gen_params.offers[i].id}; this.cache.push(t_obj); } return false; } for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) { if (this.cache[i].result) return true; } } return false;} // Offers.CheckOffers.RetrieveResult = function (offer_id){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Offer::GetDownloadProgress done. Job
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offer::GetDownloadProgress inprogress. Job
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offer_type = offer_type.toLowerCase();
Ansi based on Dropped File
(rules.js)
offercast.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OffercastInstaller_AVR_U_0363_01_P_.exe
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Offers.Check = function (offer_id)
Ansi based on Dropped File
(rules.js)
Offers.OfferedToolbars = function (installed_toolbars, offer_id)
Ansi based on Dropped File
(rules.js)
Offers.OfferedToolbars(installed_toolbars, offer_id);
Ansi based on Dropped File
(rules.js)
Offers.RetrieveResult = function (offer_id)
Ansi based on Dropped File
(rules.js)
Offers.StoreResult = function (offer_id, result, toolbar_to_be_installed)
Ansi based on Dropped File
(rules.js)
Offers.StoreResult(offer_id, return_JSON, toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers());
Ansi based on Dropped File
(rules.js)
ogger.info = function(var1) { return _logger.info(var1); }; logger.warn = function(var1) { return _logger.warn(var1); }; logger.group = function(var1) { return _logger.group(var1); }; logger.dir = function(var1) { return _logger.dir(var1); }; } catch (x) { logger.error(x); } browser = window.external.GetObject("browserinfo"); system = window.external.GetObject("system"); piprule = window.external.GetObject("piprule");pipclient = window.external.GetObject("pipclient");}};PAvar regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";var checkObj;var n;var registryPath;var regValue="";var partnerID;var v5toolbarOffered = false;var v6SaturationToolbarOff
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ome DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
on (value, replacer, space) {// The stringify method takes a value and an optional replacer, and an optional// space parameter, and returns a JSON text. The replacer can be a function// that can replace values, or an array of strings that will select the keys.// A default replacer method can be provided. Use of the space parameter can// produce text that is more easily readable. var i; gap = ''; indent = '';// If the space parameter is a number, make an indent string containing that// many spaces. if (typeof space === 'number') { for (i = 0; i < space; i += 1) { indent += ' '; }// If the space parameter is a string, it will be used as the indent string. } else if (typeof space === 'string') { indent = space; }// If there is a replacer, it must be a function or an array.// Otherwise, throw an error. rep = replacer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
OnClickedCancel()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedNext()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedPrevious()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnInitDialog......0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete - SetWindowPos notopmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnPostReporting...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OpenProcess failed Last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
optout="true" displayname="Avery Error" > ... Offer Tag start --> ... List of files to be downloaded Refer the bottom for attribute definition --> </offer></primary_offers><params></params></root>P(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
orer\SearchScopes\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OSXP64bit; return false;}}catch(e){}return true;}function isCPUSpeedComp() {try{var cpuSpeed;var physicalMemory;cpuSpeed = system.getRegValue("HKLM\\Hardware\\Description\\System\\Centralprocessor\\0","~MHZ",0);if (cpuSpeed<1000){reasonString= CPUSpeedLessThan1000MHZ + cpuSpeed;return false;}physicalMemory=(system.getTotalPhysicalMemory());if(physicalMemory < 512){reasonString= SystemPhysicalMemoryIsVeryLow + physicalMemory;return false;}} catch(e) {}return true}function isDiskSpaceComp(){try{var diskFreeSize;diskFreeSize = system.getDiskFreeSize();if(is64Bit()){if(diskFreeSize <2000){reasonString = MachineDiskFreeSpaceLessThan2000MB + diskFreeSize;return false;}} else {if(diskFreeSize <850){reasonString = MachineDiskFreeSpaceLessThan850MB + diskFreeSize;return false;}}} catch(e){}return true;}function nortonToolbarCheck
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ot command:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
p_browser = p_browser.toLowerCase();
Ansi based on Dropped File
(rules.js)
PAD<HTML><HEAD><script type="text/javascript">var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; } if (typeof Date.prototype.toJSON !== 'function') { Date.prototype.toJSON = function (key) { return isFinite(this.valueOf()) ? this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.getUTCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z' : null; }; String.prototype.toJSON = Number.prototype.toJSON = Boolean.prototype.toJSON = function (key) { return this.valueOf(); }; } var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ParseAnalyticsXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml():Not use local.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseConfigXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
parseInt(isIE9extnenabled,2)=system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Approved Extensions","{D4027C7F-154A-4066-A1AD-4243D8127440}",0);
Ansi based on Dropped File
(rules.js)
ParseUiXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
partial = [];
Ansi based on Dropped File
(orchestrator.html)
partial.push(quote(k) + (gap ? ': ' : ':') + v);
Ansi based on Dropped File
(orchestrator.html)
partial[i] = str(i, value) || 'null';
Ansi based on Dropped File
(orchestrator.html)
Partner process id to watch %d Process handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
partnerid.value=incumbentTlbrList[i];
Ansi based on Dropped File
(rules.js)
partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
partnerRegPath+=partnersID+"\\Macro\\";
Ansi based on Dropped File
(rules.js)
pens in four stages. In the first stage, we replace certain// Unicode characters with escape sequences. JavaScript handles many characters// incorrectly, either silently deleting them, or treating them as line endings. text = String(text); cx.lastIndex = 0; if (cx.test(text)) { text = text.replace(cx, function (a) { return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4); }); }// In the second stage, we run the text against regular expressions that look// for non-JSON patterns. We are especially concerned with '()' and 'new'// because they can cause invocation, and '=' because it can cause mutation.// But just to be safe, we want to reject all unexpected forms.// We split the second stage into 4 regexp operations in order to work around// crippling inefficiencies in IE's and Safari's regexp engines. First we// replace the JSON backslash pairs wit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
physicalMemory=(system.getTotalPhysicalMemory());
Ansi based on Dropped File
(rules.js)
PID_to_be_installed.push(toolbar_to_be_installed.PID);
Ansi based on Dropped File
(rules.js)
pids[pid_name] = 1;
Ansi based on Dropped File
(rules.js)
PIDs_on_Machine.push(installed_toolbars[i].PID);
Ansi based on Dropped File
(rules.js)
PIP UI event happened locally, no need to wait
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pip.ask.com/PIP/partners/{partnerid}/config.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
pipclient = window.external.GetObject("pipclient");
Ansi based on Dropped File
(objectmodel.js)
pipoffers.apnpartners.com
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPReportSever
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
piprule = window.external.GetObject("piprule");
Ansi based on Dropped File
(objectmodel.js)
piprule.setRuleCallback(
Ansi based on Dropped File
(orchestrator.html)
portuguese-brazilian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
postInstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
potential_browser = CascadeThroughBrowsers(p_browser, cascade_count);
Ansi based on Dropped File
(rules.js)
potential_browser = CheckVersion(potential_browser);
Ansi based on Dropped File
(rules.js)
potential_browser = ValidBrowser(potential_browser);
Ansi based on Dropped File
(rules.js)
ProxyHttp1.1
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
QI to get the object's dispatch interface pointer failed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
quired key OfferXml is missing or invalid!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
r in ECMAScript, typeof null is 'object',// so watch out for that case. if (!value) { return 'null'; }// Make an array to hold the partial results of stringifying this object value. gap += indent; partial = [];// Is the value an array? if (Object.prototype.toString.apply(value) === '[object Array]') {// The value is an array. Stringify every element. Use null as a placeholder// for non-JSON values. length = value.length; for (i = 0; i < length; i += 1) { partial[i] = str(i, value) || 'null'; }// Join all of the elements together, separated with commas, and wrap them in// brackets. v = partial.length === 0 ? '[]' : gap ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' : '[' + partial.join(',') + ']'; gap = mind; return v;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
r2 = toolbar_id.slice(0, -r1[0].length);
Ansi based on Dropped File
(rules.js)
R6002- floating point support not loaded
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6010- abort() has been called
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6032- not enough space for locale information
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rcast.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rchromeVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
reasonString += " Installed PID/tbType " + installed_toolbars[i].PID + "/" + installed_toolbars[i].tb_type;
Ansi based on Dropped File
(rules.js)
reasonString += " Installed PID/tbType " + installed_toolbars[i].PID + "/" + installed_toolbars[i].tb_type; reasonString += " New PID/tbType " + toolbar_to_be_installed.PID + "/" + toolbar_to_be_installed.tb_type; return false; } } } return true; } // UniquePIDTbType // // Checks to see if AVIRA is already installed on the machine; if so, // check to see if trying to install another AVIRA === OK, or vanilla === OK, // secure === NOT OK. Assumes PIDTb collision has already been run. // function incumbantAVIRACheck(p_installed_toolbars, p_toolbar_to_be_installed) { var incumbant_AVIRA = false; var PID_to_be_installed = []; for (var i = 0; i < p_installed_toolbars.length; ++i) { if ((p_installed_toolbars[i].PID.subst
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
reasonString += " New PID/tbType " + toolbar_to_be_installed.PID + "/" + toolbar_to_be_installed.tb_type;
Ansi based on Dropped File
(rules.js)
reasonString = AlreadyAtMaxNumberOfPartnersPerBrowser + " [" + pid_str + "]";
Ansi based on Dropped File
(rules.js)
reasonString = BlockListV6IncumbentToolbarIsListedInLockList + incPartners[k];
Ansi based on Dropped File
(rules.js)
reasonString = inputBrowserTypeNotSupported + " [" + p_browser + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputCRBrowserVersionNotSupported + " [" + all_browsers.cr + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputFFBrowserVersionNotSupported + " [" + all_browsers.ff + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputIEBrowserVersionNotSupported + " [" + all_browsers.ie + "]";
Ansi based on Dropped File
(rules.js)
reasonString = maxNumberOfPartnersExceeded + " [" + pid_str + "]";
Ansi based on Dropped File
(rules.js)
reasonString = PIDIsOnBlockedList + " " + toolbar_to_be_installed.PID;
Ansi based on Dropped File
(rules.js)
reasonString = PIDsAreSameOnSameBrowser + ", Browser " + p_browser + " PIDS [" + toolbar_to_be_installed.PID + "]";
Ansi based on Dropped File
(rules.js)
reasonString = PriorToolbarType_Vanilla_SecureVanilla + incPartners[k];
Ansi based on Dropped File
(rules.js)
reasonString = tbtypeOfBlockPIDNotEqual + " PIDS " + installed_toolbars[0].PID + " and " + toolbar_to_be_installed.PID;
Ansi based on Dropped File
(rules.js)
reasonString = UnsupportedOSXP64bit;
Ansi based on Dropped File
(rules.js)
reasonString= XPServicePackNotCompatible + winServicePackRegValue;
Ansi based on Dropped File
(rules.js)
Reboot command:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCloseKey
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCreateKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegNotifyChangeKeyValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegOpenKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegQueryInfoKeyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote already send the event exiting local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote failed to set the event, exiting gracefully
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote mode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote process died already
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote process started. Handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RemoteInvokeExWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Reply from %s: bytes=%d time=%.0fms TTL=%d icmp_seq=%u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
report
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
reporting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resetting timer to honour server uiready of %I64d ms. Local UIReady time expired: %I64u ms, UIReady time remaining (relative to remote server data): %I64d ms.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
result = offerV6SaturationToolbar();
Ansi based on Dropped File
(rules.js)
result = v6installChecker(param);
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "cr"});
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "ff"});
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "ie"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "cr"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ff"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ie"});
Ansi based on Dropped File
(rules.js)
Retrieving remote process exit code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
return ""; } var to_be_installed = []; to_be_installed.push(toolbar_to_be_installed); if (toolbarsHaveTypeBlock(to_be_installed) || toolbarsHaveTypeBlock(installed_toolbars) ) { if (installed_toolbars.length && isUniquePIDOnMachine(installed_toolbars, toolbar_to_be_installed.PID)) { reasonString = tbtypeOfBlockPIDNotEqual + " PIDS " + installed_toolbars[0].PID + " and " + toolbar_to_be_installed.PID; return "" } } if (incumbantAVIRACheck(installed_toolbars, toolbar_to_be_installed)) return ""; var cascade_count = 0; var potential_browser; do { potential_browser = CascadeThroughBrowsers(p_browser, cascade_count); potential_browser = CheckVersion(potential_browser); potential_browser = ValidBrowser(potential_browser); ++cascade_count;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
return '\\u' +
Ansi based on Dropped File
(orchestrator.html)
return _logger.debug(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.dir(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.error(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.group(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.info(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.log(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.warn(var1);
Ansi based on Dropped File
(objectmodel.js)
return a.length - b.length;
Ansi based on Dropped File
(rules.js)
return AnchorFreeUnsupportedOS;
Ansi based on Dropped File
(rules.js)
return arrParamValues[i];
Ansi based on Dropped File
(orchestrator.html)
return AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit;
Ansi based on Dropped File
(rules.js)
return escapable.test(string) ? '"' + string.replace(escapable, function (a) {
Ansi based on Dropped File
(orchestrator.html)
return getReasonCode(AskSecureToolbarPresentAviraOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraToolbarPresentAskSecureOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraV6InstallOfferPresentedAviraV6UpgradeRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented);
Ansi based on Dropped File
(rules.js)
return getReasonCode(blocklistedPartner);
Ansi based on Dropped File
(rules.js)
return getReasonCode(OldClientAskSecureOfferNotSupported);
Ansi based on Dropped File
(rules.js)
return getReasonCode(precheckSecondary);
Ansi based on Dropped File
(rules.js)
return getReasonCode(PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(reasonString);
Ansi based on Dropped File
(rules.js)
return getReasonCode(secondaryOfferInstalled);
Ansi based on Dropped File
(rules.js)
return getReasonCode(secondaryOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(unsupportedBrowser);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v5Offerpresented);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v5ToolbarInstalled);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v6SatInstalled);
Ansi based on Dropped File
(rules.js)
return isFinite(this.valueOf()) ?
Ansi based on Dropped File
(orchestrator.html)
return isFinite(value) ? String(value) : 'null';
Ansi based on Dropped File
(orchestrator.html)
return JSON.stringify(Offers.RetrieveResult(offer_id));
Ansi based on Dropped File
(rules.js)
return JSON.stringify(ps_check);
Ansi based on Dropped File
(rules.js)
return JSON.stringify(return_JSON);
Ansi based on Dropped File
(rules.js)
return JSON.stringify(return_obj);
Ansi based on Dropped File
(rules.js)
return lu_table[i][cascade_count];
Ansi based on Dropped File
(rules.js)
return Offers.RetrieveResult(offer_id);
Ansi based on Dropped File
(rules.js)
return p_param[0];
Ansi based on Dropped File
(rules.js)
return quote(value);
Ansi based on Dropped File
(orchestrator.html)
return reviver.call(holder, key, value);
Ansi based on Dropped File
(orchestrator.html)
return str('', {'': value});
Ansi based on Dropped File
(orchestrator.html)
return String(value);
Ansi based on Dropped File
(orchestrator.html)
return tb.slice(0, 2);
Ansi based on Dropped File
(rules.js)
return this.cache[i].result;
Ansi based on Dropped File
(rules.js)
return this.indexOf(prefix) === 0;
Ansi based on Dropped File
(rules.js)
return this.valueOf();
Ansi based on Dropped File
(orchestrator.html)
return true;}function getIncbumbentRegPath(partnersID){try{var partnerRegPath="";if(is64Bit()){partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";} else {partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";}partnerRegPath+=partnersID+"\\Macro\\";}catch(e){}return partnerRegPath;}function v6incumbentPartnerCheck(partner){try{var installedPartners = getIncumbentPartners(); if(isEmpty(installedPartners)) return true;for(var i=0; i<installedPartners.length;i++){if(installedPartners[i].startsWith(partner)){return false;}}}catch(e){}return true;}function v5incumbentPartnerCheck(partnerids){try{var toolbarID;if(is64Bit()){toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);} else {toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);}
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
return window[ruleName].apply(this, params);
Ansi based on Dropped File
(orchestrator.html)
return {};
Ansi based on Dropped File
(rules.js)
return_JSON = new Result("", all_browsers, false);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result("ALL", all_browsers, true , toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result(target_browser, all_browsers, false);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result(target_browser, all_browsers, true, toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = "";
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = reasonString;
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = result;
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = secondaryOfferRejected;
Ansi based on Dropped File
(rules.js)
return_JSON.lookupTable.fileid = "v6ic";
Ansi based on Dropped File
(rules.js)
return_JSON.lookupTable.stubversion = "6.6.0";
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(reasonString, 10);
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(result, 10);
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(secondaryOfferRejected, 10);
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "";
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "Error Executing Rule";
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "Value Was False";
Ansi based on Dropped File
(rules.js)
rFlag = false;var overinstallFlag=false;var reasonString="";var showSecondaryOffer=true;var defBrowser="";var FIREFOX="firefox";var IE="Internet Explorer";var CHROME="Google Chrome";var offerAviraV6NewInstall = false;var primaryToolbarOfferFlag=false;var v5ToolbarInstalled = "1:Offer cannot be installed as offer already exists";var V6OfferAlreadyPresentWithSamePartnerID = "1:V6 Offer already present with same partnerID";var unsupportedBrowser = "2:Unsupported default browser";var IneligibleChrome = "3:Ineligible Chrome";var v6SatInstalled = "4:Prior toolbar typet (Shopping)";var PriorToolbarType_Vanilla_SecureVanilla = "4:Prior toolbar type(Vanilla)/Secure Vanilla ";var blocklistedPartner = "5:Block V6 ? New toolbar listed in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
RID_DIC2V5_Loading_Title">Dictionary.com Setup</string><string id="STRID_DIC3V5_Loading_Text">Loading Dictionary.com required files...</string><string id="STRID_DIC3V5_Loading_Title">Dictionary.com Setup</string><string id="STRID_Loading_Text">Loading required files...</string> <string id="STRID_AD5_Loading_Text">Loading Avery Template Installer required files...</string><string id="STRID_AD5_Loading_Title">Avery Template Installer</string> <string id="STRID_Loading_Title">Loading</string> <string id="STRID_Of_Text">of</string> <string id="STRID_Access_Analytics_Fail">There was a problem accessing the analytics file!</string><string id="STRID_Access_Analytics_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_Access_Config_Fail">There was a problem accessing the config file!</string><string id="STRID_Access_Config_Fail_Avery">There was a problem downloading the files. P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
rnal error. Error parsing. Actual value -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Rule execution aborted- either local / remote succeeded.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version < minimum version. Running version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version >= upgrade version. Running version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Runtime Error!Program:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
s[i] = "No Value";}for (i=0;i<arrURLParams.length;i++){if(arrParamNames[i] == paramName){return arrParamValues[i];}}return "No Parameters Found";}return "";}</script> <SCRIPT type="text/javascript">init();function load() {try{piprule.setRuleCallback(function(ruleName){try{logger.log("\r\n ****** pirule setRule callBackFired : function called is " + "Rule name: " + ruleName + "Number: " + arguments.length);var params = Array.prototype.slice.call(arguments, 1);return window[ruleName].apply(this, params);} catch(e) {logger.log("\r\n ****** inside load " + e.message + " Rule name: " + ruleName);}});} catch(e) {logger.log("\r\n ****** Load Function Error " + e.message);}} </SCRIPT></HEAD><BODY onload="load()"></BODY></HTML>/* http://www.JSON.org/json2.js 2011-02-23 Public Domain. NO WARRANTY EXPRESSED OR IMPLI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
sActual path %s . CreateDirectory last error %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SaveCurrentOfferState()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
search("_IE") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "ie"}); } if (browsers.search("_CR") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "cr"}); } if (browsers.search("_FF") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "ff"}); } }} return result;} // GetInstalledToolbarsvar toolbars_on_ie;var toolbars_on_cr;var toolbars_on_ff;function Result(target_browser, all_browsers, t_f){ this.result = 0; this.errorDescription = ""; this.display = t_f === true ? 1 : 0; this.reporting = new Reporting(); this.lookupTable = t_f === true ? new LookupTable(arguments[3]) : {}; //this.tb_info = toolbar_to_be_installed; function Reporting() { this.trgb = target_browser.toUpperCase();
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Send Reporting finished
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetForegroundWindow failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
showSecondaryOffer=false;return true;}function aviraToolbarInstallCheck(){try{showSecondaryOffer=true;if(!offerAviraV6NewInstall){return getReasonCode(AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented);}}catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function checkPrimaryTlbrOffered() {try{showSecondaryOffer=true;if(primaryToolbarOfferFlag){return getReasonCode(PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected);}} catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function clientSupported() {try{var versionValue=cmpVersions(version,"2.6.12.1");if(versionValue >= 0){return true;}} catch(e){}return false;}function isAskSecureOfferEligible () {try{showSecondaryOffer=true;if (!isSupportedOS()) return false;if (!isOSServicePackCompatible()) {return getReasonCode(reasonString);}
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Skipping further processing of offers. Offers processed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sNotifying Tray delete false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\APN PIP\ipc
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\APN PIP\{partnerid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\Main
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\SearchScopes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Internet Explorer\Settings
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\userchoice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Mozilla\Mozilla Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SON === 'function') { value = value.toJSON(key); }// If we were called with a replacer function, then call the replacer to// obtain a replacement value. if (typeof rep === 'function') { value = rep.call(holder, key, value); }// What happens next depends on the value's type. switch (typeof value) { case 'string': return quote(value); case 'number':// JSON numbers must be finite. Encode non-finite numbers as null. return isFinite(value) ? String(value) : 'null'; case 'boolean': case 'null':// If the value is a boolean or null, convert it to a string. Note:// typeof null does not produce 'null'. The case is included here in// the remote chance that this gets fixed someday. return String(value);// If the type is 'object', we might be dealing with an object or an array or// null. case 'object':// Due to a specification blund
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ssembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="APNInstaller" type="win32"></assemblyIdentity><description>.NET control deployment tool</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevel level="requireAdministrator" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS> </application> </compatibility></assembly>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
staller.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
stdole2.tlbWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StoresServiceClassInfo
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
stReporting...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
string { if (show_logger) logger.log("CheckVersion :<" + p_browser + ">"); if (!p_browser) return p_browser; p_browser = p_browser.toLowerCase(); if (p_browser != "ie" && p_browser != "ff" && p_browser != "cr") { reasonString = inputBrowserTypeNotSupported + " [" + p_browser + "]"; return ""; } if (p_browser == "ie") { if (all_browsers && all_browsers.ie) { var version = parseInt(all_browsers.ie, 10); if (version > 6) return "ie"; } reasonString = inputIEBrowserVersionNotSupported + " [" + all_browsers.ie + "]"; return ""; } if (p_browser == "cr") { if (show_logger) logger.log(" CheckVersion of Chrome"); if (all_browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
String.prototype.startsWith = function(prefix) {
Ansi based on Dropped File
(rules.js)
String.prototype.toJSON =
Ansi based on Dropped File
(orchestrator.html)
StringHexToRGB()...[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
success. Return boolean true.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SuccessCheck()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SupportedNameSpace
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
switch (typeof value) {
Ansi based on Dropped File
(orchestrator.html)
Syntax error: value, object or array expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
system = window.external.GetObject("system");
Ansi based on Dropped File
(objectmodel.js)
t]Ht@Ht$Hu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
target_browser = target_browser || CanBeInstalled("cr", true);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(CommandLineBrowser(), false);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(DefaultBrowser(), false);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(OriginBrowser(), false);
Ansi based on Dropped File
(rules.js)
TCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z' : null; }; String.prototype.toJSON = Number.prototype.toJSON = Boolean.prototype.toJSON = function (key) { return this.valueOf(); }; } var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, gap, indent, meta = { // table of character substitutions '\b': '\\b', '\t': '\\t', '\n': '\\n', '\f': '\\f', '\r': '\\r', '"' : '\\"', '\\': '\\\\' }, rep; function quote(string) {// If the string contains
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
te process started. Handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TerminateSubProcesses()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
text = String(text);
Ansi based on Dropped File
(orchestrator.html)
text = text.replace(cx, function (a) {
Ansi based on Dropped File
(orchestrator.html)
The config.xml file is missing or invalid!Please try the Template Only option on the Avery.com template page.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The object was not available in the script object (outer object).
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The out pointer (dispatch pointer of the object) is NULL.
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
The required key OfferXml is missing or invalid!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
this.apn_dbr = all_browsers.dfBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.BROWSER_TEXT = "Browser_" + target_browser.toUpperCase() + "_TXT";
Ansi based on Dropped File
(rules.js)
this.cache = [];
Ansi based on Dropped File
(rules.js)
this.cache.push(t_obj);
Ansi based on Dropped File
(rules.js)
this.cache[i].result = result;
Ansi based on Dropped File
(rules.js)
this.cache[i].tb_info = toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
this.ChromeVersionInstalled = all_browsers.cr;
Ansi based on Dropped File
(rules.js)
this.cmdb = all_browsers.cmdBr;
Ansi based on Dropped File
(rules.js)
this.display = t_f === true ? 1 : 0;
Ansi based on Dropped File
(rules.js)
this.errorDescription = "";
Ansi based on Dropped File
(rules.js)
this.FFVersionInstalled = all_browsers.ff;
Ansi based on Dropped File
(rules.js)
this.getUTCFullYear() + '-' +
Ansi based on Dropped File
(orchestrator.html)
this.IEVersionInstalled = all_browsers.ie;
Ansi based on Dropped File
(rules.js)
this.lookupTable = t_f === true ? new LookupTable(arguments[3]) : {};
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase(); this.apn_dbr = all_browsers.dfBr.toUpperCase(); this.cmdb = all_browsers.cmdBr; this.IEVersionInstalled = all_browsers.ie; this.FFVersionInstalled = all_browsers.ff; this.ChromeVersionInstalled = all_browsers.cr; this.TrackID = ""; if (offers_gen_params && offers_gen_params.GeneralParameters && offers_gen_params.GeneralParameters.TrackID) this.TrackID = offers_gen_params.GeneralParameters.TrackID; toolbars_on_ie = toolbars_on_ie || GetToolbarsOnBrowser("ie"); toolbars_on_cr = toolbars_on_cr || GetToolbarsOnBrowser("cr"); toolbars_on_ff = toolbars_on_ff || GetToolbarsOnBrowser("ff"); this.IETB = toolbars_on_ie; this.FFTB = toolbars_on_ff; this.ChromeTB = toolbars_on_cr; this.TBPartnerid = toolbar_to_be_installed.PID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
this.reporting = new Reporting();
Ansi based on Dropped File
(rules.js)
this.stubversion = "7.0.0";
Ansi based on Dropped File
(rules.js)
this.targetBrowser = target_browser.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.tbID = tb_info.PID;
Ansi based on Dropped File
(rules.js)
this.TBPartnerid = toolbar_to_be_installed.PID
Ansi based on Dropped File
(rules.js)
this.tbType = tb_info?tb_info.tb_type:"";
Ansi based on Dropped File
(rules.js)
this.TrackID = offers_gen_params.GeneralParameters.TrackID;
Ansi based on Dropped File
(rules.js)
this.trgb = target_browser.toUpperCase();
Ansi based on Dropped File
(rules.js)
throw new Error('JSON.stringify');
Ansi based on Dropped File
(orchestrator.html)
throw new SyntaxError('JSON.parse');
Ansi based on Dropped File
(orchestrator.html)
TimerProc() for timer id:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tion?</string> </Language> </stringtable> <offereula> <offer bgcolor="#EFEBDF" bkgImage="" color="" display="true" displayname="" icParams="" icProceed="" icUrl="" id="{cpf1}" imageheight="" imagewidth="" switchcontroltype="checkbox" title="STR
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tnerID) {try {for (var i=0; i < jsonString.makeofferdisabled.length; i++) {if(partnerID == jsonString.makeofferdisabled[i]){unsupportedBrowser = IneligibleChrome;return false;}}} catch(e) {}return true;}function isEmpty (checkObj) { var key; if (checkObj === "" || checkObj === 0 || checkObj === "0" || checkObj === null || checkObj === false || typeof checkObj === 'undefined') { return true;} if (typeof checkObj == 'object') { for (key in checkObj) { return false; } return true; } return false;}function getIncumbentPartners() {var incumbentPartners;var incumbentPartnerIDs=""; try {if(is64Bit()){incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);}else{incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
to_be_installed); return JSON.stringify(return_JSON); } catch(e){if (show_logger) logger.log("\r\n******Error*****" + e.message);return false;} return false; function PrimarySaturationCheck(offer_id) { var return_JSON = {}; if (offer_id) { for (var i = 0; i < offers_gen_params.offers.length; ++i) { if (offers_gen_params.offers[i].id === offer_id) { //var toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; var offer_type = offers_gen_params.offers[i].offerType || ""; offer_type = offer_type.toLowerCase(); if (offer_type.indexOf("saturation") >= 0) is_saturation_offer = true; else if (offer_type.indexOf("toolbar") >= 0) { offertype_is_toolbar = true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
to_be_installed.push(toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed = GetToolbarInfo(offer_id);
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed.browser = target_browser;
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed.PID = primaryTlbrID;
Ansi based on Dropped File
(rules.js)
toolbar_type = offers_gen_params.offers[i].tbType || "";
Ansi based on Dropped File
(rules.js)
toolbarDisableFlag = system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{D4027C7F-154A-4066-A1AD-4243D8127440}","Flags",0);
Ansi based on Dropped File
(rules.js)
toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
toolbarRegPath=getIncbumbentRegPath(installedToolbars[i]);
Ansi based on Dropped File
(rules.js)
toolbars_on_browser += installed_toolbars[i].PID + ":" + installed_toolbars[i].tb_type;
Ansi based on Dropped File
(rules.js)
toolbars_on_browser.push(installed_toolbars[i]);
Ansi based on Dropped File
(rules.js)
toolbars_on_cr = toolbars_on_cr || GetToolbarsOnBrowser("cr");
Ansi based on Dropped File
(rules.js)
toolbars_on_ff = toolbars_on_ff || GetToolbarsOnBrowser("ff");
Ansi based on Dropped File
(rules.js)
toolbars_on_ie = toolbars_on_ie || GetToolbarsOnBrowser("ie");
Ansi based on Dropped File
(rules.js)
toolbarTbType = pipgetRegValue(toolbarRegPath,"tb-type",0);
Ansi based on Dropped File
(rules.js)
Total number of eligible offers to report
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Transports
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tringified. Values that do not have JSON representations, such as undefined or functions, will not be serialized. Such values in objects will be dropped; in arrays they will be replaced with null. You can use a replacer function to replace those with JSON values. JSON.stringify(undefined) returns undefined. The optional space parameter produces a stringification of the value that is filled with line breaks and indentation to make it easier to read. If the space parameter is a non-empty string, then that string will be used for indentation. If the space parameter is a number, then the indentation will be that many spaces. Example: text = JSON.stringify(['e', {pluribus: 'unum'}]); // text is '["e",{"pluribus":"unum"}]' text = JSON.stringify(['e', {pluribus: 'unum'}], null, '\t'); // text is '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
trol id="txt1-of11" type="text" text="Frostwire Demo Starting....." width="400" height="60" x="0" y="0" color="" bgcolor="#FFD793" fontsize="20" isBold="true"></control></control></controls></offer></offereula><apnanalytics></apnanalytics></root><?xml version="1.0" encoding="utf-8"?><root><OwnerInformation><owner><name>Vishal Shah</name><organization>APN Toolbar</organization></owner></OwnerInformation><GeneralParameters><SetDateTime>2003/02/04 08:30:00</SetDateTime><Height>445</Height><Width>600</Width><bgcolor>efebdf</bgcolor><showprogcanceldlg>false</showprogcanceldlg><optintextsize>12</optintextsize><dlg_transparency>255</dlg_transparency><ShowOfferScreensOnly>false</ShowOfferScreensOnly><defaultLanguage>en</defaultLanguage><defaultbkg></defaultbkg><defaultbkgwidth>600</defaultbkgwidth><ShowProgressDlg>false</ShowProgressDlg><defaultbkgheight>400</defaultbkgheight><ProgressBarCancelClickable>true</ProgressBarCancelClickable>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
typeof replacer.length !== 'number')) {
Ansi based on Dropped File
(orchestrator.html)
typeof value.toJSON === 'function') {
Ansi based on Dropped File
(orchestrator.html)
typeof window.external !== "undefined") {
Ansi based on Dropped File
(objectmodel.js)
u09\$@v*j
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ui.xml_localmode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
uInternet\\","",0)}} } else {default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);}if(isEmpty(default_browser)){default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}} return default_browser;} // defaultBrowserfunction isSupportedBrowser(partnerID) {try {var defaultbrowserPath;var defaultbrowserAppPath;var defaultBrowser;var n=0;if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {def
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ultbrowserAppPath=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);if(!isEmpty(defaultbrowserAppPath)) {defaultbrowserPath="HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";defaultBrowser=pipgetRegValue(defaultbrowserPath,"",0);}else{defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}} else {defaultBrowser=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);if(isEmpty(defaultBrowser)) {defaultBrowser=pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);}if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\",
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
unction GetToolbarsOnBrowser(p_browser) // ==> string { var toolbars_on_browser = ""; if (!p_browser) return toolbars_on_browser; for (var i = 0, N = installed_toolbars.length; i < N; ++i) { if (installed_toolbars[i].browser == p_browser) { if (toolbars_on_browser) toolbars_on_browser += ";" toolbars_on_browser += installed_toolbars[i].PID + ":" + installed_toolbars[i].tb_type; } } return toolbars_on_browser; } // GetToolbarsOnBrowser } function LookupTable(tb_info) { this.BROWSER_TEXT = "Browser_" + target_browser.toUpperCase() + "_TXT"; this.targetBrowser = target_browser.toUpperCase(); this.fileid = "QRST_ABCD"; this.orgb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Unknown command line argument:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
unsupportedBrowser = IneligibleChrome;
Ansi based on Dropped File
(rules.js)
unsupportedBrowser=unsupportedBrowser+defBrowser;
Ansi based on Dropped File
(rules.js)
Upgrade version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
upported Variant Type of 0"){return false;}return true;}return false;}function secondaryOfferCheck(){try{if(!showSecondaryOffer && (hidePtnrSecondaryOffer=="true")){return getReasonCode(secondaryOfferRejected);}}catch(e){}return true;}function isProntoEligibleOffer() {try{ if(defBrowser.toLowerCase() == FIREFOX) return true; }catch(e){}return false;}function isProntoEligibleOfferForIE(){try{if(defBrowser == IE) return true;}catch(e){}return false;}function isAnchorFreeEligibleOffer() {try{var AFRegistryPath;if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 ||(window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){return AnchorFreeUnsupportedOS;}if(is64Bit()){AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
urn registryValue;} catch (e) {}}function defaultBrowser(){var defaultbrowserAppPath;var defaultbrowserPath; var default_browser; if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) { defaultbrowserAppPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0); if(!isEmpty(defaultbrowserAppPath)) { defaultbrowserPath = "HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\"; default_browser = pipgetRegValue(defaultbrowserPath,"",0); } else{default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMe
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
user_pref("browser.startup.homepage", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
user_pref("keyword.URL", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ute.*//*jslint evil: true, strict: false, regexp: false *//*members "", "\b", "\t", "\n", "\f", "\r", "\"", JSON, "\\", apply, call, charCodeAt, getUTCDate, getUTCFullYear, getUTCHours, getUTCMinutes, getUTCMonth, getUTCSeconds, hasOwnProperty, join, lastIndex, length, parse, prototype, push, replace, slice, stringify, test, toJSON, toString, valueOf*/// Create a JSON object only if one does not already exist. We create the// methods in a closure to avoid creating global variables.var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; } if (typeof Date.prototype.toJSON !== 'function') { Date.prototype.toJSON = function (key) { return isFinite(this.valueOf()) ? this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.get
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
v = partial.length === 0 ? '[]' : gap ?
Ansi based on Dropped File
(orchestrator.html)
v = partial.length === 0 ? '{}' : gap ?
Ansi based on Dropped File
(orchestrator.html)
v = str(k, value);
Ansi based on Dropped File
(orchestrator.html)
v = walk(value, k);
Ansi based on Dropped File
(orchestrator.html)
v, // The member value.
Ansi based on Dropped File
(orchestrator.html)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0) || "";
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0) || "";
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
v5ToolbarInstalled = v5ToolbarInstalled +" "+v5TlbrID;
Ansi based on Dropped File
(rules.js)
v6SatInstalled=v6SatInstalled +" "+ partnerid.value;
Ansi based on Dropped File
(rules.js)
value = holder[key];
Ansi based on Dropped File
(orchestrator.html)
value = rep.call(holder, key, value);
Ansi based on Dropped File
(orchestrator.html)
value = value.toJSON(key);
Ansi based on Dropped File
(orchestrator.html)
value[k] = v;
Ansi based on Dropped File
(orchestrator.html)
var PID_to_be_installed = [];
Ansi based on Dropped File
(rules.js)
var PIDs_on_Machine = [];
Ansi based on Dropped File
(rules.js)
var return_JSON = {};
Ansi based on Dropped File
(rules.js)
var t_obj = {id : offers_gen_params.offers[i].id};
Ansi based on Dropped File
(rules.js)
var to_be_installed = [];
Ansi based on Dropped File
(rules.js)
var ttt = offers_gen_params.offers[i].id;
Ansi based on Dropped File
(rules.js)
var checkness_parts = checkness[i].split(':');
Ansi based on Dropped File
(rules.js)
var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");
Ansi based on Dropped File
(rules.js)
var current_time = new Date();
Ansi based on Dropped File
(rules.js)
var CUTOVER_DATE = new Date(2013, 05, 26);
Ansi based on Dropped File
(rules.js)
var list_1 = tb_type_1.split(",");
Ansi based on Dropped File
(rules.js)
var list_2 = tb_type_2.split(",");
Ansi based on Dropped File
(rules.js)
var lu_table = [["cr", "ie", "ff"], ["ie", "cr", "ff"], ["ff", "cr", "ie"]];
Ansi based on Dropped File
(rules.js)
var lu_table = [["cr", "ie", "ff"], ["ie", "cr", "ff"], ["ff", "cr", "ie"]]; if (!p_browser) return p_browser; if (cascade_count <= 0) return p_browser; if (cascade_count >=3) return ""; for (var i = 0; i < lu_table.length; ++i) { if (lu_table[i][0] === p_browser) { return lu_table[i][cascade_count]; } } return ""; } // CascadeThroughBrowsers(p_browser, cascade_count) function MoreToCascade(cascade_count, potential_browser, run_cycle) // ==> bool { if (!run_cycle) return false; if (cascade_count >= 3) return false; if (potential_browser) return false; return true; } // MoreToCascade function CheckVersion(p_browser) // ==>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var offer_id = GetOfferID(param);
Ansi based on Dropped File
(rules.js)
var offer_ids = param.split('-');
Ansi based on Dropped File
(rules.js)
var offer_ids = param.split('-')[0].split('|');
Ansi based on Dropped File
(rules.js)
var offer_type = offers_gen_params.offers[i].offerType || "";
Ansi based on Dropped File
(rules.js)
var Offers = {};
Ansi based on Dropped File
(rules.js)
var p_param = param.split("|");
Ansi based on Dropped File
(rules.js)
var partners = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var pids = {};
Ansi based on Dropped File
(rules.js)
var ps_check = PrimarySaturationCheck (offer_id);
Ansi based on Dropped File
(rules.js)
var r1 = toolbar_id.match(reg_exp);
Ansi based on Dropped File
(rules.js)
var reg_exp = /-?(V5|V6|V7)$/i;
Ansi based on Dropped File
(rules.js)
var result = [];
Ansi based on Dropped File
(rules.js)
var return_obj = {};
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.orBr);
Ansi based on Dropped File
(rules.js)
var tb_incumbent_path = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
var tb_path = tb_incumbent_path + partners[i] + "\\Macro\\"
Ansi based on Dropped File
(rules.js)
var toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
var pid_name = installed_toolbars[i].PID;
Ansi based on Dropped File
(rules.js)
var AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented = "22:Avira V6 new Install offer rejected, Avira V6 Upgrade Offer/Ask Secure Offer presented";
Ansi based on Dropped File
(rules.js)
var OldClientAskSecureOfferNotSupported = "24:Old Client AskSecure offer not supported";
Ansi based on Dropped File
(rules.js)
var v7_result = v7installChecker(param);
Ansi based on Dropped File
(rules.js)
var AnchorFreeUnsupportedOS = "18: AnchorFree unsupported OS XP or Vista 64bit ";
Ansi based on Dropped File
(rules.js)
var arrParamNames = new Array(arrURLParams.length);
Ansi based on Dropped File
(orchestrator.html)
var arrParams = sURL.split("?");
Ansi based on Dropped File
(orchestrator.html)
var arrParamValues = new Array(arrURLParams.length);
Ansi based on Dropped File
(orchestrator.html)
var arrURLParams = arrParams[1].split("&");
Ansi based on Dropped File
(orchestrator.html)
var AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit = "20: Audials offer not eligible as unsupported OS XP 32 or Vista 64 bit";
Ansi based on Dropped File
(rules.js)
var AviraV6InstallOfferPresentedAviraV6UpgradeRejected = "21:Avira V6 new Install offer presented, Avira V6 Upgrade rejected";
Ansi based on Dropped File
(rules.js)
var c = meta[a];
Ansi based on Dropped File
(orchestrator.html)
var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");
Ansi based on Dropped File
(rules.js)
var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
Ansi based on Dropped File
(orchestrator.html)
var DPRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\DealPly","InstallStatus",0);
Ansi based on Dropped File
(rules.js)
var getIEversion ="";
Ansi based on Dropped File
(rules.js)
var getIEversion=browser.ieVersion;
Ansi based on Dropped File
(rules.js)
var hidePtnrSecondaryOffer=getURLParameters("hideSecondary");
Ansi based on Dropped File
(orchestrator.html)
var i, // The loop counter.
Ansi based on Dropped File
(orchestrator.html)
var incumbentPartnerList = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var inputBrowserTypeNotSupported = "27:Input Browser Type is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputCRBrowserVersionNotSupported = "29:CR Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputCRBrowserVersionNotSupported = "29:CR Browser Version Is NOT Supported";var inputFFBrowserVersionNotSupported = "30:FF Browser Version Is NOT Supported";var PIDsAreSameOnSameBrowser = "31:PIDs Are the Same, On the Same Browser";var toolbarTypeCollision = "32:On the Same Browser, Toolbar Types Collide";var PIDIsOnBlockedList = "33:PID is on Block List"var AlreadyAtMaxNumberOfPartnersPerBrowser = "34:Already At Maximum Number of Partners Per Browser";var uniquePIDTbType = "35:Toolbar Type is already owned by PID";var jsonString={ "blocklistedPartners": ["FTB","FTB4","OVO2","WCL2","WCL3"], "makeofferdisabled": ["WCL2","ACDS","ADS","AF3-SRS","AGH","ALSV5-DL","AM2","AM3","AMG","APLV5","APL1V5","APL2V5","ATR","ATU","ATU-DL","ATU-ASK","ATU-QBD","ATU-SRS"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var inputFFBrowserVersionNotSupported = "30:FF Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputIEBrowserVersionNotSupported = "28:IE Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var installedPartners = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var installedToolbars = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var k, v, value = holder[key];
Ansi based on Dropped File
(orchestrator.html)
var NortonSafeSearchToolbarInstalled = "17:Norton Safe search Toolbar installed";
Ansi based on Dropped File
(rules.js)
var objectModel = {};
Ansi based on Dropped File
(objectmodel.js)
var objectModel = {};objectModel.initialized = false;function init() { if (objectModel.initialized === false && typeof window !== "undefined" && typeof window.external !== "undefined") { logger = {}; _logger = window
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
var params = Array.prototype.slice.call(arguments, 1);
Ansi based on Dropped File
(orchestrator.html)
var partnerid =new partneridfunc();
Ansi based on Dropped File
(rules.js)
var pipPartnerID = getURLParameters("PIPPID");
Ansi based on Dropped File
(orchestrator.html)
var primaryTlbrID = getURLParameters("PTBPartnerID");
Ansi based on Dropped File
(orchestrator.html)
var PriorToolbarType_Vanilla_SecureVanilla = "4:Prior toolbar type(Vanilla)/Secure Vanilla ";
Ansi based on Dropped File
(rules.js)
var productVersion =system.getProductVersion(productCode);
Ansi based on Dropped File
(rules.js)
var PTRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Paltalk","InstallerAppDir",0);
Ansi based on Dropped File
(rules.js)
var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";
Ansi based on Dropped File
(rules.js)
var registryValue=system.getRegValue(registryPath,regValue,n);
Ansi based on Dropped File
(rules.js)
var regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";
Ansi based on Dropped File
(rules.js)
var regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";var checkObj;var n;var registryPath;var regValue="";var partnerID;v
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
var satTlbrID = getURLParameters("STBPartnerID");
Ansi based on Dropped File
(orchestrator.html)
var SCRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Speedchecker Limited\\PC Speed Up","Uninstaller",0);
Ansi based on Dropped File
(rules.js)
var secondaryOfferInstalled = "11:Secondary Offer was not made as offer already exists";
Ansi based on Dropped File
(rules.js)
var SFRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\AppDataLow\\Software\\superfish","InstallStatus",0);
Ansi based on Dropped File
(rules.js)
var sParam = arrURLParams[i].split("=");
Ansi based on Dropped File
(orchestrator.html)
var sURL = window.document.URL.toString();
Ansi based on Dropped File
(orchestrator.html)
var tb = "" || (all_browsers && all_browsers.cmdBr);
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.dfBr);
Ansi based on Dropped File
(rules.js)
var tbType=getURLParameters("tbType");
Ansi based on Dropped File
(orchestrator.html)
var toolbars_on_browser = [];
Ansi based on Dropped File
(rules.js)
var UBRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Uniblue\\SpeedUpMyPC","InstalledLocation",0);
Ansi based on Dropped File
(rules.js)
var unsupportedBrowser = "2:Unsupported default browser";
Ansi based on Dropped File
(rules.js)
var UnsupportedOSXP64bit = "11:Unsupported OS XP 64 bit";
Ansi based on Dropped File
(rules.js)
var v5ToolbarInstalled = "1:Offer cannot be installed as offer already exists";
Ansi based on Dropped File
(rules.js)
var v6SatInstalled = "4:Prior toolbar typet (Shopping)";
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.cr, 10);
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.ff, 10);
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.ie, 10);
Ansi based on Dropped File
(rules.js)
var version=getURLParameters("version");
Ansi based on Dropped File
(orchestrator.html)
var versionresult=cmpVersions(clientversion,"2.6.8.0");
Ansi based on Dropped File
(rules.js)
var versionValue=cmpVersions(version,"2.6.12.1");
Ansi based on Dropped File
(rules.js)
var winServicePackRegValue;
Ansi based on Dropped File
(rules.js)
var XPServicePackNotCompatible = "13:XP Service Pack not compatible ";
Ansi based on Dropped File
(rules.js)
varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || "";
Ansi based on Dropped File
(rules.js)
varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\";
Ansi based on Dropped File
(rules.js)
varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Macro\\";
Ansi based on Dropped File
(rules.js)
vartb_type = pipgetRegValue (partner_path, "tb-type", 0) || "";
Ansi based on Dropped File
(rules.js)
vartb_type = pipgetRegValue (tb_path, "tb-type", 0) || "";
Ansi based on Dropped File
(rules.js)
version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
VERSION.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Visual C++ CRT: Not enough memory to complete call to strerror.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on execution thread failure
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waitforsingleobject failed Last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
walk({'': j}, '') : j;
Ansi based on Dropped File
(orchestrator.html)
WARE\Microsoft\Internet Explorer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ware\Microsoft\Windows\Shell\Associations\UrlAssociations\http\userchoice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
while (MoreToCascade(cascade_count, potential_browser, run_cycle)); return potential_browser; function CheckForBlockedPID() { var PID_to_be_installed = []; var PIDs_on_Machine = []; PID_to_be_installed.push(toolbar_to_be_installed.PID); for (var i = 0, N = installed_toolbars.length; i < N; ++i) { PIDs_on_Machine.push(installed_toolbars[i].PID); } if (PIDOnBlockedList(PIDs_on_Machine) || PIDOnBlockedList(PID_to_be_installed) ) { if (show_logger) logger.log(" PID on Blocked List: " + JSON.stringify(PIDs_on_Machine) + " and " + JSON.stringify(toolbar_to_be_installed) + "\n"); reasonString = PIDIsOnBlockedList + " " + toolbar_to_be_installed.PID; return true; } return false; function PIDOnBlockedList(p_toolbartypes) // ==> bool
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
winServicePackRegValue=pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion","CSDVersion",0);
Ansi based on Dropped File
(rules.js)
WinSock 2.0 Provider ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
WinSock_Registry_Version
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
wnloader(BITS)::InitializeBITS::CoInitializeSecurity : Error = 0x%X - %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
WriteRegister()... name:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Writes a message to the console and opens a nested block to indent all future messages sent to the console. Call console.groupEnd() to close the block.WWW1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
www.ask.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
www.google.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
xt failed with error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
y_local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
{ for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = walk(value, k); if (v !== undefined) { value[k] = v; } else { delete value[k]; } } } } return reviver.call(holder, key, value); }// Parsing happens in four stages. In the first stage, we replace certain// Unicode characters with escape sequences. JavaScript handles many characters// incorrectly, either silently deleting them, or treating them as line endings. text = String(text); cx.lastIndex = 0; if (cx.test(text)) { text = text.replace(cx, function (a) { return '\\u' + ('0000' + a.charCodeAt(0).toStri
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (jsonString.blocklistedPartners.length === 0) return false; for (var i = 0; i < p_toolbartypes.length; ++i) { for (var j = 0; j < jsonString.blocklistedPartners.length; ++j) { if (jsonString.blocklistedPartners[j] === p_toolbartypes[i]) return true; } } return false; } // PIDOnBlockedList } // CheckForBlockedPID function UniquePIDTbType() { for (var i = 0; i < installed_toolbars.length; ++i) { if (TbTypesIntersect(installed_toolbars[i].tb_type, toolbar_to_be_installed.tb_type)) { if (installed_toolbars[i].PID != toolbar_to_be_installed.PID) { reasonString = uniquePIDTbType;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (this.cache[i].result) return this.cache[i].result; } } return {};} // Offers.RetrieveResultOffers.OfferedToolbars = function (installed_toolbars, offer_id){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) return; if (this.cache[i].tb_info && this.cache[i].tb_info.PID) installed_toolbars.push(this.cache[i].tb_info); } } // Offers.OfferedToolbarsOffers.StoreResult = function (offer_id, result, toolbar_to_be_installed){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) { this.cache[i].result = result; this.cache[i].tb_info = toolbar_to_be_installed; break; } } for (++i; i < this.cache.length; ++i) { delete this.cache[i].result; }} // Offers.StoreResultfunction InstallCheck(param){ i
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (offers_gen_params.offers[i].id === p_offer_id) { toolbar_type = offers_gen_params.offers[i].tbType || ""; toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; break; } } var reg_exp = /-?(V5|V6|V7)$/i; var r1 = toolbar_id.match(reg_exp); var r2; var current_time = new Date(); if (current_time > CUTOVER_DATE) { if (r1) { r2 = toolbar_id.slice(0, -r1[0].length); if (r1[0].length === 3) r2 += "-V7"; else r2 += "V7"; } else { r2 = toolbar_id + "-V7" } toolbar_id = r2; } var obj = { PID : toolbar_id, tb_type : toolbar_type }; return obj;} // GetToolbarInfofunction v7installChecker(param) { var MAX_NUMBER_OF_TOOLBARS_ON_BROWSER = 3; var MAX_NUMBER_OF_TO
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{blocklistedPartner=blocklistedPartner+" "+primaryTlbrID;return getReasonCode(blocklistedPartner);}if(!isV6TlbrEligible()){v6SaturationToolbarOfferFlag = false;return getReasonCode(reasonString);}}catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function partneridfunc(){this.value="";}function offerV6SaturationToolbar(){try{var partnerid =new partneridfunc();if(v6SaturationToolbarOfferFlag) {return getReasonCode(v5Offerpresented);}showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowser(satTlbrID)){return getReasonCode(unsupportedBrowser);}if (isBlockListed(satTlbrID)){return getReasonCode(blocklistedPartner);}if (isSaturationInstalled(partnerid)){v6SatInstalled=v6SatInstalled +" "+ partnerid.value;return getReasonCode(v6SatInstalled);}showSecondaryOffer = false;return true;}catch(e)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{BYTES_TOTAL}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{BYTES_XFER}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{current}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{downloads}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{FILENAME}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{funnelid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{locale}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{mydocuments}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{partnerid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{PERCENT}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{SPEED}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
{temp}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{version}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{}return false;}function checkOverinstall() {try{var getIEversion ="";var isIE9extnenabled="";var toolbarDisableFlag="";var getIEversion=browser.ieVersion;if(parseInt(getIEversion) > 8){parseInt(isIE9extnenabled,2)=system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Approved Extensions","{D4027C7F-154A-4066-A1AD-4243D8127440}",0);}toolbarDisableFlag = system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{D4027C7F-154A-4066-A1AD-4243D8127440}","Flags",0);if ( parseInt(toolbarDisableFlag) == 64 || parseInt(toolbarDisableFlag) == 1){return true;}}catch(e){if(parseInt(getIEversion) > 8){if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 3"){return false;}if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 0"){return true;}}if(e.message =="CSystemUtil::getRegValue Failed : Un
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
|| ""; result.push({PID: partners[i], tb_type : tb_type, browser : "ie"}); result.push({PID: partners[i], tb_type : tb_type, browser : "ff"}); result.push({PID: partners[i], tb_type : tb_type, browser : "cr"}); } } // // V7 // if (!isEmpty(partners)) { if(is64Bit()) incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\"; else incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; var tb_incumbent_path = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; for (i = 0; i < partners.length; ++i) { varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\"; var tb_path = tb_incumbent_path + partners[i] + "\\Macro\\" varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || ""; vartb_type = pipgetRegValue (tb_path, "tb-type", 0) || ""; if (browsers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
} // CanBeInstalled
Ansi based on Dropped File
(rules.js)
} // CascadeThroughBrowsers(p_browser, cascade_count)
Ansi based on Dropped File
(rules.js)
} // CheckForBlockedPID
Ansi based on Dropped File
(rules.js)
} // CheckVersion
Ansi based on Dropped File
(rules.js)
} // defaultBrowser
Ansi based on Dropped File
(rules.js)
} // GetInstalledToolbars
Ansi based on Dropped File
(rules.js)
} // GetOfferID
Ansi based on Dropped File
(rules.js)
} // GetToolbarInfo
Ansi based on Dropped File
(rules.js)
} // GetToolbarsOnBrowser
Ansi based on Dropped File
(rules.js)
} // incumbantAVIRACheck
Ansi based on Dropped File
(rules.js)
} // InstallCheck
Ansi based on Dropped File
(rules.js)
} // isObjEmpty
Ansi based on Dropped File
(rules.js)
} // isSaturationOffer
Ansi based on Dropped File
(rules.js)
} // isUniquePIDOnMachine
Ansi based on Dropped File
(rules.js)
} // MoreToCascade
Ansi based on Dropped File
(rules.js)
} // Offers.Check
Ansi based on Dropped File
(rules.js)
} // Offers.OfferedToolbars
Ansi based on Dropped File
(rules.js)
} // Offers.RetrieveResult
Ansi based on Dropped File
(rules.js)
} // Offers.StoreResult
Ansi based on Dropped File
(rules.js)
} // PIDOnBlockedList
Ansi based on Dropped File
(rules.js)
} // Result
Ansi based on Dropped File
(rules.js)
} // TbTypesIntersect
Ansi based on Dropped File
(rules.js)
} // ToolbarInfo
Ansi based on Dropped File
(rules.js)
} // toolbarsHaveTypeBlock
Ansi based on Dropped File
(rules.js)
} // UniquePIDTbType
Ansi based on Dropped File
(rules.js)
} // v7installChecker
Ansi based on Dropped File
(rules.js)
} // ValidBrowser(p_browser)
Ansi based on Dropped File
(rules.js)
} catch (e)
Ansi based on Dropped File
(rules.js)
} catch (x) {
Ansi based on Dropped File
(objectmodel.js)
} catch(e)
Ansi based on Dropped File
(rules.js)
} catch(e) {
Ansi based on Dropped File
(orchestrator.html)
} else if (typeof space === 'string') {
Ansi based on Dropped File
(orchestrator.html)
} else {
Ansi based on Dropped File
(rules.js)
} while (MoreToCascade(cascade_count, potential_browser, run_cycle));
Ansi based on Dropped File
(rules.js)
}());
Ansi based on Dropped File
(orchestrator.html)
}) + '"' : '"' + string + '"';
Ansi based on Dropped File
(orchestrator.html)
}// If the replacer is an array, use it to select the members to be stringified. if (rep && typeof rep === 'object') { length = rep.length; for (i = 0; i < length; i += 1) { if (typeof rep[i] === 'string') { k = rep[i]; v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } } else {// Otherwise, iterate through all of the keys in the object. for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } }// Join all of the member
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
}?2g[]a`T_
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}catch (e)
Ansi based on Dropped File
(rules.js)
}catch(e)
Ansi based on Dropped File
(rules.js)
}catch(e){
Ansi based on Dropped File
(rules.js)
}else {
Ansi based on Dropped File
(rules.js)
}else{
Ansi based on Dropped File
(rules.js)
}if(isEmpty(incumbentPartners)){return incumbentPartnerIDs;}incumbentPartnerIDs = incumbentPartners.split(",");}catch (e){}return incumbentPartnerIDs;}function isBlockListed(tlbrID) {try {for(var j=0; j<jsonString.blocklistedPartners.length;j++){if(tlbrID == jsonString.blocklistedPartners[j]) {return true;}}} catch (e){}return false;}function getReasonCode(reasonDescription) {if(isLatestClient(version)) return reasonDescription;return false;}function v6eligibleChecklist(partnerID,incPartners){try{var incumbentTbType;var incumbentPartnerRegPath;if(incPartners.length < 1 || incPartners.length >= 4) {reasonString = SideBySideLimitExceeded;return false; }for(var k=0; k<incPartners.length;k++){incumbentPartnerRegPath= getIncbumbentRegPath(incPartners[k]);incumbentTbType = pipgetRegValue(incumbentPartnerRegPath,"tb-type",0);if(partnerID == incPartners[k]){reasonSt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
}varResultWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-se -ppd 3276
Ansi based on Process Commandline
(<Input Sample>)
... UI button controls-->
Ansi based on Dropped File
(APNAnalytics.xml)
</control>
Ansi based on Dropped File
(APNAnalytics.xml)
</controls>
Ansi based on Dropped File
(APNAnalytics.xml)
</GeneralParameters>
Ansi based on Dropped File
(APNAnalytics.xml)
</Language>
Ansi based on Dropped File
(APNAnalytics.xml)
</offer>
Ansi based on Dropped File
(APNAnalytics.xml)
</offereula>
Ansi based on Dropped File
(APNAnalytics.xml)
</Parameters>
Ansi based on Dropped File
(APNAnalytics.xml)
</root>
Ansi based on Dropped File
(APNAnalytics.xml)
</stringtable>
Ansi based on Dropped File
(APNAnalytics.xml)
<?xml version="1.0" encoding="utf-8"?>
Ansi based on Dropped File
(APNAnalytics.xml)
<apnanalytics></apnanalytics>
Ansi based on Dropped File
(APNAnalytics.xml)
<apps></apps>
Ansi based on Dropped File
(APNAnalytics.xml)
<bgColor>EFEBDF</bgColor>
Ansi based on Dropped File
(APNAnalytics.xml)
<CancelX>88</CancelX>
Ansi based on Dropped File
(APNAnalytics.xml)
<CancelY>37</CancelY>
Ansi based on Dropped File
(APNAnalytics.xml)
<control bgcolor="" checked="false" color="" ctrltype="offer" ctrlvalue="true" height="40" id="eula" isBold="true" subctr="" text="STRID_EULA" type="checkbox" width="400" x="50" y="90"></control>
Ansi based on Dropped File
(APNAnalytics.xml)
<control bgcolor="#FFD793" color="" fontsize="20" height="60" id="txt1-of11" isBold="true" text="Frostwire Demo Starting....." type="text" width="400" x="0" y="0"></control>
Ansi based on Dropped File
(APNAnalytics.xml)
<control bgcolor="#ffffff" color="" height="190" id="txt1-of10" isBold="false" text="" type="text" width="420" x="30" y="80">
Ansi based on Dropped File
(APNAnalytics.xml)
<controls>
Ansi based on Dropped File
(APNAnalytics.xml)
<DefaultUiReadyTimeout>1800</DefaultUiReadyTimeout>
Ansi based on Dropped File
(APNAnalytics.xml)
<GeneralParameters>
Ansi based on Dropped File
(APNAnalytics.xml)
<GetServer>http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}</GetServer>
Ansi based on Dropped File
(APNAnalytics.xml)
<Height>399</Height>
Ansi based on Dropped File
(APNAnalytics.xml)
<HideEula>1</HideEula>
Ansi based on Dropped File
(APNAnalytics.xml)
<Language langID="en">
Ansi based on Dropped File
(APNAnalytics.xml)
<NextX>169</NextX>
Ansi based on Dropped File
(APNAnalytics.xml)
<NextY>37</NextY>
Ansi based on Dropped File
(APNAnalytics.xml)
<offer bgcolor="#EFEBDF" bkgImage="" color="" display="true" displayname="" icParams="" icProceed="" icUrl="" id="{cpf1}" imageheight="" imagewidth="" switchcontroltype="checkbox" title="STRID_TITLE" transparency="255">
Ansi based on Dropped File
(APNAnalytics.xml)
<offereula>
Ansi based on Dropped File
(APNAnalytics.xml)
<Parameters>
Ansi based on Dropped File
(APNAnalytics.xml)
<PIPReportSever>pipoffers.apnpartners.com/PIP/OfferAccept.jhtml</PIPReportSever>
Ansi based on Dropped File
(APNAnalytics.xml)
<pProductID get="Y" id="pProductID" position="2" report="Y"/>
Ansi based on Dropped File
(APNAnalytics.xml)
<PreviousX>250</PreviousX>
Ansi based on Dropped File
(APNAnalytics.xml)
<PreviousY>37</PreviousY>
Ansi based on Dropped File
(APNAnalytics.xml)
<RegistryKey>HKEY_CURRENT_USER\Software\APN PIP\Analytics\{partnerid}</RegistryKey>
Ansi based on Dropped File
(APNAnalytics.xml)
<ReportSever>anx.apnanalytics.com/200/pip/test.gif?</ReportSever>
Ansi based on Dropped File
(APNAnalytics.xml)
<root>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_CANCEL">Cancel</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_CANCEL_TEXT">Are you sure you want to cancel installation?</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_EULA">If you accept the terms of the agreement, click I Agree to continue. You must accept the agreement to install FrostWire 4.21.3</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_EULA1">www.FrostWire.com</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_NEXT">I Agree</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_TEXT1">Press Page Down to see the rest of the agreement.</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<string id="STRID_TITLE">FrostWire Setup</string>
Ansi based on Dropped File
(APNAnalytics.xml)
<stringtable>
Ansi based on Dropped File
(APNAnalytics.xml)
<Width>513</Width>
Ansi based on Dropped File
(APNAnalytics.xml)
}if(isEmpty(incumbentPartners)){return incumbentPartnerIDs;}incumbentPartnerIDs = incumbentPartners.split(",");}catch (e){}return incumbentPartnerIDs;}function isBlockListed(tlbrID) {try {for(var j=0; j<jsonString.blocklistedPartners.length;j++){if(tlbrID == jsonString.blocklistedPartners[j]) {return true;}}} catch (e){}return false;}function getReasonCode(reasonDescription) {if(isLatestClient(version)) return reasonDescription;return false;}function v6eligibleChecklist(partnerID,incPartners){try{var incumbentTbType;var incumbentPartnerRegPath;if(incPartners.length < 1 || incPartners.length >= 4) {reasonString = SideBySideLimitExceeded;return false; }for(var k=0; k<incPartners.length;k++){incumbentPartnerRegPath= getIncbumbentRegPath(incPartners[k]);incumbentTbType = pipgetRegValue(incumbentPartnerRegPath,"tb-type",0);if(partnerID == incPartners[k]){reasonSt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
showSecondaryOffer=false;return true;}function aviraToolbarInstallCheck(){try{showSecondaryOffer=true;if(!offerAviraV6NewInstall){return getReasonCode(AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented);}}catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function checkPrimaryTlbrOffered() {try{showSecondaryOffer=true;if(primaryToolbarOfferFlag){return getReasonCode(PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected);}} catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function clientSupported() {try{var versionValue=cmpVersions(version,"2.6.12.1");if(versionValue >= 0){return true;}} catch(e){}return false;}function isAskSecureOfferEligible () {try{showSecondaryOffer=true;if (!isSupportedOS()) return false;if (!isOSServicePackCompatible()) {return getReasonCode(reasonString);}
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{}return false;}function checkOverinstall() {try{var getIEversion ="";var isIE9extnenabled="";var toolbarDisableFlag="";var getIEversion=browser.ieVersion;if(parseInt(getIEversion) > 8){parseInt(isIE9extnenabled,2)=system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Approved Extensions","{D4027C7F-154A-4066-A1AD-4243D8127440}",0);}toolbarDisableFlag = system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{D4027C7F-154A-4066-A1AD-4243D8127440}","Flags",0);if ( parseInt(toolbarDisableFlag) == 64 || parseInt(toolbarDisableFlag) == 1){return true;}}catch(e){if(parseInt(getIEversion) > 8){if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 3"){return false;}if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 0"){return true;}}if(e.message =="CSystemUtil::getRegValue Failed : Un
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(checkOverinstall()) {v6SaturationToolbarOfferFlag = true;return true;}}catch(e){}return false;}function isV6TlbrEligible() {try{var incumbentPartnerList = getIncumbentPartners(); if(isEmpty(incumbentPartnerList)) return true;if(v6eligibleChecklist(primaryTlbrID,incumbentPartnerList)){v6SaturationToolbarOfferFlag = true;return true;}}catch(e){}return false;}function isSaturationInstalled(partnerid) {try{var incumbentTlbrList;incumbentTlbrList = getIncumbentPartners();if(!isEmpty(incumbentTlbrList)){for(var i=0; i<incumbentTlbrList.length;i++){if((incumbentTlbrList[i].indexOf("-SAT") > -1 && satTlbrID.indexOf("-SAT")> -1)) {partnerid.value=incumbentTlbrList[i];return true;}}}}catch(e){}return false;}function checkV5ToolbarInstalled(){try{var v5TlbrID;showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowse
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<TrayTipTime>2000</TrayTipTime><ShowLoadingScreen>false</ShowLoadingScreen><PreviousX>250</PreviousX><PreviousY>37</PreviousY><CancelX>88</CancelX><CancelY>37</CancelY><MessageUser>false</MessageUser><installpic_x>0</installpic_x><installpic_y>0</installpic_y><downloadpic_x>0</downloadpic_x><downloadpic_y>0</downloadpic_y><installpic_width>594</installpic_width><installpic_height>65</installpic_height><downloadpic_width>594</downloadpic_width><downloadpic_height>65</downloadpic_height><CancelDeclinesOffer>true</CancelDeclinesOffer><NumberOfSecOffersToShow>0</NumberOfSecOffersToShow><Orchestrator>./orchestrator.html?PIPPID=AVR2V6&PTBPartnerID=AVR2V6&tbType=vanilla&version={version}</Orchestrator><CBID>AVX</CBID></GeneralParameters><LanguageParameters><CancelContinue id="default">STRID_CContinue</CancelContinue><CancelForce id="default">STRID_CForce</CancelForce><WaitAndTerminate id="default">STRID_WaitAndTerminate</WaitAndTer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var inputCRBrowserVersionNotSupported = "29:CR Browser Version Is NOT Supported";var inputFFBrowserVersionNotSupported = "30:FF Browser Version Is NOT Supported";var PIDsAreSameOnSameBrowser = "31:PIDs Are the Same, On the Same Browser";var toolbarTypeCollision = "32:On the Same Browser, Toolbar Types Collide";var PIDIsOnBlockedList = "33:PID is on Block List"var AlreadyAtMaxNumberOfPartnersPerBrowser = "34:Already At Maximum Number of Partners Per Browser";var uniquePIDTbType = "35:Toolbar Type is already owned by PID";var jsonString={ "blocklistedPartners": ["FTB","FTB4","OVO2","WCL2","WCL3"], "makeofferdisabled": ["WCL2","ACDS","ADS","AF3-SRS","AGH","ALSV5-DL","AM2","AM3","AMG","APLV5","APL1V5","APL2V5","ATR","ATU","ATU-DL","ATU-ASK","ATU-QBD","ATU-SRS"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{blocklistedPartner=blocklistedPartner+" "+primaryTlbrID;return getReasonCode(blocklistedPartner);}if(!isV6TlbrEligible()){v6SaturationToolbarOfferFlag = false;return getReasonCode(reasonString);}}catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function partneridfunc(){this.value="";}function offerV6SaturationToolbar(){try{var partnerid =new partneridfunc();if(v6SaturationToolbarOfferFlag) {return getReasonCode(v5Offerpresented);}showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowser(satTlbrID)){return getReasonCode(unsupportedBrowser);}if (isBlockListed(satTlbrID)){return getReasonCode(blocklistedPartner);}if (isSaturationInstalled(partnerid)){v6SatInstalled=v6SatInstalled +" "+ partnerid.value;return getReasonCode(v6SatInstalled);}showSecondaryOffer = false;return true;}catch(e)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
return true;}function getIncbumbentRegPath(partnersID){try{var partnerRegPath="";if(is64Bit()){partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";} else {partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";}partnerRegPath+=partnersID+"\\Macro\\";}catch(e){}return partnerRegPath;}function v6incumbentPartnerCheck(partner){try{var installedPartners = getIncumbentPartners(); if(isEmpty(installedPartners)) return true;for(var i=0; i<installedPartners.length;i++){if(installedPartners[i].startsWith(partner)){return false;}}}catch(e){}return true;}function v5incumbentPartnerCheck(partnerids){try{var toolbarID;if(is64Bit()){toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);} else {toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);}
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if (replacer && typeof replacer !== 'function' && (typeof replacer !== 'object' || typeof replacer.length !== 'number')) { throw new Error('JSON.stringify'); }// Make a fake root object containing our value under the key of ''.// Return the result of stringifying the value. return str('', {'': value}); }; }// If the JSON object does not yet have a parse method, give it one. if (typeof JSON.parse !== 'function') { JSON.parse = function (text, reviver) {// The parse method takes a text and an optional reviver function, and returns// a JavaScript value if the text is a valid JSON text. var j; function walk(holder, key) {// The walk method is used to recursively walk the resulting structure so// that modifications can be made. var k, v, value = holder[key]; if (value && typeof value === 'object'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
JSON.parse = function (text, reviver) {// The parse method takes a text and an optional reviver function, and returns// a JavaScript value if the text is a valid JSON text. var j; function walk(holder, key) {// The walk method is used to recursively walk the resulting structure so// that modifications can be made. var k, v, value = holder[key]; if (value && typeof value === 'object') { for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = walk(value, k); if (v !== undefined) { value[k] = v; } else { delete value[k]; } } } } return reviver.call(holder, key, value); }// Parsing ha
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var objectModel = {};objectModel.initialized = false;function init() { if (objectModel.initialized === false && typeof window !== "undefined" && typeof window.external !== "undefined") { logger = {}; _logger = window
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IHDR
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
.replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']') .replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {// In the third stage we use the eval function to compile the text into a// JavaScript structure. The '{' operator is subject to a syntactic ambiguity// in JavaScript: it can begin a block or an object literal. We wrap the text// in parens to eliminate the ambiguity. j = eval('(' + text + ')');// In the optional fourth stage, we recursively walk the new structure, passing// each name/value pair to a reviver function for possible transformation. return typeof reviver === 'function' ? walk({'': j}, '') : j; }// If the text is not JSON parseable, then a SyntaxError is thrown. throw new SyntaxError('JSON.parse'); }; }}());</script><script type="text/javascript" src="./objectModel.js"></script> <script type="text/
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
= "14:CPU speed less than 1000 MHZ ";;var MachineDiskFreeSpaceLessThan2000MB = "15:64 bit machine Disk free space less than 2000MB ";var MachineDiskFreeSpaceLessThan850MB = "16:32 bit machine Disk free space less than 850MB ";var SystemPhysicalMemoryIsVeryLow = "17:System Physical Memory is very low";var NortonSafeSearchToolbarInstalled = "17:Norton Safe search Toolbar installed";var AnchorFreeUnsupportedOS = "18: AnchorFree unsupported OS XP or Vista 64bit ";var AviraToolbarPresentAskSecureOfferRejected = "19: Avira Toolbar present, Ask secure offer rejected";var AskSecureToolbarPresentAviraOfferRejected = "20:Ask Secure toolbar present, Avira offer rejected";var AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit = "20: Audials offer not eligible as unsupported OS XP 32 or Vista 64
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
level. If it is a string (such as '\t' or ' '), it contains the characters used to indent at each level. This method produces a JSON text from a JavaScript value. When an object value is found, if the object contains a toJSON method, its toJSON method will be called and the result will be stringified. A toJSON method does not serialize: it returns the value represented by the name/value pair that should be serialized, or undefined if nothing should be serialized. The toJSON method will be passed the key associated with the value, and this will be bound to the value For example, this would serialize Dates as ISO strings. Date.prototype.toJSON = function (key) { function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
reasonString += " Installed PID/tbType " + installed_toolbars[i].PID + "/" + installed_toolbars[i].tb_type; reasonString += " New PID/tbType " + toolbar_to_be_installed.PID + "/" + toolbar_to_be_installed.tb_type; return false; } } } return true; } // UniquePIDTbType // // Checks to see if AVIRA is already installed on the machine; if so, // check to see if trying to install another AVIRA === OK, or vanilla === OK, // secure === NOT OK. Assumes PIDTb collision has already been run. // function incumbantAVIRACheck(p_installed_toolbars, p_toolbar_to_be_installed) { var incumbant_AVIRA = false; var PID_to_be_installed = []; for (var i = 0; i < p_installed_toolbars.length; ++i) { if ((p_installed_toolbars[i].PID.subst
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
return ""; } var to_be_installed = []; to_be_installed.push(toolbar_to_be_installed); if (toolbarsHaveTypeBlock(to_be_installed) || toolbarsHaveTypeBlock(installed_toolbars) ) { if (installed_toolbars.length && isUniquePIDOnMachine(installed_toolbars, toolbar_to_be_installed.PID)) { reasonString = tbtypeOfBlockPIDNotEqual + " PIDS " + installed_toolbars[0].PID + " and " + toolbar_to_be_installed.PID; return "" } } if (incumbantAVIRACheck(installed_toolbars, toolbar_to_be_installed)) return ""; var cascade_count = 0; var potential_browser; do { potential_browser = CascadeThroughBrowsers(p_browser, cascade_count); potential_browser = CheckVersion(potential_browser); potential_browser = ValidBrowser(potential_browser); ++cascade_count;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
}// If the replacer is an array, use it to select the members to be stringified. if (rep && typeof rep === 'object') { length = rep.length; for (i = 0; i < length; i += 1) { if (typeof rep[i] === 'string') { k = rep[i]; v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } } else {// Otherwise, iterate through all of the keys in the object. for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } }// Join all of the member
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
= all_browsers.orBr.toUpperCase(); this.stubversion = "7.0.0"; if (tb_info) { this.tbType = tb_info?tb_info.tb_type:""; this.tbID = tb_info.PID; } }} // Result//// param is in the form: CurrentID|PreviousID-(checkboxID:(true|false)|)*//function UIRule(param) { var return_obj = {}; return_obj.result = 1; return_obj.errorDescription = "Value Was False"; return_obj.display = 0; try { var result = 1;if (show_logger) logger.log("\r\n ****** Frog UI. Parameter " + param); if (show_logger) logger.log ("type of param is " + typeof param); var offer_ids = param.split('-'); if (show_logger) logger.log("offer_ids after split"); if (show_logger) logger.log("offer_ids " + offer_ids); var offer_ids = param.split('-')[0].split('|'); if (show_logger) logger.log(" ---
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (this.cache[i].result) return this.cache[i].result; } } return {};} // Offers.RetrieveResultOffers.OfferedToolbars = function (installed_toolbars, offer_id){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) return; if (this.cache[i].tb_info && this.cache[i].tb_info.PID) installed_toolbars.push(this.cache[i].tb_info); } } // Offers.OfferedToolbarsOffers.StoreResult = function (offer_id, result, toolbar_to_be_installed){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) { this.cache[i].result = result; this.cache[i].tb_info = toolbar_to_be_installed; break; } } for (++i; i < this.cache.length; ++i) { delete this.cache[i].result; }} // Offers.StoreResultfunction InstallCheck(param){ i
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (jsonString.blocklistedPartners.length === 0) return false; for (var i = 0; i < p_toolbartypes.length; ++i) { for (var j = 0; j < jsonString.blocklistedPartners.length; ++j) { if (jsonString.blocklistedPartners[j] === p_toolbartypes[i]) return true; } } return false; } // PIDOnBlockedList } // CheckForBlockedPID function UniquePIDTbType() { for (var i = 0; i < installed_toolbars.length; ++i) { if (TbTypesIntersect(installed_toolbars[i].tb_type, toolbar_to_be_installed.tb_type)) { if (installed_toolbars[i].PID != toolbar_to_be_installed.PID) { reasonString = uniquePIDTbType;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
for (var i = 0, N = installed_toolbars.length; i < N; ++i) { if (installed_toolbars[i].browser == p_browser) toolbars_on_browser.push(installed_toolbars[i]); } if (toolbars_on_browser.length == 0) { if (show_logger) logger.log(" Toolbars on Browser == 0 return " + p_browser + "\n"); return p_browser; } if (toolbars_on_browser[0].PID == toolbar_to_be_installed.PID) { if (show_logger) logger.log(" PID === PID : " + toolbars_on_browser[0].PID + " : " + toolbar_to_be_installed.PID + "\n"); reasonString = PIDsAreSameOnSameBrowser + ", Browser " + p_browser + " PIDS [" + toolbar_to_be_installed.PID + "]"; return ""; } if (toolbars_on_browser.length >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER) { if (show_logger) logger.log(" >= MAX_NUMBER
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
this.orgb = all_browsers.orBr.toUpperCase(); this.apn_dbr = all_browsers.dfBr.toUpperCase(); this.cmdb = all_browsers.cmdBr; this.IEVersionInstalled = all_browsers.ie; this.FFVersionInstalled = all_browsers.ff; this.ChromeVersionInstalled = all_browsers.cr; this.TrackID = ""; if (offers_gen_params && offers_gen_params.GeneralParameters && offers_gen_params.GeneralParameters.TrackID) this.TrackID = offers_gen_params.GeneralParameters.TrackID; toolbars_on_ie = toolbars_on_ie || GetToolbarsOnBrowser("ie"); toolbars_on_cr = toolbars_on_cr || GetToolbarsOnBrowser("cr"); toolbars_on_ff = toolbars_on_ff || GetToolbarsOnBrowser("ff"); this.IETB = toolbars_on_ie; this.FFTB = toolbars_on_ff; this.ChromeTB = toolbars_on_cr; this.TBPartnerid = toolbar_to_be_installed.PID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ if (offers_gen_params.offers[i].id === p_offer_id) { toolbar_type = offers_gen_params.offers[i].tbType || ""; toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; break; } } var reg_exp = /-?(V5|V6|V7)$/i; var r1 = toolbar_id.match(reg_exp); var r2; var current_time = new Date(); if (current_time > CUTOVER_DATE) { if (r1) { r2 = toolbar_id.slice(0, -r1[0].length); if (r1[0].length === 3) r2 += "-V7"; else r2 += "V7"; } else { r2 = toolbar_id + "-V7" } toolbar_id = r2; } var obj = { PID : toolbar_id, tb_type : toolbar_type }; return obj;} // GetToolbarInfofunction v7installChecker(param) { var MAX_NUMBER_OF_TOOLBARS_ON_BROWSER = 3; var MAX_NUMBER_OF_TO
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
l = Math.min(a.length, b.length); for (i=0; i<l; i++) { d = parseInt(a[i], 10) - parseInt(b[i], 10); if (d !== 0) { return d; } } return a.length - b.length;}function isLatestClient(clientversion) {try{var versionresult=cmpVersions(clientversion,"2.6.8.0");if(versionresult >= 0){return true;}}catch(e){}return false;}function is64Bit(){if(window.navigator.userAgent.indexOf('WOW64')>-1 || window.navigator.platform=='Win64')return true;else return false;}function isSupportedOS() {try {if (window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {return true}} catch(e){}return false;}function makeoffer(pa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
var lu_table = [["cr", "ie", "ff"], ["ie", "cr", "ff"], ["ff", "cr", "ie"]]; if (!p_browser) return p_browser; if (cascade_count <= 0) return p_browser; if (cascade_count >=3) return ""; for (var i = 0; i < lu_table.length; ++i) { if (lu_table[i][0] === p_browser) { return lu_table[i][cascade_count]; } } return ""; } // CascadeThroughBrowsers(p_browser, cascade_count) function MoreToCascade(cascade_count, potential_browser, run_cycle) // ==> bool { if (!run_cycle) return false; if (cascade_count >= 3) return false; if (potential_browser) return false; return true; } // MoreToCascade function CheckVersion(p_browser) // ==>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
&& all_browsers.cr) { var version = parseInt(all_browsers.cr, 10); if (show_logger) logger.log(" CheckVersion of Chrome, version : " + version); if (version > 0) return "cr"; } reasonString = inputCRBrowserVersionNotSupported + " [" + all_browsers.cr + "]"; return ""; } if (p_browser == "ff") { if (all_browsers && all_browsers.ff) { var version = parseInt(all_browsers.ff, 10); if (version > 2) return "ff"; } reasonString = inputFFBrowserVersionNotSupported + " [" + all_browsers.ff + "]"; return ""; } } // CheckVersion function ValidBrowser(p_browser) // ==> string { var toolbars_on_browser = [];
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
':') + v); } } } } else {// Otherwise, iterate through all of the keys in the object. for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': ' : ':') + v); } } } }// Join all of the member texts together, separated with commas,// and wrap them in braces. v = partial.length === 0 ? '{}' : gap ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' : '{' + partial.join(',') + '}'; gap = mind; return v; } }// If the JSON object does not yet have a stringify method, give it one. if (typeof JSON.stringify !== 'function') { JSON.stringify = funct
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
'@' (a non-JSON character). Second, we// replace all simple value tokens with ']' characters. Third, we delete all// open brackets that follow a colon or comma or that begin the text. Finally,// we look to see that the remaining characters are only whitespace or ']' or// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval. if (/^[\],:{}\s]*$/ .test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@') .replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']') .replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {// In the third stage we use the eval function to compile the text into a// JavaScript structure. The '{' operator is subject to a syntactic ambiguity// in JavaScript: it can begin a block or an object literal. We wrap the text// in parens to eliminate the ambiguity. j = eval('(' + text + ')');// In the optional fourth stage, we recursively wa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
(show_logger) logger.log(" --- Enter InstallCheck with param of : " + JSON.stringify(param)); var is_saturation_offer = false; var return_JSON; var offer_id = GetOfferID(param); var current_time = new Date(); if (current_time > CUTOVER_DATE) { var v7_result = v7installChecker(param); return v7_result; } if (!isSupportedOS() || !isOSServicePackCompatible()) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; return JSON.stringify(return_JSON); } offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); toolbar_to_be_installed = GetToolbarInfo(offer_id); toolbar_to_be_installed.PID = primaryTlbrID; if (Offers.Check(offer_id)) return JSON.stringify(Offers.RetrieveResult(offer_id)); installed_toolbars = installed_to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
++primary_toolbar_ok_to_present; } break; } } } if (primary_toolbar_ok_to_present && is_saturation_offer) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(secondaryOfferRejected, 10); return_JSON.errorDescription = secondaryOfferRejected; } return return_JSON; } function OriginBrowser() { var tb = "" || (all_browsers && all_browsers.orBr); return tb.slice(0, 2); } function DefaultBrowser() { var tb = "" || (all_browsers && all_browsers.dfBr); return tb.slice(0, 2); } function CommandLineBrowser() { var tb = "" || (all_browsers && all_browsers.cmdBr); return tb.slice(0, 2); } function CanBeInstalled(p_browser, run_cycle) // ==> string { if (show_logger) logger.log("\nCanBeInstalled :<"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<string id="STRID_Success_Text">The installation has completed successfully.</string> <string id="STRID_Eula_Text">If you do not want to share technical information with ASK, please un_check and click Next</string> <string id="STRID_Optin_Text">By clicking 'NEXT', I agree to the</string> <string id="STRID_AveryLabel2">APN Toolbar</string> <string id="STRID_Downloading_Text">Downloading file</string> <string id="STRID_No_Offer_Text">There is a problem with the installer. Please contact your software provider and inform them of the issue.</string> <string id="STRID_Downloading_Error">There was a problem downloading the files. Please check that you have a valid Internet connection and try again.</string> <string id="STRID_Downloading_Error_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string><string id="STRID_DIC2V5_Loading_Text">Loading Dictionary.com required files...</string> <string id="S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
command line arguments - check the log file for details
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
donwload progress pointer. Skipping progress update.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
get icmp protocol
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
n; } return this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.getUTCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z'; }; You can provide an optional replacer method. It will be passed the key and value of each member, with this bound to the containing object. The value that is returned from your method will be serialized. If your method returns undefined, then the member will be excluded from the serialization. If the replacer parameter is an array of strings, then it will be used to select the members to be serialized. It filters the results such that only members with keys listed in the replacer array are
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
new[]
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OnExit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
optout="true" displayname="Avery Error" > ... Offer Tag start --> ... List of files to be downloaded Refer the bottom for attribute definition --> </offer></primary_offers><params></params></root>P(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
PIP Show UI exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Return type
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
selections:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
the internal timer and setting the dialog timer.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
to cancel
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
transferred
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
while (MoreToCascade(cascade_count, potential_browser, run_cycle)); return potential_browser; function CheckForBlockedPID() { var PID_to_be_installed = []; var PIDs_on_Machine = []; PID_to_be_installed.push(toolbar_to_be_installed.PID); for (var i = 0, N = installed_toolbars.length; i < N; ++i) { PIDs_on_Machine.push(installed_toolbars[i].PID); } if (PIDOnBlockedList(PIDs_on_Machine) || PIDOnBlockedList(PID_to_be_installed) ) { if (show_logger) logger.log(" PID on Blocked List: " + JSON.stringify(PIDs_on_Machine) + " and " + JSON.stringify(toolbar_to_be_installed) + "\n"); reasonString = PIDIsOnBlockedList + " " + toolbar_to_be_installed.PID; return true; } return false; function PIDOnBlockedList(p_toolbartypes) // ==> bool
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
{ for (k in value) { if (Object.prototype.hasOwnProperty.call(value, k)) { v = walk(value, k); if (v !== undefined) { value[k] = v; } else { delete value[k]; } } } } return reviver.call(holder, key, value); }// Parsing happens in four stages. In the first stage, we replace certain// Unicode characters with escape sequences. JavaScript handles many characters// incorrectly, either silently deleting them, or treating them as line endings. text = String(text); cx.lastIndex = 0; if (cx.test(text)) { text = text.replace(cx, function (a) { return '\\u' + ('0000' + a.charCodeAt(0).toStri
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
", browser : "ie"}); result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ff"}); result.push({PID: v5TlbrID, tb_type : "ALL", browser : "cr"}); } // // V6 // var partners = getIncumbentPartners(); var incumbentPartnerRegPath; if (!isEmpty(partners)) { if(is64Bit()) incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\"; else incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; for (i = 0; i < partners.length; ++i) { // Check if V7 toolbar, if so go to next; varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\"; varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || ""; if (browsers) continue; varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Macro\\"; vartb_type = pipgetRegValue (partner_path, "tb-type", 0)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
",0);if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}}if(!isEmpty(defaultBrowser)){if(defaultBrowser.toLowerCase().indexOf("firefox.exe") > -1){ defBrowser =FIREFOX;return true;}if(defaultBrowser.toLowerCase().indexOf("iexplore.exe") > -1 ){defBrowser =IE;return true;}if(defaultBrowser.toLowerCase().indexOf("chrome") > -1 && makeoffer(partnerID)) {defBrowser =CHROME;return true;}n=defaultBrowser.lastIndexOf("\\");if(n==-1) n=0;defBrowser=defaultBrowser.substring(n,defaultBrowser.length-1);defBrowser=defBrowser.replace(/[^\w\s]/gi, '');unsupportedBrowser=unsupportedBrowser+defBrowser;} } catch (e){}return false;}function isV5TlbrEligible(){try{var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");if(isEmpty(checkV5Installed)) return true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"AXBX","BBY","BBY-SRS","BBY2","BBY2-SRS","BCC","BCPAP","BUD","BLP-DL","BGM","BOO","BOO2","BS","BT-SRS-T3","BT-T1","BT-T2","BT-T3","BT-ASK-T4","BUD","BW","C2P","CCS","CDS","CDS2","CDS3","CDS4","CEBV5","CFTPV5","CFTP2V5","CIE","CLA","CLM-DL","CNB","CNET","CNET2","CNET3","CPUID-DL","CPUID-ST","CS","CS-ST","CS2","CS3","CWN","DAT","DDI","DDIS","DDIS2","DGY","DIG-A","DIG-N","DIG-OFF","DIG-ON","DIG-P","DIG-S","DNA","DNA2","DPO","DVDX","DVDX2","EAC","F-CT","F-ET","FAC","FF2-DL","FJS","FKR","FLV","FM","FTB","FTB2","FTB3","FW-ASK","FW-QBD","FW-SRS","FWT","FW2V5","FXTV5-DL","GAM4","GAM-ASK-T4","GAM-SRS","GAM-SRS-T3","GAM-QBD","GAM-T1","GAM-T2","GAM-T3","GET-SRS","GET2-SRS","GET3-SRS","GGSV5","GGSV5-DL","GOM","GYG","HIY-SRS","HULU","ICM-SRS","IEAK9","IMB","IMB-DL","IMT","JDR","JMYV5","KG-ASK","KYT","LMW","LMW2","LMW3","LMW4","LMW-BETA","LMW-BETA2","LOL","LPLV5","LUC","MDG","MEB","MGN","MGX","MMB","MMG","MOV","MOV-DL","MP3","MP3DS","MP3FB","MP3P2","MP3R-ASK","MP3R-DL","MP3R-QBD","MP3R-SRS","MP3R4","MP3R5","MP3R6","MP3SF"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"HKEY_LOCAL_MACHINE\\SOFTWARE\\Uniblue\\SpeedUpMyPC","InstalledLocation",0);if(!isEmpty(UBRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isPalTalkEligibleOffer() {try{var PTRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Paltalk","InstallerAppDir",0);if(!isEmpty(PTRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isSuperFishEligibleOffer() {try{var SFRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\AppDataLow\\Software\\superfish","InstallStatus",0);if(!isEmpty(SFRegistryPath) && SFRegistryPath.toLowerCase() =="ok"){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function preCheckSecondaryOffer() {try{if(!v6SaturationToolbarOfferFlag &&!showSecondaryOffer &&(primaryTlbrID.toLowerCase().indexOf("myc") > -1 || satTlbrID.toLowerCase().indexOf("myc-sat") >
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"MP3SW","MP3TR","MP3SD","MPC","MPC2","MROV5","MYC","MYC-ASK","MYC-DL","MYC-SRS","MYC-QBD","NG1V5","NG2V5","NG3V5","NG4V5","NSC-S","NSC-O","NSC-E","NSC-P","NSC-A","NSC-N","NSC-NS","NR1V5","NRV5","NXZ","ORJ-SAT","ORJ2","ORJ2-SAT","OSUB","OTV5","OVO","PCH","PDF","PDF2","PDO","PFN","PLF3","PLF4","PLTV5","PLTV5-DL","PLTV5-DL2","POS","POS2","PTF","PTJ","PTV2","PTV2-DL","PTV5","QSYS","RAD","S99","SBES","SCV5","SDT","SE","SF","SKR","SNAPT","SNP-ST","SP","SP2","SPC","SPT","SRFV5","SS2V5","SS3V5","STC2","STC4","STC-SRS","STC2-SRS","STC3-SRS","STC4-SRS","STK","STK2","STK3","STK4","TEMU","THE","TKR","TM","TMN2","TTB","TTR","TVTYV5","UKT","UNI","URS","VDJ","VRS","VD","VD-DL","VZ3","WBG-DL","WBG-ST","WBM2","WBV5-DL","WCL","WCLV5","WCL2V5","WCR","WCV5","WME","WSV5","WZP","YLC","ZMR","ZTV","ZTV-DL","FBK","FB-BETA","FB-PRO","FB-APP","FB-ASK","FB-OD","FB-SEM","MDF","MDF-BETA","NRO","NRO2","NRO3","UTR","UTR2","WID","WID-BETA"]}function cmpVersions (a, b) { var i, l, d; a = a.split('.'); b = b.split('.');
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
"UI.XML"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
%%%2x
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%.0Lf
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
%H : %M
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%s:%s
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%s="%s"
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
%s='%s'
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
&#x%02X;
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
&
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
()... complete.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
(null)
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
(primaryTlbrID)){v6SaturationToolbarOfferFlag = false;return getReasonCode(unsupportedBrowser);}if(!isV5TlbrEligible()){v6SaturationToolbarOfferFlag = false;if(is64Bit()){v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);} else {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);}if(v5TlbrID == primaryTlbrID) v5ToolbarInstalled=v5ToolbarInstalled+"Same Partner ID "+v5TlbrID+"";v5ToolbarInstalled = v5ToolbarInstalled +" "+v5TlbrID;return getReasonCode(v5ToolbarInstalled);} }catch(e){}v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}function v6installChecker() {try{showSecondaryOffer=true;if (!isSupportedOS()) return false;if(!isSupportedBrowser(primaryTlbrID)){v6SaturationToolbarOfferFlag = false;return getReasonCode(unsupportedBrowser);}if(isBlockListed(primaryTlbrID)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
) {try{var nortonToolbarKey;if(is64Bit()){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);if(isEmpty(nortonToolbarKey)){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);}}else {nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);if(isEmpty(nortonToolbarKey)){nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);}}if(!isEmpty(nortonToolbarKey)){logger.log("\r\n******************Norton Toolbar Installed****************");reasonString = NortonSafeSearchToolbarInstalled;return false;}} catch(e){
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
******* PIP Remote Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
***Attempting to launch second instance
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
+ p_browser + ">\n"); if (!p_browser) return ""; if (show_logger) logger.log(" Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n"); var pids = {}; for (var i = 0, N = installed_toolbars.length; i < N; ++i) { var pid_name = installed_toolbars[i].PID; pids[pid_name] = 1; } var name; var pid_str = ""; i = 0; for (name in pids) { if (i > 0) pid_str += ","; pid_str += name; if (name === toolbar_to_be_installed.PID) break; ++i; } if (i >= MAX_NUMBER_OF_TOOLBARS_ON_MACHINE) { reasonString = maxNumberOfPartnersExceeded + " [" + pid_str + "]"; return ""; } if (!UniquePIDTbType()) { return ""; } if (CheckForBlockedPID(reasonString)) {
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
-1)){return getReasonCode(precheckSecondary);}}catch (e){}return true;}function isSpeedCheckerInstalled() {try{var SCRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Speedchecker Limited\\PC Speed Up","Uninstaller",0);if(!isEmpty(SCRegistryPath)){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isOSServicePackCompatible() {try{var winServicePackRegValue;if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1){winServicePackRegValue=pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion","CSDVersion",0);if(!isEmpty(winServicePackRegValue)){if(winServicePackRegValue == "Service Pack 2" || winServicePackRegValue == "Service Pack 2"){reasonString= XPServicePackNotCompatible + winServicePackRegValue;return false;}}}if(window.navigator.appVersion.indexOf("Windows NT 5.2") != -1) { reasonString = Unsupporte
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
.8.1.0
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
00000401
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000402
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000403
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000404
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000405
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000406
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000407
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000408
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000409
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000040F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000410
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000411
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000412
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000413
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000414
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000415
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000416
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000417
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000418
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000419
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000041F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000420
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000421
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000422
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000423
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000424
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000425
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000426
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000427
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000428
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000429
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000042F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000432
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000434
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000435
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000436
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000437
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000438
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000439
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000043F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000440
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000441
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000442
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000443
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000444
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000445
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000446
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000447
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000448
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000449
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000044F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000450
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000451
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000452
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000453
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000454
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000456
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000457
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000045E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000461
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000462
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000463
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000464
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000465
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000468
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046B
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046D
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000046F
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000470
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000478
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000047A
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000047C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000047E
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000480
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000481
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000482
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000483
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000484
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000485
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000486
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000487
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000488
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
0000048C
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000491
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000501
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
000005FE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000801
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
00000804
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
018- unexpected heap error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
1#IND
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1#INF
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1#QNAN
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
1#SNAN
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
28-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, gap, indent, meta = { // table of character substitutions '\b': '\\b', '\t': '\\t', '\n': '\\n', '\f': '\\f', '\r': '\\r', '"' : '\\"', '\\': '\\\\' }, rep; function quote(string) {// If the string contains no control characters, no quote characters, and no// backslash characters, then we can safely slap some quotes around it.// Otherwise we must also replace the offending characters with safe escape// sequences. escapable.lastIndex = 0; return escapable.test(string) ? '"' + string.replace(escapable, function (a) { var c = meta[a]; return typeof c === 'string' ? c : '\\u' + ('0000' + a.charCodeAt(0).toSt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
32bit
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
64bit
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
9- not enough space for environment
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
: :L:h:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:::G:[:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:v<H>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
;6;\;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
< <$<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<.pbk
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
</%s>
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
<?xml version="1.0" encoding="utf-8"?><root><GeneralParameters><PreviousX>250</PreviousX><PreviousY>37</PreviousY><NextX>169</NextX><NextY>37</NextY><CancelX>88</CancelX><CancelY>37</CancelY><Height>445</Height><Width>600</Width><bgColor>EFEBDF</bgColor><RegistryKey>HKEY_CURRENT_USER\Software\APN PIP\Analytics\{partnerid}</RegistryKey><ReportSever>anx.apnanalytics.com/200/pip/test.gif?</ReportSever><PIPReportSever>pipoffers.apnpartners.com/PIP/OfferAccept.jhtml</PIPReportSever><HideEula>1</HideEula><GetServer>http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}</GetServer> <Parameters> <lang id="language" position="2" report="Y" get="Y"/> </Parameters></GeneralParameters><stringtable><Language langID="en"><string id="STRID_TITLE">FrostWire Setup</string><string id="STRID_TEXT1">Press Page Down to see the rest of the agreement.</string><string id="STRID_EULA">If you accept t
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<@<`<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
<HTML><HEAD><script type="text/javascript">var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; }
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
<I=o=A?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=%d time=%.0fms TTL=%d icmp_seq=%u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
=->3>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=4=V=&?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=A>b?y?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
=T?Y?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
> <string id="STRID_Next">Next</string> <string id="STRID_Accept">Accept</string> <string id="STRID_Accept_BCPA">I Accept</string> <string id="STRID_Accept_Continue">Accept and Continue</string><string id="STRID_Install_BCPA">Install</string><string id="STRID_Accept_SFT">I Agree</string> <string id="STRID_Decline">Decline</string> <string id="STRID_Next_FXTV5">Next</string> <string id="STRID_Finish">Next</string> <string id="STRID_Finish2">Finish</string> <string id="STRID_Install">Install</string> <string id="STRID_OK">OK</string> <string id="STRID_Cancel">Cancel</string><string id="STRID_IAgree">I Agree</string> <string id="STRID_Idisagree">I Disagree</string> <string id="STRID_Cancel_Text">Are you sure you want to cancel?</string><string id="STRID_FXTV5_Cancel_Text">Setup is not complete. If you exit now, the program will not be installed. You may run Setup again another time to complete the installation. Exit Setup?</string>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
>8?I?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
>@?K?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
>E>g>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
?-?R?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\HotspotShield","Publisher",0);}else{ AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);}if(!isEmpty(AFRegistryPath)){return getReasonCode(secondaryOfferInstalled);}} catch(e){}return true;}function isAudialsEligibleOffer(){try{if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){return AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit;}}catch(e){}return true;}function isDealPlyEligibleOffer() {try{var DPRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\DealPly","InstallStatus",0);if(!isEmpty(DPRegistryPath) && DPRegistryPath.toLowerCase() =="ok"){return getReasonCode(secondaryOfferInstalled);}}catch(e){}return true;}function isUniBlueEligibleOffer() {try{var UBRegistryPath = pipgetRegValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
\n\t"e",\n\t{\n\t\t"pluribus": "unum"\n\t}\n]' text = JSON.stringify([new Date()], function (key, value) { return this[key] instanceof Date ? 'Date(' + this[key] + ')' : value; }); // text is '["Date(---current time---)"]' JSON.parse(text, reviver) This method parses a JSON text to produce an object or array. It can throw a SyntaxError exception. The optional reviver parameter is a function that can filter and transform the results. It receives each of the keys and values, and its return value is used instead of the original value. If it returns what it received, then the structure is not modified. If it returns undefined then the member is deleted. Example: // Parse the text. Values that look like ISO date strings will // be converted to Date objects. myData = JSON.par
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
\Sessions\1\Windows\ApiPort
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
\ThemeApiPort
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
__based(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__cdecl
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__eabi
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__pascal
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
__ptr64
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_cabs
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_Cancel_Install_text">Cancelling this process is not advised. You will need to uninstall via Add/Remove programs.</string> <string id="STRID_Executingfile">PIP Installing...</string><string id="STRID_IE_STRING">*Toolbar installs and browser settings apply in Internet Explorer.</string><string id="STRID_FF_STRING">*Toolbar installs and browser settings apply in Firefox.</string><string id="STRID_CR_STRING">*Toolbar installs and browser settings apply in Chrome.</string><string id="STRID_ALL_STRING">*Toolbar installs and browser settings apply in IE, Firefox and Chrome.</string> </language></stringtable><primary_offers> <offer id = "AVR_ERROR" title="Avery Download" offerType="Static offer" bkgImage="http://ak.pipoffers.apnpartners.com/static/partners/AVR/images/AveryError.png" icUrl="" cancelHeight="23" cancelText="Close" cancelWidth="75" cancelX="97" cancelY="47" icParams="" icProceed="" color="" imagewidth= "594" bgcolor="" imageheight="360" transparency="255" cancelchoose="true
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
_CLASSES_ROOT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_hypot
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_LOCAL_MACHINE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_logb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_PERFORMANCE_DATA
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_Ready
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
_USER
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`h````
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`RTTI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`string'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`typeof'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
`vcall'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
abort
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Accept
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
achineID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Actual path %s . CreateDirectory last error %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
AD<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="APNInstaller" type="win32"/><description>.NET control deployment tool</description><dependency> <dependentAssembly> <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*" /> </dependentAssembly></dependency> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> ...The ID below ind
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
AddressFamily
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AddToFavoritesInitialSelection
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AddToFeedsInitialSelection
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
adingScreen
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
af-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ageButton
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ailed. Invalid Return Type, JSON was Malformed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al error. Error description -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al\PIP_Local_Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
al\PIP_UI_Ready_Local
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
alled
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
am-ET
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
am/pm
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
america
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
american
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
any spaces. if (typeof space === 'number') { for (i = 0; i < space; i += 1) { indent += ' '; }// If the space parameter is a string, it will be used as the indent string. } else if (typeof space === 'string') { indent = space; }// If there is a replacer, it must be a function or an array.// Otherwise, throw an error. rep = replacer; if (replacer && typeof replacer !== 'function' && (typeof replacer !== 'object' || typeof replacer.length !== 'number')) { throw new Error('JSON.stringify'); }// Make a fake root object containing our value under the key of ''.// Return the result of stringifying the value. return str('', {'': value}); }; }// If the JSON object does not yet have a parse method, give it one. if (typeof JSON.parse !== 'function')
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
apn_pip_local
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AppData
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
April
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ar-IQ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ar-SA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
arn-CL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
artup error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
as-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
atan2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ation
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
August
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
AuthenticodeEnabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AutoConfigURL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AutoDetect
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
AutodialDLL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
avascript" src="./rules.js"></script><script type="text/javascript">var primaryTlbrID = getURLParameters("PTBPartnerID");var satTlbrID = getURLParameters("STBPartnerID");var pipPartnerID = getURLParameters("PIPPID");var tbType=getURLParameters("tbType");var version=getURLParameters("version");var hidePtnrSecondaryOffer=getURLParameters("hideSecondary");var paramName;function getURLParameters(paramName) {var sURL = window.document.URL.toString(); if (sURL.indexOf("?") > 0){var arrParams = sURL.split("?"); var arrURLParams = arrParams[1].split("&"); var arrParamNames = new Array(arrURLParams.length);var arrParamValues = new Array(arrURLParams.length); var i = 0;for (i=0;i<arrURLParams.length;i++){var sParam = arrURLParams[i].split("=");arrParamNames[i] = sParam[0];if (sParam[1] != "")arrParamValues[i] = unescape(sParam[1]);elsearrParamValu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ax timeout reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
az-Latn-AZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ba-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
BarColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
be-BY
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
belgian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bg-BG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
BitBlt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
BITMAP
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
blank
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bn-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
bo-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
bpartnerid
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
br-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
britain
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bruary
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
bsJP2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Button2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
C:\OffercastInstaller_AVR_U_0363_01_P_.exe
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
ca-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheMode
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
canadian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
cancel
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Category
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cates application support for Windows Vista --> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/> ...The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility></assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
cause no valid offers to display
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ccess
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CEIPEnable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cel for execution progress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
celDialog
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CertificateRevocation
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cess handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
china
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
chinese
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Class
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ClientAuthBuiltInUI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CLSID
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
co-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CoInternetCombineIUriCacheSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ComputerName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ConsoleTracingMask
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Content Type
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
continue
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
conTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
coree.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
cs-CZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cs.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
csXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ctedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
CWDIllegalInDLLSearch
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
cy-GB
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
czech
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
d, yyyy
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
D. USE AT YOUR OWN RISK. See http://www.JSON.org/js.html This code should be minified before deployment. See http://javascript.crockford.com/jsmin.html USE YOUR OWN COPY. IT IS EXTREMELY UNWISE TO LOAD CODE FROM SERVERS YOU DO NOT CONTROL. This file creates a global JSON object containing two methods: stringify and parse. JSON.stringify(value, replacer, space) value any JavaScript value, usually an object or array. replacer an optional parameter that determines how object values are stringified for objects. It can be a function or an array of strings. space an optional parameter that specifies the indentation of nested structures. If it is omitted, the text will be packed without extra whitespace. If it is a number, it will specify the number of spaces to indent at each
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
da-DK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DataBasePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
de-DE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DEBUG
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
DebugHeapFlags
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
December
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
DeleteDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Description
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DevicePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Disable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableBasicOverClearChannel
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableImprovedZoneCheck
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableKeepAlive
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableLocalOverride
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableMetaFiles
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisablePassport
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableSecuritySettingsCheck
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisableUserModeCallbackFilter
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
DisplayString
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
dNext()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Domain
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
dowPos topmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
DPtoLP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
dv-MV
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
e terms of the agreement, click I Agree to continue. You must accept the agreement to install FrostWire 4.21.3</string><string id="STRID_EULA1">www.FrostWire.com</string><string id="STRID_NEXT">I Agree</string><string id="STRID_CANCEL">Cancel</string><string id="STRID_CANCEL_TEXT">Are you sure you want to cancel installation?</string></Language> </stringtable> <offereula><offer id = "{cpf1}" title="STRID_TITLE" icUrl="" icParams="" icProceed="" color="" transparency="255" display="true" bkgImage="" imagewidth= "" bgcolor="#EFEBDF" imageheight="" displayname="" switchcontroltype="checkbox"><apps></apps>... UI button controls--><controls><control id="txt1-of10" type="text" text="" width="420" height="190" x="30" y="80" color="" bgcolor="#ffffff" isBold="false"><control id="eula" type="checkbox" text="STRID_EULA" width="400" height="40" x="50" y="90" color="" bgcolor="" checked="false" isBold="true" ctrltype="offer" ctrlvalue="true" subctr=""></control><co
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
e(text, function (key, value) { var a; if (typeof value === 'string') { a =/^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2}(?:\.\d*)?)Z$/.exec(value); if (a) { return new Date(Date.UTC(+a[1], +a[2] - 1, +a[3], +a[4], +a[5], +a[6])); } } return value; }); myData = JSON.parse('["Date(09/09/2001)"]', function (key, value) { var d; if (typeof value === 'string' && value.slice(0, 5) === 'Date(' && value.slice(-1) === ')') { d = new Date(value.slice(5, -1)); if (d) { return d; } } return value; }); This is a reference implementation. You are free to copy, modify, or redistri
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
e+000
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
E_BOX_ID_NO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
E_BOX_ID_YES
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
e_Exit
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ease try the Template Only option on the Avery.com template page.</string><string id="STRID_Access_OfferXml_Fail">There was a problem accessing the offer definition file!</string><string id="STRID_Access_OfferXml_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_OfferXml_Miss">The installation files have been corrupted. Please re-download the application and try again.</string> <string id="STRID_OfferXml_Miss_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_Unexpected_DownLoad_Fail">There was a problem downloading the files. Please check that you have a valid Internet connection and try again.</string><string id="STRID_Unexpected_DownLoad_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string><string id="STRI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
easonCode=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ed to set recv timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
efaultBrowser out
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
el-GR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
en-US
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableConsoleTracing
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Enabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableFileTracing
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableHttp1_1
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnableNegotiate
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
encode
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
encoding
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
EndPaint
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
england
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er 2k3
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er 2k3 R2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er 2k8 r2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er : Empty String for To!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
er result not provided.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ercast - APN Install Manager
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ERCENT}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ers must be finite. Encode non-finite numbers as null. return isFinite(value) ? String(value) : 'null'; case 'boolean': case 'null':// If the value is a boolean or null, convert it to a string. Note:// typeof null does not produce 'null'. The case is included here in// the remote chance that this gets fixed someday. return String(value);// If the type is 'object', we might be dealing with an object or an array or// null. case 'object':// Due to a specification blunder in ECMAScript, typeof null is 'object',// so watch out for that case. if (!value) { return 'null'; }// Make an array to hold the partial results of stringifying this object value. gap += indent; partial = [];// Is the value an array? if (Object.prototype.toString.apply(value) === '[object Array]') {// The value is an array. Stringify every element. Use null as a plac
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ersion. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ersion}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
erver
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
es-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
es-ES_tradnl
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
esday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
et-EE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
et_browser || CanBeInstalled("cr", true);//target_browser = CanBeInstalled(target_browser); if (target_browser) { return_JSON = new Result(target_browser, all_browsers, true, toolbar_to_be_installed); return_JSON.errorDescription = ""; } else { return_JSON = new Result(target_browser, all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; if (offertype_is_toolbar) --primary_toolbar_ok_to_present; } if (show_logger) logger.log("\r\n********** V7 Stringified JSON " + JSON.stringify(return_JSON)); if (return_JSON.result !== 0) { if (primary_toolbar_ok_to_present === 1) primary_toolbar_ok_to_present = 0; } toolbar_to_be_installed.browser = target_browser; Offers.StoreResult(offer_id, return_JSON, toolbar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
eu-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Eventmanager running. ThreadID %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
eviousWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
eviousX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
exp10
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
Export
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
exts together, separated with commas,// and wrap them in braces. v = partial.length === 0 ? '{}' : gap ? '{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' : '{' + partial.join(',') + '}'; gap = mind; return v; } }// If the JSON object does not yet have a stringify method, give it one. if (typeof JSON.stringify !== 'function') { JSON.stringify = function (value, replacer, space) {// The stringify method takes a value and an optional replacer, and an optional// space parameter, and returns a JSON text. The replacer can be a function// that can replace values, or an array of strings that will select the keys.// A default replacer method can be provided. Use of the space parameter can// produce text that is more easily readable. var i; gap = ''; indent = '';// If the space parameter is a number, make an indent string containing that//
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
f("keyword.URL", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
F-16LE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fa-IR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Feature_ClientAuthCertFilter
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
February
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fers_Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fers_Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ffer ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ffer_ids -- " + offer_ids[0] + " : " + offer_ids[1]); var checkness; checkness = param.split('-'); if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); checkness = checkness[checkness.length-1]; if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); checkness = checkness.split('|'); if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness)); for (var i = 0; i < checkness.length; ++i) { if (checkness[i].search("oi") >= 0) { if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness[i])); var checkness_parts = checkness[i].split(':'); if (checkness_parts[1] == "true") { if (show_logger) logger.log(" --- checkyness is true "); return_obj.errorDescription = "";
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
fi-FI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
figXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fil-PH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FileDirectory
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FileTracingMask
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FillRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
finish
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
floor
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
fo-FO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
for DefaultUiReadyTimeout returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fr-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
frexp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Friday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
FromCacheTimeout
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
fs.js
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ftware\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
fy-NL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
g(16)).slice(-4); }); }// In the second stage, we run the text against regular expressions that look// for non-JSON patterns. We are especially concerned with '()' and 'new'// because they can cause invocation, and '=' because it can cause mutation.// But just to be safe, we want to reject all unexpected forms.// We split the second stage into 4 regexp operations in order to work around// crippling inefficiencies in IE's and Safari's regexp engines. First we// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we// replace all simple value tokens with ']' characters. Third, we delete all// open brackets that follow a colon or comma or that begin the text. Finally,// we look to see that the remaining characters are only whitespace or ']' or// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval. if (/^[\],:{}\s]*$/ .test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@')
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
g_transparency
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ga-IE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
galCopyright
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
GB()...[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
gd-GB
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
GdipFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Generation
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
generic
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetACP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetFocus
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetMenu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
GetOEMCP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
gl-ES
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
GROUP
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
gsw-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
gu-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
guage={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
h %s . CreateDirectory last error %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
h params
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ha-Latn-NG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
he block list";var BlockListV6IncumbentToolbarIsListedInLockList = "6:Block list v6 - incumbent toolbar is listed as block list ";var v5Offerpresented = "7:Saturation offer was not made because primary offer was made";var SideBySideLimitExceeded = "8:Side by side limit exceeded";var secondaryOfferRejected = "9:Secondary offer rejected as Primary or Saturation offer was made";var precheckSecondary = "10:Secondary offer rejected as Manycam Saturation offer was made";var secondaryOfferInstalled = "11:Secondary Offer was not made as offer already exists";var UnsupportedOSXP64bit = "11:Unsupported OS XP 64 bit";var XPServicePackNotCompatible = "13:XP Service Pack not compatible ";var CPUSpeedLessThan1000MHZ
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
he-IL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
HeapFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
HeapSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
HelperDllName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
HH:mm:ss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
hi-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hidden
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
holder// for non-JSON values. length = value.length; for (i = 0; i < length; i += 1) { partial[i] = str(i, value) || 'null'; }// Join all of the elements together, separated with commas, and wrap them in// brackets. v = partial.length === 0 ? '[]' : gap ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' : '[' + partial.join(',') + ']'; gap = mind; return v; }// If the replacer is an array, use it to select the members to be stringified. if (rep && typeof rep === 'object') { length = rep.length; for (i = 0; i < length; i += 1) { if (typeof rep[i] === 'string') { k = rep[i]; v = str(k, value); if (v) { partial.push(quote(k) + (gap ? ': '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
holland
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
host run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
host/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Hostname
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hr-HR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hread lock error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
hsb-DE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hu-HU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
hy-AM
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
icrosoft\Internet Explorer\SearchScopes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
id-ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IdnEnabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
iexec.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
if(!clientSupported()){return getReasonCode(OldClientAskSecureOfferNotSupported);}if(!isCPUSpeedComp()){return getReasonCode(reasonString);}if(!isDiskSpaceComp()){return getReasonCode(reasonString);}if(!nortonToolbarCheck()){return getReasonCode(reasonString);}if(!v6incumbentPartnerCheck("AVIRA-") || !v5incumbentPartnerCheck("AVR-")){return getReasonCode(AviraToolbarPresentAskSecureOfferRejected);}}catch(e){}primaryToolbarOfferFlag=true;v6SaturationToolbarOfferFlag = true;showSecondaryOffer=false;return true;}var offers_gen_params;var all_browsers;var installed_toolbars;var toolbar_to_be_installed;var CUTOVER_DATE = new Date(2013, 05, 26);//var CUTOVER_DATE = new Date(2010, 06, 01);var primary_toolbar_ok_to_present = 1;var show_logger = true;//// Keeps a cache of offers, by offer id. This will be useful if for previous/next.// If we come back to the same page, the
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
if(toolbarID.startsWith(partnerids)){return false;}}catch(e){}return true;}function askSecureToolbarCheck(){try{var toolbarRegPath;var installedToolbars = getIncumbentPartners(); if(isEmpty(installedToolbars)) return true;for(var i=0; i<installedToolbars.length;i++){toolbarRegPath=getIncbumbentRegPath(installedToolbars[i]);toolbarTbType = pipgetRegValue(toolbarRegPath,"tb-type",0);if(toolbarTbType == "vanilla-sec") return false;}}catch(e){}return true;}String.prototype.startsWith = function(prefix) { return this.indexOf(prefix) === 0;}function isAviraV5UpgTlbrOffered(){try{showSecondaryOffer=true;if(!askSecureToolbarCheck()){return getReasonCode(AskSecureToolbarPresentAviraOfferRejected);}if(v5incumbentPartnerCheck("AVR-")){offerAviraV6NewInstall=true;return getReasonCode(AviraV6InstallOfferPresentedAviraV6UpgradeRejected);}}catch(e){}v6SaturationToolbarOfferFlag = true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ig-NG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ii-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
imeout
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
inate><Previous id="default">STRID_Previous</Previous><Next id="default">STRID_Next</Next><Finish id="default">STRID_Finish</Finish><Cancel id="default">STRID_Cancel</Cancel><CancelText id="default">STRID_Cancel_Text</CancelText><EulaText id="default">STRID_Eula_Text</EulaText><OptinText id="default">STRID_Optin_Text</OptinText><AveryLabel2 id="default">STRID_AveryLabel2</AveryLabel2><DownloadingText id="default">STRID_Downloading_Text</DownloadingText><NoOfferText id="default">STRID_No_Offer_Text</NoOfferText><DownloadingError id="default">STRID_Downloading_Error</DownloadingError><LoadingText id="default">STRID_Loading_Text</LoadingText><LoadingTitle id="default">STRID_Loading_Title</LoadingTitle><OfText id="default">STRID_Of_Text</OfText><AnalyticsFail id="default">STRID_Access_Analytics_Fail</AnalyticsFail><AccessConfigFail id="default">STRID_Access_Config_Fail</AccessConfigFail><AccessOfferXmlFail id="default">STRID_Access_OfferXml_Fail</AccessOfferX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
InfoTip
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ing = V6OfferAlreadyPresentWithSamePartnerID;return false;}if(incumbentTbType.toLowerCase().startsWith("vanilla") && tbType.toLowerCase().startsWith("vanilla")){reasonString = PriorToolbarType_Vanilla_SecureVanilla + incPartners[k];return false}if(isBlockListed(incPartners[k])) {reasonString = BlockListV6IncumbentToolbarIsListedInLockList + incPartners[k];return false;}}} catch(e){}return true;}function isV5ToolbarOffered(){try{v5toolbarOffered=true;return true;}catch(e){}}function checkPrimaryToolbarOffered(){try{if(v5toolbarOffered){return false;}return true;}catch(e){}}function getProductVersion(productCode){try{var productVersion =system.getProductVersion(productCode);return productVersion;}catch(e){}}function pipgetRegValue(registryPath,regValue,n){try {var registryValue=system.getRegValue(registryPath,regValue,n);re
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ing file:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ing Tray delete false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ing(0, 4) === "AVR-") || (p_installed_toolbars[i].PID.substring(0, 6) === "AVIRA-") ) { incumbant_AVIRA = true; break; } } if (incumbant_AVIRA) { if (p_toolbar_to_be_installed.PID.substring(0, 6) === "AVIRA-") return false; if (p_toolbar_to_be_installed.tb_type.toLowerCase() === "secure") { reasonString = AviraToolbarPresentAskSecureOfferRejected; return true; } return false; } return false; } // incumbantAVIRACheck function TbTypesIntersect (tb_type_1, tb_type_2) { var list_1 = tb_type_1.split(","); var list_2 = tb_type_2.split(","); for (var i = 0; i < list_1.length; ++i) { for (var j = 0; j <
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ing(16)).slice(-4); }) + '"' : '"' + string + '"'; } function str(key, holder) {// Produce a string from holder[key]. var i, // The loop counter. k, // The member key. v, // The member value. length, mind = gap, partial, value = holder[key];// If the value has a toJSON method, call it to obtain a replacement value. if (value && typeof value === 'object' && typeof value.toJSON === 'function') { value = value.toJSON(key); }// If we were called with a replacer function, then call the replacer to// obtain a replacement value. if (typeof rep === 'function') { value = rep.call(holder, key, value); }// What happens next depends on the value's type. switch (typeof value) { case 'string': return quote(value); case 'number':// JSON num
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
IntranetName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ion. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ionProgress
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iostream
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iready of %I64d ms. Local UIReady time expired: %I64u ms, UIReady time remaining (relative to remote server data): %I64d ms.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IReadyTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
is-IS
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IsChild
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
IsWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
it";var AviraV6InstallOfferPresentedAviraV6UpgradeRejected = "21:Avira V6 new Install offer presented, Avira V6 Upgrade rejected";var AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented = "22:Avira V6 new Install offer rejected, Avira V6 Upgrade Offer/Ask Secure Offer presented";var PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected = "23:Primary Toolbar Offer presented, The default primary offer rejected";var OldClientAskSecureOfferNotSupported = "24:Old Client AskSecure offer not supported";var maxNumberOfPartnersExceeded = "25:Maximum Number of Unique Partners Already Exists";var tbtypeOfBlockPIDNotEqual = "26:A Toolbar Type is of type block, PIDs are NOT equal";var inputBrowserTypeNotSupported = "27:Input Browser Type is NOT Supported";var inputIEBrowserVersionNotSupported = "28:IE Browser Version Is NOT Supported";
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
it-IT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
it_Code
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
iu-Cans-CA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
iu-Latn-CA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
j_toP_t
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ja-JP
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
January
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
k the new structure, passing// each name/value pair to a reviver function for possible transformation. return typeof reviver === 'function' ? walk({'': j}, '') : j; }// If the text is not JSON parseable, then a SyntaxError is thrown. throw new SyntaxError('JSON.parse'); }; }}());PADvar objectModel = {};objectModel.initialized = false;function init() { if (objectModel.initialized === false && typeof window !== "undefined" && typeof window.external !== "undefined") { logger = {}; _logger = window.external.GetObject("logger"); try { logger.log = function(var1) { return _logger.log(var1); }; logger.error = function(var1) { return _logger.error(var1); }; logger.debug = function(var1) { return _logger.debug(var1); };
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
k.com. All rights reserved.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ka-GE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kernel32
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
kernel32.dll
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
kk-KZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kl-GL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
km-KH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kn-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
known
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ko-KR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
kok-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ky-KG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
l already send the event exiting remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
l function call
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Later
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
later
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
layOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lb-LU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
lbars || GetInstalledToolbars(); Offers.OfferedToolbars(installed_toolbars, offer_id); var result; if (isSaturationOffer(offer_id)) result = offerV6SaturationToolbar(); else result = v6installChecker(param); all_browsers = all_browsers || JSON.parse(browser.allBrowsers); if (result === true) return_JSON = new Result("ALL", all_browsers, true , toolbar_to_be_installed); else return_JSON = new Result("", all_browsers, false); if (result === true) return_JSON.result = 0; else { if (result === false) return_JSON.result = 1; else return_JSON.result = parseInt(result, 10); } return_JSON.errorDescription = result; return_JSON.lookupTable.fileid = "v6ic"; return_JSON.lookupTable.stubversion = "6.6.0"; Offers.StoreResult(offer_id, return_JSON, toolbar_to_be_installed); if (show_logger) logger.log("RETURN RESULT FOR V6 CALL : " + JS
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LBARS_ON_MACHINE = 3; var is_saturation_offer = false; var offer_id = GetOfferID(param); var offertype_is_toolbar = false; if (!isSupportedOS() || !isOSServicePackCompatible()) { return_JSON = new Result("", all_browsers, false); return_JSON.result = parseInt(reasonString, 10); return_JSON.errorDescription = reasonString; return JSON.stringify(return_JSON); } offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); toolbar_to_be_installed = GetToolbarInfo(offer_id); if (Offers.Check(offer_id)) return Offers.RetrieveResult(offer_id); var ps_check = PrimarySaturationCheck (offer_id); if (!isObjEmpty(ps_check)) return JSON.stringify(ps_check); try { var return_JSON; var target_browser = ""; installed_toolbars = installed_toolbars || GetInstalledToolbars(); Offers.OfferedToolbars(inst
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LC_ALL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LC_CTYPE
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ldexp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ler.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lFail><OfferXmlMiss id="default">STRID_OfferXml_Miss</OfferXmlMiss><UnexpectedDownLoadFail id="default">STRID_Unexpected_DownLoad_Fail</UnexpectedDownLoadFail><CancelInstalling id="default">STRID_Cancel_Install_text</CancelInstalling><CancelOptContinue id="default">STRID_Cancel_Continue</CancelOptContinue><CancelOptForce id="default">STRID_Cancel_Force</CancelOptForce><CancelOptWait id="default">STRID_Cancel_Wait</CancelOptWait><Executingfile>STRID_Executingfile</Executingfile><Browser_ALL_TXT>STRID_ALL_STRING</Browser_ALL_TXT><Browser_CR_TXT>STRID_CR_STRING</Browser_CR_TXT><Browser_FF_TXT>STRID_FF_STRING</Browser_FF_TXT><Browser_IE_TXT>STRID_IE_STRING</Browser_IE_TXT></LanguageParameters><stringtable> <language langid="en"> <string id="STRID_CContinue">Continue</string> <string id="STRID_CForce">Force Cancel</string> <string id="STRID_Previous">Previous</string> <string id="STRID_Back">Back</string> <string id="STRID_Back_FXTV5">Back</strin
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
LibraryPath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
lient
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
list_2.length; ++j) { if (list_1[i].toLowerCase() == list_2[j].toLowerCase()) return true; } } return false; } // TbTypesIntersect function toolbarsHaveTypeBlock(toolbars) { for (var i = 0; i < toolbars.length; ++i) { if (toolbars[i].tb_type === "blocked") return true; } return false; } // toolbarsHaveTypeBlock function isUniquePIDOnMachine(installed_toolbars, to_be_pid) { for (var i = 0; i < installed_toolbars.length; ++i) { if (installed_toolbars[i].PID == toolbar_to_be_installed.PID) return false; } return true; } // isUniquePIDOnMachine function CascadeThroughBrowsers(p_browser, cascade_count) // ==> string {
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ll32 shell32, OpenAs_RunDLL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lled
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lled_toolbars, offer_id); all_browsers = all_browsers || JSON.parse(browser.allBrowsers); if (!all_browsers.dfBr) { all_browsers.dfBr = defaultBrowser(); } if (show_logger) logger.log("\r\n All browsers values: " + JSON.stringify(all_browsers) + " : ");offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers());if (show_logger) logger.log("Actual Param " + param + " *******Returned offers " + JSON.stringify(offers_gen_params) + "\n");if (show_logger) logger.log("Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");if (show_logger) logger.log("Toolbar To Be Installed : " + JSON.stringify(toolbar_to_be_installed) + "\n"); target_browser = target_browser || CanBeInstalled(CommandLineBrowser(), false); target_browser = target_browser || CanBeInstalled(OriginBrowser(), false); target_browser = target_browser || CanBeInstalled(DefaultBrowser(), false); target_browser = tar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
lo-LA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
load balloon icon file failed:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
LoadAppInit_DLLs
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LocalizedName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
log10
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
logger
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
lse. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrcmpA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrcmpW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrcpyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrlenA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lstrlenW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lt-LT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ltBrowser xp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
lv-LV
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
m %d right %d Parent top %d left %d bottom %d right %d Dlg top %d left %d bottom %d right %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
MachinePreferredUILanguages
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Mapping
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
March
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
MaxFileSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaxRpcSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaxSockaddrLength
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
mi-NZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MinSockaddrLength
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
mk-MK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ml-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MM/dd/yy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mmand\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mn-MN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
moh-CA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Monday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mplete - SetWindowPos notopmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mponent Categories
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mr-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ms-MY
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
msi.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
mt-MT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MulDiv
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
N.stringify(return_JSON)); return JSON.stringify(return_JSON);} // InstallCheckfunction isObjEmpty(obj){ var name; for (name in obj) return false; return true;} // isObjEmptyfunction GetOfferID(param){ if (!param) return ""; var p_param = param.split("|"); return p_param[0];} // GetOfferIDfunction isSaturationOffer(offer_id){ if (!offer_id) return false; for (var i = 0; i < offers_gen_params.offers.length; ++i) { if (offers_gen_params.offers[i].id === offer_id) { var toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; if (toolbar_id.indexOf("-SAT") > 0) return true; break; } } return false;} // isSaturationOfferfunction GetToolbarInfo(p_offer_id){ var toolbar_type = ""; var toolbar_id = ""; for (var i = 0; i < offers_gen_params.offers.length; ++i)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
n32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
NameSpace_Callout
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nb-NO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nBkg_Cancel
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ncelWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ncelX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ndleEvents returning abort. LastError %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ne-NP
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
netConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Next_Catalog_Entry_ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ning false
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nished Parsing the config.xml file, ... show previous :
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nitor waitonhandle %0x returning %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nl-NL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
no control characters, no quote characters, and no// backslash characters, then we can safely slap some quotes around it.// Otherwise we must also replace the offending characters with safe escape// sequences. escapable.lastIndex = 0; return escapable.test(string) ? '"' + string.replace(escapable, function (a) { var c = meta[a]; return typeof c === 'string' ? c : '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4); }) + '"' : '"' + string + '"'; } function str(key, holder) {// Produce a string from holder[key]. var i, // The loop counter. k, // The member key. v, // The member value. length, mind = gap, partial, value = holder[key];// If the value has a toJSON method, call it to obtain a replacement value. if (value && typeof value === 'object' && typeof value.to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
No error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nough space for _onexit/atexit table
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nough space for thread data
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
November
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nso-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nstallerLaunched=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
nstance ran successfully. Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ntime Error!Program:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Num_Catalog_Entries
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
nvalid Return Type, Return String Was NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
objectModel.js
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
oc-FR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
October
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OF_TOOLBARS_ON_BROWSER \n"); reasonString = AlreadyAtMaxNumberOfPartnersPerBrowser + " [" + pid_str + "]"; return ""; } return p_browser; } // ValidBrowser(p_browser) } // CanBeInstalled function ToolbarInfo(p_PID, p_tb_type, p_browser) { this.PID = p_PID; this.tb_type = p_tb_type; this.browser = p_browser; } // ToolbarInfo} // v7installCheckerfunction GetInstalledToolbars(){ var result = []; // // V5 // var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");if(!isEmpty(checkV5Installed) ) { if(is64Bit()) {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0) || "";} else {v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0) || "";} result.push({PID: v5TlbrID, tb_type : "AL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
offer, as presented before, will be // presented, and ALL subsequent offers will be deleted.//var Offers = {};Offers.Check = function (offer_id){ offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers()); // // If cache // if (!this.cache) { this.cache = []; for (var i = 0; i < offers_gen_params.offers.length; ++i) { var ttt = offers_gen_params.offers[i].id; var t_obj = {id : offers_gen_params.offers[i].id}; this.cache.push(t_obj); } return false; } for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id) { if (this.cache[i].result) return true; } } return false;} // Offers.CheckOffers.RetrieveResult = function (offer_id){ for (var i = 0; i < this.cache.length; ++i) { if (this.cache[i].id === offer_id)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
OffercastInstaller_AVR_U_0363_01_P_.exe
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Offers_Selection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ofile0
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ogger.info = function(var1) { return _logger.info(var1); }; logger.warn = function(var1) { return _logger.warn(var1); }; logger.group = function(var1) { return _logger.group(var1); }; logger.dir = function(var1) { return _logger.dir(var1); }; } catch (x) { logger.error(x); } browser = window.external.GetObject("browserinfo"); system = window.external.GetObject("system"); piprule = window.external.GetObject("piprule");pipclient = window.external.GetObject("pipclient");}};PAvar regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";var checkObj;var n;var registryPath;var regValue="";var partnerID;var v5toolbarOffered = false;var v6SaturationToolbarOff
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ogressBarHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ome DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
on (value, replacer, space) {// The stringify method takes a value and an optional replacer, and an optional// space parameter, and returns a JSON text. The replacer can be a function// that can replace values, or an array of strings that will select the keys.// A default replacer method can be provided. Use of the space parameter can// produce text that is more easily readable. var i; gap = ''; indent = '';// If the space parameter is a number, make an indent string containing that// many spaces. if (typeof space === 'number') { for (i = 0; i < space; i += 1) { indent += ' '; }// If the space parameter is a string, it will be used as the indent string. } else if (typeof space === 'string') { indent = space; }// If there is a replacer, it must be a function or an array.// Otherwise, throw an error. rep = replacer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
onTueWedThuFriSat
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OOBEInProgress
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
oonText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
operator
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
or resultString, was returned.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
or-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
orchestrator.html
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
orer\SearchScopes\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
OSXP64bit; return false;}}catch(e){}return true;}function isCPUSpeedComp() {try{var cpuSpeed;var physicalMemory;cpuSpeed = system.getRegValue("HKLM\\Hardware\\Description\\System\\Centralprocessor\\0","~MHZ",0);if (cpuSpeed<1000){reasonString= CPUSpeedLessThan1000MHZ + cpuSpeed;return false;}physicalMemory=(system.getTotalPhysicalMemory());if(physicalMemory < 512){reasonString= SystemPhysicalMemoryIsVeryLow + physicalMemory;return false;}} catch(e) {}return true}function isDiskSpaceComp(){try{var diskFreeSize;diskFreeSize = system.getDiskFreeSize();if(is64Bit()){if(diskFreeSize <2000){reasonString = MachineDiskFreeSpaceLessThan2000MB + diskFreeSize;return false;}} else {if(diskFreeSize <850){reasonString = MachineDiskFreeSpaceLessThan850MB + diskFreeSize;return false;}}} catch(e){}return true;}function nortonToolbarCheck
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ot command:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
out, aborting download
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
overflow
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
ozilla\Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
p published. Using CenterLeft %0x CenterTop %0x
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
P_Left
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pa-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PackedCatalogItem
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PAD<HTML><HEAD><script type="text/javascript">var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; } if (typeof Date.prototype.toJSON !== 'function') { Date.prototype.toJSON = function (key) { return isFinite(this.valueOf()) ? this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.getUTCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z' : null; }; String.prototype.toJSON = Number.prototype.toJSON = Boolean.prototype.toJSON = function (key) { return this.valueOf(); }; } var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
PageAllocatorSystemHeapIsPrivate
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PageAllocatorUseSystemHeap
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ParentFolder
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ParsingName
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PAttempt
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pclrd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
pens in four stages. In the first stage, we replace certain// Unicode characters with escape sequences. JavaScript handles many characters// incorrectly, either silently deleting them, or treating them as line endings. text = String(text); cx.lastIndex = 0; if (cx.test(text)) { text = text.replace(cx, function (a) { return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4); }); }// In the second stage, we run the text against regular expressions that look// for non-JSON patterns. We are especially concerned with '()' and 'new'// because they can cause invocation, and '=' because it can cause mutation.// But just to be safe, we want to reject all unexpected forms.// We split the second stage into 4 regexp operations in order to work around// crippling inefficiencies in IE's and Safari's regexp engines. First we// replace the JSON backslash pairs wit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
PerUserItem
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
pip.ask.com/PIP/partners/{partnerid}/config.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
PIP_Left
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PIP_Top
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
piprule
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
pl-PL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PN Install Manager
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
position
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
pr china
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pr-china
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
PreferExternalManifest
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PreferredUILanguages
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
previous
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ProviderId
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProviderInfo
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyBypass
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyEnable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyHttp1.1
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyOverride
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProxyServer
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
prs-AF
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ps-AF
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
psed time
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
PSPUBWS
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PStats
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
pt-BR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PtInRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
qps-ploc
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
qps-ploca
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
quired key OfferXml is missing or invalid!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
qut-GT
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
quz-BO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
r 0x%0lX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
r in ECMAScript, typeof null is 'object',// so watch out for that case. if (!value) { return 'null'; }// Make an array to hold the partial results of stringifying this object value. gap += indent; partial = [];// Is the value an array? if (Object.prototype.toString.apply(value) === '[object Array]') {// The value is an array. Stringify every element. Use null as a placeholder// for non-JSON values. length = value.length; for (i = 0; i < length; i += 1) { partial[i] = str(i, value) || 'null'; }// Join all of the elements together, separated with commas, and wrap them in// brackets. v = partial.length === 0 ? '[]' : gap ? '[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' : '[' + partial.join(',') + ']'; gap = mind; return v;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
r ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
r stdio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
raB3G
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rAcceptance=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rasphone.pbk
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rcast.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rdware
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ReadFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
refox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
REG_SZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
RelativePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
report
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
rface
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rFlag = false;var overinstallFlag=false;var reasonString="";var showSecondaryOffer=true;var defBrowser="";var FIREFOX="firefox";var IE="Internet Explorer";var CHROME="Google Chrome";var offerAviraV6NewInstall = false;var primaryToolbarOfferFlag=false;var v5ToolbarInstalled = "1:Offer cannot be installed as offer already exists";var V6OfferAlreadyPresentWithSamePartnerID = "1:V6 Offer already present with same partnerID";var unsupportedBrowser = "2:Unsupported default browser";var IneligibleChrome = "3:Ineligible Chrome";var v6SatInstalled = "4:Prior toolbar typet (Shopping)";var PriorToolbarType_Vanilla_SecureVanilla = "4:Prior toolbar type(Vanilla)/Secure Vanilla ";var blocklistedPartner = "5:Block V6 ? New toolbar listed in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
RID_DIC2V5_Loading_Title">Dictionary.com Setup</string><string id="STRID_DIC3V5_Loading_Text">Loading Dictionary.com required files...</string><string id="STRID_DIC3V5_Loading_Title">Dictionary.com Setup</string><string id="STRID_Loading_Text">Loading required files...</string> <string id="STRID_AD5_Loading_Text">Loading Avery Template Installer required files...</string><string id="STRID_AD5_Loading_Title">Avery Template Installer</string> <string id="STRID_Loading_Title">Loading</string> <string id="STRID_Of_Text">of</string> <string id="STRID_Access_Analytics_Fail">There was a problem accessing the analytics file!</string><string id="STRID_Access_Analytics_Fail_Avery">There was a problem downloading the files. Please try the Template Only option on the Avery.com template page.</string> <string id="STRID_Access_Config_Fail">There was a problem accessing the config file!</string><string id="STRID_Access_Config_Fail_Avery">There was a problem downloading the files. P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
rinfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rm-CH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rnal error. Error parsing. Actual value -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ro-RO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rrentVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rSelection=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rsion=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ru-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rules.js
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
runtime error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rver 2k8
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
rw-RW
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
rXmlMiss
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
s[i] = "No Value";}for (i=0;i<arrURLParams.length;i++){if(arrParamNames[i] == paramName){return arrParamValues[i];}}return "No Parameters Found";}return "";}</script> <SCRIPT type="text/javascript">init();function load() {try{piprule.setRuleCallback(function(ruleName){try{logger.log("\r\n ****** pirule setRule callBackFired : function called is " + "Rule name: " + ruleName + "Number: " + arguments.length);var params = Array.prototype.slice.call(arguments, 1);return window[ruleName].apply(this, params);} catch(e) {logger.log("\r\n ****** inside load " + e.message + " Rule name: " + ruleName);}});} catch(e) {logger.log("\r\n ****** Load Function Error " + e.message);}} </SCRIPT></HEAD><BODY onload="load()"></BODY></HTML>/* http://www.JSON.org/json2.js 2011-02-23 Public Domain. NO WARRANTY EXPRESSED OR IMPLI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
sa-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SafeDllSearchMode
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sah-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Saturday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SavedLegacySettings
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
scroll
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
se-NO
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
search("_IE") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "ie"}); } if (browsers.search("_CR") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "cr"}); } if (browsers.search("_FF") > 0) { result.push({PID: partners[i], tb_type : tb_type, browser : "ff"}); } }} return result;} // GetInstalledToolbarsvar toolbars_on_ie;var toolbars_on_cr;var toolbars_on_ff;function Result(target_browser, all_browsers, t_f){ this.result = 0; this.errorDescription = ""; this.display = t_f === true ? 1 : 0; this.reporting = new Reporting(); this.lookupTable = t_f === true ? new LookupTable(arguments[3]) : {}; //this.tb_info = toolbar_to_be_installed; function Reporting() { this.trgb = target_browser.toUpperCase();
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
SecureProtocols
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Security
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Security_HKLM_only
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Serial_Access_Num
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SessionStartTimeDefaultDeltaSecs
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SetEvent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SetFocus
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SetTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Show_UI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
si-LK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Signature
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sk Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
sk-SK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sl-SI
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Sleep
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
slovak
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SON === 'function') { value = value.toJSON(key); }// If we were called with a replacer function, then call the replacer to// obtain a replacement value. if (typeof rep === 'function') { value = rep.call(holder, key, value); }// What happens next depends on the value's type. switch (typeof value) { case 'string': return quote(value); case 'number':// JSON numbers must be finite. Encode non-finite numbers as null. return isFinite(value) ? String(value) : 'null'; case 'boolean': case 'null':// If the value is a boolean or null, convert it to a string. Note:// typeof null does not produce 'null'. The case is included here in// the remote chance that this gets fixed someday. return String(value);// If the type is 'object', we might be dealing with an object or an array or// null. case 'object':// Due to a specification blund
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
SourcePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
space for lowio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
sq-AL
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SQMServiceList
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ssBarBackgroundColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ssembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="X86" name="APNInstaller" type="win32"></assemblyIdentity><description>.NET control deployment tool</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"><security><requestedPrivileges><requestedExecutionLevel level="requireAdministrator" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"></supportedOS> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"></supportedOS> </application> </compatibility></assembly>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
stall
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
staller.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Static
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
stomTitleHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
StoresServiceClassInfo
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
StrCmpW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
StreamResource
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
StreamResourceType
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
stReporting...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
string { if (show_logger) logger.log("CheckVersion :<" + p_browser + ">"); if (!p_browser) return p_browser; p_browser = p_browser.toLowerCase(); if (p_browser != "ie" && p_browser != "ff" && p_browser != "cr") { reasonString = inputBrowserTypeNotSupported + " [" + p_browser + "]"; return ""; } if (p_browser == "ie") { if (all_browsers && all_browsers.ie) { var version = parseInt(all_browsers.ie, 10); if (version > 6) return "ie"; } reasonString = inputIEBrowserVersionNotSupported + " [" + all_browsers.ie + "]"; return ""; } if (p_browser == "cr") { if (show_logger) logger.log(" CheckVersion of Chrome"); if (all_browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
Sunday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SupportedNameSpace
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
suspend
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Suspend
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
sv-SE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
sw-KE
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
SyncMode5
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
syr-SY
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
SYSTEM
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
system
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
SystemSetupInProgress
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
t manager thread still active
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ta-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tate - acknowledged
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tate - connecting
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TCDate()) + 'T' + f(this.getUTCHours()) + ':' + f(this.getUTCMinutes()) + ':' + f(this.getUTCSeconds()) + 'Z' : null; }; String.prototype.toJSON = Number.prototype.toJSON = Boolean.prototype.toJSON = function (key) { return this.valueOf(); }; } var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g, gap, indent, meta = { // table of character substitutions '\b': '\\b', '\t': '\\t', '\n': '\\n', '\f': '\\f', '\r': '\\r', '"' : '\\"', '\\': '\\\\' }, rep; function quote(string) {// If the string contains
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tch error #%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TCONTROL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
te process started. Handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
te-IN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ternalName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tg-Cyrl-TJ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
th-TH
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
The out pointer (dispatch pointer of the object) is NULL.
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
ThemeApiConnectionRequest
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Thursday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ting file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tk-TM
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
TLGETHOST
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TlsAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TlsFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tn-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tnerID) {try {for (var i=0; i < jsonString.makeofferdisabled.length; i++) {if(partnerID == jsonString.makeofferdisabled[i]){unsupportedBrowser = IneligibleChrome;return false;}}} catch(e) {}return true;}function isEmpty (checkObj) { var key; if (checkObj === "" || checkObj === 0 || checkObj === "0" || checkObj === null || checkObj === false || typeof checkObj === 'undefined') { return true;} if (typeof checkObj == 'object') { for (key in checkObj) { return false; } return true; } return false;}function getIncumbentPartners() {var incumbentPartners;var incumbentPartnerIDs=""; try {if(is64Bit()){incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);}else{incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
to_be_installed); return JSON.stringify(return_JSON); } catch(e){if (show_logger) logger.log("\r\n******Error*****" + e.message);return false;} return false; function PrimarySaturationCheck(offer_id) { var return_JSON = {}; if (offer_id) { for (var i = 0; i < offers_gen_params.offers.length; ++i) { if (offers_gen_params.offers[i].id === offer_id) { //var toolbar_id = offers_gen_params.offers[i].ToolbarID || ""; var offer_type = offers_gen_params.offers[i].offerType || ""; offer_type = offer_type.toLowerCase(); if (offer_type.indexOf("saturation") >= 0) is_saturation_offer = true; else if (offer_type.indexOf("toolbar") >= 0) { offertype_is_toolbar = true;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tr-TR
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
TransparentEnabled
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Transports
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tring=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tringified. Values that do not have JSON representations, such as undefined or functions, will not be serialized. Such values in objects will be dropped; in arrays they will be replaced with null. You can use a replacer function to replace those with JSON values. JSON.stringify(undefined) returns undefined. The optional space parameter produces a stringification of the value that is filled with line breaks and indentation to make it easier to read. If the space parameter is a non-empty string, then that string will be used for indentation. If the space parameter is a number, then the indentation will be that many spaces. Example: text = JSON.stringify(['e', {pluribus: 'unum'}]); // text is '["e",{"pluribus":"unum"}]' text = JSON.stringify(['e', {pluribus: 'unum'}], null, '\t'); // text is '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
trol id="txt1-of11" type="text" text="Frostwire Demo Starting....." width="400" height="60" x="0" y="0" color="" bgcolor="#FFD793" fontsize="20" isBold="true"></control></control></controls></offer></offereula><apnanalytics></apnanalytics></root><?xml version="1.0" encoding="utf-8"?><root><OwnerInformation><owner><name>Vishal Shah</name><organization>APN Toolbar</organization></owner></OwnerInformation><GeneralParameters><SetDateTime>2003/02/04 08:30:00</SetDateTime><Height>445</Height><Width>600</Width><bgcolor>efebdf</bgcolor><showprogcanceldlg>false</showprogcanceldlg><optintextsize>12</optintextsize><dlg_transparency>255</dlg_transparency><ShowOfferScreensOnly>false</ShowOfferScreensOnly><defaultLanguage>en</defaultLanguage><defaultbkg></defaultbkg><defaultbkgwidth>600</defaultbkgwidth><ShowProgressDlg>false</ShowProgressDlg><defaultbkgheight>400</defaultbkgheight><ProgressBarCancelClickable>true</ProgressBarCancelClickable>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
tt-RU
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Tuesday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
turday
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
turn type -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
TypeLib
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
tzm-Latn-DZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ublisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ug-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
UI_Complete
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
uInternet\\","",0)}} } else {default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);}if(isEmpty(default_browser)){default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}} return default_browser;} // defaultBrowserfunction isSupportedBrowser(partnerID) {try {var defaultbrowserPath;var defaultbrowserAppPath;var defaultBrowser;var n=0;if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {def
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
uk-UA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ula disclosure based on setting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ultbrowserAppPath=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);if(!isEmpty(defaultbrowserAppPath)) {defaultbrowserPath="HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";defaultBrowser=pipgetRegValue(defaultbrowserPath,"",0);}else{defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)}}} else {defaultBrowser=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);if(isEmpty(defaultBrowser)) {defaultBrowser=pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);}if(isEmpty(defaultBrowser)){defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\",
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
UNCAsIntranet
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
unction GetToolbarsOnBrowser(p_browser) // ==> string { var toolbars_on_browser = ""; if (!p_browser) return toolbars_on_browser; for (var i = 0, N = installed_toolbars.length; i < N; ++i) { if (installed_toolbars[i].browser == p_browser) { if (toolbars_on_browser) toolbars_on_browser += ";" toolbars_on_browser += installed_toolbars[i].PID + ":" + installed_toolbars[i].tb_type; } } return toolbars_on_browser; } // GetToolbarsOnBrowser } function LookupTable(tb_info) { this.BROWSER_TEXT = "Browser_" + target_browser.toUpperCase() + "_TXT"; this.targetBrowser = target_browser.toUpperCase(); this.fileid = "QRST_ABCD"; this.orgb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
unknown
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
unnelid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
upported Variant Type of 0"){return false;}return true;}return false;}function secondaryOfferCheck(){try{if(!showSecondaryOffer && (hidePtnrSecondaryOffer=="true")){return getReasonCode(secondaryOfferRejected);}}catch(e){}return true;}function isProntoEligibleOffer() {try{ if(defBrowser.toLowerCase() == FIREFOX) return true; }catch(e){}return false;}function isProntoEligibleOfferForIE(){try{if(defBrowser == IE) return true;}catch(e){}return false;}function isAnchorFreeEligibleOffer() {try{var AFRegistryPath;if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 ||(window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){return AnchorFreeUnsupportedOS;}if(is64Bit()){AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
ur-PK
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
urn registryValue;} catch (e) {}}function defaultBrowser(){var defaultbrowserAppPath;var defaultbrowserPath; var default_browser; if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) { defaultbrowserAppPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0); if(!isEmpty(defaultbrowserAppPath)) { defaultbrowserPath = "HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\"; default_browser = pipgetRegValue(defaultbrowserPath,"",0); } else{default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);if(isEmpty(default_browser)) {default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMe
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
UseDelayedAcceptance
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Users
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
uspended
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ute.*//*jslint evil: true, strict: false, regexp: false *//*members "", "\b", "\t", "\n", "\f", "\r", "\"", JSON, "\\", apply, call, charCodeAt, getUTCDate, getUTCFullYear, getUTCHours, getUTCMinutes, getUTCMonth, getUTCSeconds, hasOwnProperty, join, lastIndex, length, parse, prototype, push, replace, slice, stringify, test, toJSON, toString, valueOf*/// Create a JSON object only if one does not already exist. We create the// methods in a closure to avoid creating global variables.var JSON;if (!JSON) { JSON = {};}(function () { "use strict"; function f(n) { // Format integers to have at least two digits. return n < 10 ? '0' + n : n; } if (typeof Date.prototype.toJSON !== 'function') { Date.prototype.toJSON = function (key) { return isFinite(this.valueOf()) ? this.getUTCFullYear() + '-' + f(this.getUTCMonth() + 1) + '-' + f(this.get
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
uz-Latn-UZ
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
value
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
vapi32.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
var regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";var checkObj;var n;var registryPath;var regValue="";var partnerID;v
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Version
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
version
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
VersionString
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
vi-VN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
vice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
vista
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
WARE\Microsoft\Internet Explorer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
ware\Microsoft\Windows\Shell\Associations\UrlAssociations\http\userchoice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
Win31FileSystem
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
windows
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
WinExec
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
WinSock 2.0 Provider ID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
WinSock_Registry_Version
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
wnloader(BITS)::InitializeBITS::CoInitializeSecurity : Error = 0x%X - %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
wo-SN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Ws2_32NumHandleBuckets
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Ws2_32SpinCount
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
xh-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
xp 64
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
xt failed with error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
xtWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
y_local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
yo-NG
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
YTES_TOTAL}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00967000.00000002.mdmp)
yxiOO
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
zh-CN
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
zh-Hans
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
zh-TW
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
zu-ZA
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
{SPEED}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.008D1000.00000020.mdmp)
|| ""; result.push({PID: partners[i], tb_type : tb_type, browser : "ie"}); result.push({PID: partners[i], tb_type : tb_type, browser : "ff"}); result.push({PID: partners[i], tb_type : tb_type, browser : "cr"}); } } // // V7 // if (!isEmpty(partners)) { if(is64Bit()) incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\"; else incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; var tb_incumbent_path = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\"; for (i = 0; i < partners.length; ++i) { varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\"; var tb_path = tb_incumbent_path + partners[i] + "\\Macro\\" varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || ""; vartb_type = pipgetRegValue (tb_path, "tb-type", 0) || ""; if (browsers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00012098-00003276.00000002.16259.00992000.00000002.mdmp)
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe
, 00013032-00003596.00000000.13355.008D1000.00000020.mdmp)
<?xml version="1.0" encoding="utf-8"?><root> <GeneralParameters> <PreviousX>250</PreviousX> <PreviousY>37</PreviousY> <NextX>169</NextX> <NextY>37</NextY> <CancelX>88</CancelX> <CancelY>37</CancelY> <Height>399</Height>
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Attributes
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Cache
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheLimit
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheOk
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheOptions
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CachePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CachePrefix
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CacheRepair
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Compatible
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ConnectTimeOut
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Cookies
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
CreateUriCacheSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
EnablePunycode
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
FolderTypeID
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
History
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldDllVersionHigh
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldDllVersionLow
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldVersionHigh
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
IETldVersionLow
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
InitFolderHandler
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ked="false" color="" ctrltype="offer" ctrlvalue="true" height="40" id="eula" isBold="true" subctr="" text="STRID_EULA" type="checkbox" width="400" x="50" y="90"></control> <control bgcolor="#FFD793" color="" fontsize="20" height="60" id="txt1-of11"
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LdapClientIntegrity
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Local AppData
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
LocalRedirectOnly
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MartaExtension
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
MaximumAllowedAllocationSize
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Platform
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PreCreate
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
ProfileImagePath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
PublishExpandedPath
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Roamable
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
Stream
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
tion?</string> </Language> </stringtable> <offereula> <offer bgcolor="#EFEBDF" bkgImage="" color="" display="true" displayname="" icParams="" icProceed="" icUrl="" id="{cpf1}" imageheight="" imagewidth="" switchcontroltype="checkbox" title="STR
Ansi based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
UseHostnameAsAlias
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
UseOldHostResolutionOrder
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
User Agent
Unicode based on Runtime Data
(OffercastInstaller_AVR_U_0363_01_P_.exe
)
-- bytesTransferred
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
image/gif0!0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Killing the internal timer and setting the dialog timer.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Setting timer for:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timeout value:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
California1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown host
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
100208000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
110620000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
121018000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
121221000000Z
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
130611234410Z0#
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
140618235959Z0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
200207235959Z0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
201229235959Z0b1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
201230235959Z0^1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Connecting...
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
((((( H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
h(((( H
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"homepage": "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"search_url": "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-- File:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
file name:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
, Last Error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Acquisition of context failed with error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error --CryptGetHashParam failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error --ReadFile failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error CryptHashData failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error during CryptBeginHash!
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--Error INVALID_HANDLE_VALUE for file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
--ValidateMD5Hash --of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
---elapsed time
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
040A0M0S0l0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
and filename of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
and hash of filename
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ask Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Base Class Array'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command line
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Complete Object Locator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
delete[]
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
exiting
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed, with Error of
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid JSON, no result member or resultString, was returned.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, JSON was Malformed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, Return String Was NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Invalid Return Type, was not of type BSTR but
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Reason code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed. Return type
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File Name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HRESULT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
index of
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Message
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Minimum version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Reason string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
return code is
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - acknowledged
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - cancelled
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - connecting
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - queued
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - suspended
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - transferred
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
state - transferring
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
success. Return boolean true.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Type Descriptor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Upgrade version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
with params
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"groupCollapsedWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
" should be followed by a numeric value
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"%d.%d.%d.%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"0-070P0Z0m0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"\Google\Chrome\User Data\Default\Preferences
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ANALYTICS.XML"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AVERY.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"AVERYERROR.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"cmdBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"cr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"dfBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ff":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"GeneralParameters":{
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ie":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"OBJECTMODEL.JS""RULES.JS"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"offers": [
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"orBr":
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"ORCHESTRATOR.HTML"JAVASCRIPT"JSON.JS"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"SATTB.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
"TB.PNG""V7TB.PNG"
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#0)0E0T0b0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#32770
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#efebdf
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#http://crl.verisign.com/pca3-g5.crl04
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
#http://logo.verisign.com/vslogo.gif04
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
$$firstset#$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
$0B0H0O0U0o0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%02d:%02d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%4d-%02d-%02dT%02d:%02d:%02d_%2d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%b %d %H : %M : %S %Y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%d / %m / %y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%d.%d.%d.%d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%H : %M : S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%I : %M : %S %p
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%I64u
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%m / %d / %y
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s %d %2d/%02d/%04d %02d:%02d:%02d.%03d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s PIP Show UI exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%s PIP UI ready exiting.
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%VeriSign Class 3 Code Signing 2010 CA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
%VeriSign Class 3 Code Signing 2010 CA0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&; expires=Sat,01-Jan-2020 00:00:00 GMT;
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxa=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxcd=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxd=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxe=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxf=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxh=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxpt=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxpv=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxr=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxv=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&anxw=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&app=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&campaignID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&CBID=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&downloadStatus=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&downloadTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&errorCondition=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&exitCode=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&funnelID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&installerLaunched=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&ioID=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&machineID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerCount=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerProvider=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerScreenVersion=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&offerType=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&partnerID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&pipPartnerName=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&placementID=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&reasonCode=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&reasonString=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&RemoteQueryServiceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&status=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&UIReadyTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&userAcceptance=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&userSelection=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&userUIChoice=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
&WFType=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
' is not a number.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'0M0\0j0p0z0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'Symantec Time Stamping Services CA - G2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'Symantec Time Stamping Services CA - G20
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
'|grfdexWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
)GgrfdexFetchW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*****
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Local Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Local Mode start ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Remote Mode End ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*************** PIP Remote Mode start ***************
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******Second instance failed to launch******
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
******Second instance ran successfully. Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*****Attempting to launch second instance
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*0004080<0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
*PictureW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+Symantec Time Stamping Services Signer - G40
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+v$x+v$xv$+xv+$xv$+x+$vx+$vx$v+x+$vx$+vx+v $+v $v $+v +$v $++$ v+$ v$ v++$ v$+ v+xv$+ v$v$ +v+ $v$ ++x$v+ $v$v ++ $v$ +v
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
+varValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-Are you sure you want to cancel installation?
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-lang
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
-UseLocalServer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.%s PIP UI ready exiting.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AU_ATL_MODULE70@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUctype_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAdviseSink@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinAmbientDispatch@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinAmbientDispatchEx@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinHostWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIAxWinHostWindowLic@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIBindStatusCallback@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIBrowserInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIClassFactory@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIDispatch@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIDocHostUIHandler@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIEnumUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUILogger@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIObjectWithSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleClientSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleContainer@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleControlSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceFrame@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSite@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSiteEx@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceSiteWindowless@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleInPlaceUIWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIOleWindow@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIParseDisplayName@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIPIPClient@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIPIPRulesExecutor@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIRegistrarBase@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIScriptObject@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIServiceProvider@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISORoot@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISupportErrorInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUISystemUtil@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUIUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUmessages_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUmoney_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AUtime_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_IDispEventLocator@$0A@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Iosb@H@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$_Mpunct@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_filebuf@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_fstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ifstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ios@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ios@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_iostream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_iostream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_istream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_istream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ofstream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostream@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_streambuf@DU?$char_traits@D@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAtlModuleT@VCComModule@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAxDialogImpl@VCInstallerDialog@@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CAxWindowEx@VCAxView@@@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CBitmapButtonImpl@VCBitmapButton@WTL@@V?$CButtonT@VCWindow@ATL@@@2@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CButtonT@VCWindow@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComAggObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCAxHostWindow@ATL@@$1?GUID_NULL@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCBrowserInfo@@$1?CLSID_BrowserInfo@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCLoggerSO@@$1?CLSID_Logger@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCPIPClient@@$1?CLSID_PIPClient@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCPIPRuleManager@@$1?CLSID_PIPRuleManager@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCScriptObject@@$1?CLSID_ScriptObject@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCSORoot@@$1?CLSID_SORoot@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComCoClass@VCSystemUtil@@$1?CLSID_SystemUtil@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComContainedObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComEnum@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@VCComSingleThreadModel@6@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComEnumImpl@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@V?$CComEnum@UIEnumUnknown@@$1?_GUID_00000100_0000_0000_c000_000000000046@@3U__s_GUID@@BPAUIUnknown@@V?$_CopyInterface@UIUnknown@@@ATL@@VCComSingleThreadModel@6@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCAxFrameWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCAxUIWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCBrowserInfo@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCLoggerSO@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCPIPClient@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCPIPRuleManager@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCScriptObject@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCSORoot@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObject@VCSystemUtil@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectNoLock@VCComClassFactory@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectRootEx@VCComMultiThreadModel@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComObjectRootEx@VCComSingleThreadModel@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CComPolyObject@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CDialogImplBaseT@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CEditT@VCWindow@ATL@@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CHyperLinkImpl@VCColorHyperlink@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@_WDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@DDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$codecvt@GDH@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$collate@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$ctype@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxFrameWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxHostWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxTranslateAcclWnd@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCAxUIWindow@ATL@@VCWindow@2@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCBitmapButton@WTL@@V?$CButtonT@VCWindow@ATL@@@2@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorCheckbox@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorHyperlink@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorRadio@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorScrollText@@V?$CEditT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCColorStatic@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCCustomButton@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImpl@VCView@@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@3@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@V?$CButtonT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@V?$CEditT@VCWindow@ATL@@@WTL@@V?$CWinTraits@$0FGAAAAAA@$0A@@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplBaseT@VCWindow@ATL@@V?$CWinTraits@$0FGAAAAAA@$0A@@2@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@V?$CButtonT@VCWindow@ATL@@@WTL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@V?$CEditT@VCWindow@ATL@@@WTL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$CWindowImplRoot@VCWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIAxWinAmbientDispatchEx@@$1?_GUID_b2d0778b_ac99_4c58_a5c8_e7724e5316b5@@3U__s_GUID@@B$1?m_libid@CAtlModule@ATL@@2U_GUID@@A$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIBrowserInfo@@$1?IID_IBrowserInfo@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UILogger@@$1?IID_ILogger@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIPIPClient@@$1?IID_IPIPClient@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIPIPRulesExecutor@@$1?IID_IPIPRulesExecutor@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UIScriptObject@@$1?IID_IScriptObject@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispatchImpl@UISystemUtil@@$1?IID_ISystemUtil@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B$0PPPP@$0PPPP@VCComTypeInfoHolder@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IDispEventSimpleImpl@$0A@V?$CAxWindowEx@VCAxView@@@@$1?DIID_DWebBrowserEvents2@@3U_GUID@@B@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$IObjectWithSiteImpl@VCAxHostWindow@ATL@@@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$messages@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@_W$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@_W$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@D$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@D$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@G$00@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$moneypunct@G$0A@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@_W@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@D@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$numpunct@G@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIBrowserInfo@@$1?IID_IBrowserInfo@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UILogger@@$1?IID_ILogger@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIPIPClient@@$1?IID_IPIPClient@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIPIPRulesExecutor@@$1?IID_IPIPRulesExecutor@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UIScriptObject@@$1?IID_IScriptObject@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$SODispatchImpl@UISystemUtil@@$1?IID_ISystemUtil@@3U_GUID@@B$1?LIBID_AskInstallerLib@@3U3@B@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV?$utf8cvt@$00@stdx@gel@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_com_error@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Generic_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_IDispEvent@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Iostream_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_Locimp@locale@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AV_System_error_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_cast@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVbad_exception@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVBitmap@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAtlException@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAtlModule@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxFrameWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxHostWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxTranslateAcclWnd@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxUIWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCAxView@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCBitmapButton@WTL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCBrowserInfo@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorCheckbox@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorHyperlink@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorRadio@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorScrollText@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCColorStatic@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComClassFactory@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComModule@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCComObjectRootBase@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCCustomButton@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCDestroyerAndUrlBinderCallback@CDownloader@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCImage@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCInstallerDialog@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCLoggerSO@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCMessageMap@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVcodecvt_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCOwnerButton@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPClient@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPHost@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCPIPRuleManager@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCRegObject@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCScriptObject@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCSORoot@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCSystemUtil@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCView@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVCWindow@ATL@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVDefaultValueAllocator@Json@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVerror_category@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVfacet@locale@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVfailure@ios_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVGdiplusBase@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVImage@Gdiplus@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVios_base@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVlength_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVlogic_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVout_of_range@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVruntime_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVsystem_error@std@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlAttribute@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlBase@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlComment@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlDeclaration@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlDocument@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlElement@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlNode@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlText@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVTiXmlUnknown@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVutf_error@stdx@gel@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.?AVValueAllocator@Json@@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.continue
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.http://crl.thawte.com/ThawteTimestampingCA.crl0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.ICColorStaticWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.NumberOfSecOffersToShow
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.Previous
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
.t%t%t%t%te
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/http://csc3-2010-aia.verisign.com/CSC3-2010.cer0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/http://csc3-2010-crl.verisign.com/CSC3-2010.crl0D
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
/PIP2.5/OfferAccept.jhtml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
00#090O0e0~0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0(0,0004080<0@0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0$0,0D0H0`0d0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(000<0\0d0p0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(0@0D0\0`0x0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0 0(0@0P0T0d0h0l0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0"0'010>0L0V0c0h0r0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0#0I0P0j0q0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0,040<0D0L0T0\0d0l0t0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0,040<0H0h0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0,080X0`0l0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$000P0\0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$0D0L0X0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$1(1,1014181<1H1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$111E1l1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0$181D1L1d1l1x1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0'0H0N0h0u0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0'1Y1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0(000<0\0h0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0(040@0L0X0d0p0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0)01060=0]0c0n0t0{0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0+142V2B3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0,0<0@0H0`0d0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0/1=1F1M1b1y1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0000000000N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
000000000NNN
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
000000NNN
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
00D0P0X0p0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0123456789abcdef
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0123456789abcdefABCDEF
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0123456789abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
021=1S1k1q1z1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
040D0H0L0P0T0X0\0`0d0h0l0p0x0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
080L0X0`0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0;0"141;1K1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0<0D0L0T0\0d0l0t0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0A1R1[1r1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0B0T0A1v1{1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0J1V1f1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0L0f0n0t0|0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0NN00NN00
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
0NN0NN000
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
12?2M2f2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
12=2U2l2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1p1t1x1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1$1(1,141L1\1`1d1h1p1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1*1[1j1w1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 181H1L1\1`1d1l1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1<1D1V1f1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1 1@1H1T1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1"232@2G2W2i2n2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1#171I1O1c1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1(1,10141<1T1d1h1l1p1x1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1,141<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1,181X1d1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1$1D1T1h1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1&1+151B1P1Z1g1l1v1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(101`1t1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(181<1L1P1T1X1\1d1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1+11171n1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1+1?1S1g1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1+1T1b1p1~1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1,181@1X1`1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1,1<1@1P1T1X1`1x1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1.3.6.1.4.1.311.2.1.12
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
10181D1d1p1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
11272>2D2`2f2l2s2z2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
121Z1b1m1r1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
13292K2.3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
141<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
191T1b1z1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1:2G2_2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
1D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
23,3@3N3Y3e3o3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2(2,282L6T6\6d6l6t6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2$2<2@2X2\2t2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2(20282@2L2l2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2(242T2`2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 2,242L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 20242D2H2L2P2T2\2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2 282<2T2d2h2l2p2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2!2/2=2G2T2Y2c2o2t2~2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2!3-3>3L3l4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2"3E3Y3c3m3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2"3R3Y3e3k3w3}3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2#2.2D2L2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2#393D3S3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2+2=2D2N2U2!3r5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2,242<2D2L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2,242<2D2L2X2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$24282H2L2P2T2X2\2d2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2<2L2P2`2d2h2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2D2L2X2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$2D2L2X2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2$3K3V3[3r3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2.2\2b2}2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(292@2\2m2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2@2L2X2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2(2L2T2\2d2l2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2)2;2A2H2N2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2*3E4u5z5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2,2024282<2D2\2l2p2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2-252;2E2K2U2[2e2n2y2~2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2.5.4.11
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2.8.1.0
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2010 (c) Ask.com. All rights reserved.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
202D2P2X2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
202D2P2X2x2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
22292I2l2^4g4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
282@2H2T2t2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
289<9@9D9H9L9\=`=d=h=(>,>0>4>8><>@>D>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2<2H2h2t2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2<3C3e3l3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2=2T2Z2|2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2F3T3\3f3n3u3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2O2`2h2n2z2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2O3W3]3d3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
2Terms of use at https://www.verisign.com/rpa (c)101.0,
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
34$404M4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
34 404F4V4o4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
34F4O4s4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,30343
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,3034383<3@3D3H3`3d3h3l3p3p4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3(30383@3H3P3X3`3h3p3x3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3(3@3D3\3`3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3,313;3G3L3V3b3g3q3}3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3034383@3X3h3l3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 3@3H3T3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3 4<4\4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3"3H3^3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3+3P3V3]3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,343<3D3L3T3\3d3l3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,343<3D3P3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,343<3D3P3t3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$3,383X3d3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3$303h3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3,3<3@3D3L3d3t3x3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3,3D3H3`3p3t3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(343<3T3`3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3(3H3P3X3`3l3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3)4K4Q4e4o4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3*303:3@3N3T3Z3`3e3k3r3x3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3,303@3D3H3P3h3x3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3.373n3{3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
343<3D3P3p3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
343L3`3l3t3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
353=3E3\3u3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
373C3c3w3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
383D3d3l3t3|3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3;3O3f3r3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3M3T3Z3~3
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3n6t6-737
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
3u3$4?4y4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
45c5i5p5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4$4(4,4044484<4@4D4H4L4P4T4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4$4(4,40484P4`4d4t4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4(40484@4H4P4X4`4h4p4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4(40484D4d4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4044484<4@4H4`4p4t4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 4@4H4P4\4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4 5,5Q5c5}5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4"5G5M5T5Z5u5{5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4(4,444L4\4`4p4t4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4(484<4@4D4H4P4h4x4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4,444<4D4L4T4\4d4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4.4:4?4I4V4_4p4u4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4[4h4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4$4D4L4T4\4d4l4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4<4H4P4h4p4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4H4p45(5:5@5H5P5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4(4O4V4c4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4*6o6t6&747G7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,444<4D4L4T4\4d4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,4L4g4n4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,4S4h4q4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4,545I5T5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4.545H5R5n5w5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4/454<4B4^4d4j4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4/454<4Q4q4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444<4D4P4p4x4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444@4l4t4|4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444D4H4L4P4X4p4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
444D4P4t4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
465H5P5g5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
47<7D7L7T7\7d7l7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
494\4-6>6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4@4T4`4h4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4\5g5n5s5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
4`8g8O9^9l9?<N<w=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5$5*5.54585>5B5G5M5Q5W5[5a5e5k5o5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5(50585@5H5P5X5`5p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5(50585D5d5l5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5;5V5q5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5?5S5w5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5 5H5`5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!595@5T5l5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!5@5k5~5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5!6`6p6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5"686Y6k6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5(5,5054585@5X5h5l5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545<5D5L5T5\5d5l5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545<5D5L5T5\5h5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545<5D5P5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5,545@5`5h5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$545<5D5L5T5\5d5l5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5<5L5P5`5d5h5l5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5$5\5p5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5%5+5I5X5^5h5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5&5I5T5Y5k5q5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(5,545L5P5h5l5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(5-5P5Y5a5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5(50585@5H5P5X5`5h5p5x5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5*5/595M5R5\5i5u5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5,545<5D5L5T5\5d5l5t5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5,5<5@5P5T5X5\5`5d5h5p5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5-545=5F5O5X5d5p5|5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5/656:6B6R6\6b6v6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
505@5D5L5d5h5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
50<0L0T0r0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
515@5N5l5r5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
517A7G7T7i7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
526?6S6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
555B5G5U5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
576B6S6_6g6m6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
576F6O6[6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
585@5H5T5t5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
596G6V6d6{6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5=6W6b6m6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5^5k5s5y5}5
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5Digital ID Class 3 - Microsoft Software Validation v21
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
5G6\6g6n6u6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6$6(606H6L6d6h6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6$6,6@6H6T6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6$6,6D6T6X6h6l6p6t6x6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6'6/6A6q6x6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(60686@6L6l6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(646l6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6(6@6P6T6d6h6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 646@6H6`6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6@6H6T6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6 6L6h6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6!6&6]6j6~6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6#636b6h6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6#636C6M6u6{6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6#6;6P6}6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6$6,646<6D6L6T6\6d6l6t6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6$6,646@6`6l6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6$606h6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6&6:6a6!9x9v:H<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6'6-6:6@6P6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(646<6l6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(646@6L6X6d6n6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(686<6@6D6H6L6T6l6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(6P6X6p6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6(7P7^7~7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6)6/686K6o6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6)767J7q7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6+6@6b6t6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6,6064686<6@6D6H6L6P6T6X6`6x6|6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6-636:6@6Z6g6v67m7y7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
617E7O7h7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
646B6h6r6}6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
657;7A7~7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
657@7I7w7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
68<<<@<D<H<l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6:6L6S6w6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6<7N7U7Z7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6[6!7c7G8Z89H9{9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6D7P7U7n7t7*8A8X8k8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6http://sp.ask.com/en/docs/about/terms_of_service.shtml0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6j7<8G8`9s;D=]=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6K6Q6g6l6t6z6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6v7{98;j;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
6|;9<J=f=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7878?8K8x8~8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7(707H7X7\7`7d7h7l7p7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7$7,7D7T7X7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7(70787@7H7P7\7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7,7L7T7\7d7l7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 70747<7T7d7h7x7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7 7P7d7p7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"7'7/747<7A7H7W7\7b7k7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"7,7P7Y7b7s7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7"717@7O7^7m7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7#7>7\7~7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7,747<7D7L7T7\7d7l7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7,747@7`7h7t7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7L7V7a7u7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$7T7h7t7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7$8>8\8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7(7H7P7\7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7(8Q8g8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7*7V7j7t7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7*888]8l8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7*8R8[8a8f8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7,7074787<7@7D7H7L7P7T7X7\7d7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7,757l7y7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7-8C8m8r8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
72797D7Z7|7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
737:7l7s7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
747D7H7L7P7X7p7t7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
757<7b7h7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
758;8O8}8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
777J7_7o7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
787@7L7l7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7<7D7L7X7x7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7?7F7&8>8z9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
7@7T7`7h7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
88@8P8j8{8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8zIPIPRulesExecutorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 8(80888@8L8l8x8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8 949@9H9h9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(8,878
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(8/8?8h8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8"8(848:8@8F8L8R8X8^8d8j8r8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8#8(8I8N8s8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8#8,8c8p8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8#9A9a9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8(8,848L8P8h8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8,848<8D8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$80888P8\8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8<8L8P8`8d8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8$8D8L8T8\8d8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8%818h8z8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8&858D8S8b8q8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8&8_8h8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8'818H8m8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8'9<9E9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8':,:1:h:m:%;Z;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8,8084888<8@8D8H8L8P8T8X8`8x8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8H8P8\8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8(9-9?9]9q9w9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8*8Q8f8o8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8+838=8M8Y8_8i8y8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,8084888<8@8H8`8p8t8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,808@8D8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8,848<8D8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
808:8E8Y8p8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
848H8T8\8t8|8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
888D8d8p8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8:KR$l'}f
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8<8D8L8T8`8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8^WCColorStaticd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8^~t/9^pt*S
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8A9F9K9Q9Z9k9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8ILoggerW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8M9s97:B:W:k:u:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8o9B:P:m:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8pLoggerWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
8Q8z9::^:l:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9:<:T:[:c:h:l:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
99!9H9]9f9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9l9p9t9x9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,90989P9`9d9h9l9p9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9$9(9,949L9\9`9p9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9(9@9P9T9d9h9l9p9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9*9>9V9`9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9;9^9y9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9 9@9H9P9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9!9+919:9K9Z9b9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9#9L9R9a9{9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9(9@9D9\9l9p9t9x9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9,949<9D9L9T9\9d9l9t9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9,9D9L9X9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9.979f9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$909P9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9$9H9T9\9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(909P9h9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(959B9\9c9o9u9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(989<9L9P9T9X9`9x9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9(9H9T9t9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9*999H9W9f9u9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9,9c9u9+:R:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9-929=9P9V9[9a9m9s9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9/9S;w;~;u<%=c=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
909@9D9T9X9\9`9d9l9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
919;9D9V9l9r9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
94989X9`9d9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
949<9D9L9T9\9d9l9t9|9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
949?9P9^9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
989G9T9`9p9w9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9http://apnpip.ask.com/PIP/partners/{partnerid}/config.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9l;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
9V9^9m9~:/<7<L<}<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :(:0:8:D:d:l:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :8:H:L:\:`:p:t:x:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
: :<:@:H:P:X:\:d:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:!:V:p:w:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:#:+:4:;:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:(:8:<:@:D:L:d:t:x:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:(:8:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:\:d:l:t:|:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:\:h:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:,:4:<:D:L:T:`:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:<:L:P:`:d:h:l:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:$:D:L:T:`:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:4:<:T:\:d:l:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:8:<:L:P:T:\:t:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:<:H:P:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:=:F:}:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:(:[:j:s:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:):8:G:V:e:p:{:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:*:D:K:j:p:w:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:6:t:z:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:<:@:D:H:L:P:X:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:<:h:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:,:L:\:d:p:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:-:B:Z:m:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:1:F:l:r:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:3:G:^:L;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:4;=;D;K;R;m;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:7;C;I;P;V;n;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@:L:T:Z:e:o:w:}:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@;R;d;v;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:@;X;g;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:AM:am:PM:pm
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:I;O;T;Z;k;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:J<V<\<a<g<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:Jan:January:Feb:February:Mar:March:Apr:April:May:May:Jun:June:Jul:July:Aug:August:Sep:September:Oct:October:Nov:November:Dec:December
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:k;!<:<?<v<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:L>R>[>b>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
:Sun:Sunday:Mon:Monday:Tue:Tuesday:Wed:Wednesday:Thu:Thursday:Fri:Friday:Sat:Saturday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;<#<L<R<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;(;,;0;4;8;<;@;D;H;L;P;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;$;4;8;<;D;\;l;p;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;(;0;8;@;L;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;(;4;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;);0;5;I;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;0;4;8;<;@;H;`;p;t;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;0;4;<;T;X;p;t;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;4;@;H;x;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; ;@;X;p;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
; expires=Sat,01-Jan-2020 00:00:00 GMT;
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;%;);-;1;5;9;=;A;E;I;M;Q;U;Y;];a;e;i;m;q;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;%;+;5;>;U;y;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;!;6;E;P;Z;e;j;t;~;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;";';-;>;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;";7;>;E;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;,;4;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;,;4;<;H;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;4;8;<;D;\;l;p;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;$;D;L;T;\;h;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;%;/;>;E;W;h;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;&;D;L;o;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;'<c<7=>=E=K=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;(;4;<;T;`;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;(;8;<;@;D;H;L;P;T;X;\;`;d;l;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;,;4;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;0;4;8;<;@;D;P;T;X;\;`;x;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;0;E;O;X;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;8<E<q<~<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;?;H;Y;a;n;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;f</>A>H>O>s>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;J;P;T;X;\;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
;S;];l;s;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<=0=E=N=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<<f<k<t<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<tc<t_P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <$<(<0<H<X<\<`<d<h<p<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
< <(<@<P<T<X<\<d<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
...%s-->
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<!<5<T<f<w<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<![CDATA[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<![CDATA[%s...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<"<C<Q<^<m<t<{<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<<<D<L<X<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<<<H<h<p<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<<<H<l<t<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<4<@<`<l<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<8<\<d<l<t<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<,<8<X<`<h<p<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$</<3<8<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$</<O<n<z<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<0<P<\<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<D<L<T<\<d<l<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$<D<P<p<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$=8=D=L=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$=>=C=N=W=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<$=I=X=`=m=y=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<%=>=S=a=l=q=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<&</<9<C<_<k<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<&=V?c?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<(<,<0<4<<<T<d<h<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<)<<<C<K<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<)=I=l=y=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<)>G>Q>d>k>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<*>[>k>,?2?>?M?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<+t$<-t <0u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<,<0<4<8<<<@<D<L<d<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<,<4<D<L<T<\<t<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<-<6<L<Y<p<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
</<><C<a<h<r<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<0c0+232B2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<4<8<P<`<d<t<x<|<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<4<D<H<L<P<T<X<`<x<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<8=C=\=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<9=h=n=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<=<`<g<m<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<==F=L=Q=i=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<?xml
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<A=L=Z=s=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<A=V=`=j=o=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<at,<rt"<wt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<E=p=v=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<J<Z<j<t<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<N=R=V=Z=^=b=f=j=n=r=v=z=~=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<P=`=e=k=q=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<program name unknown>
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
<VeriSign Class 3 Public Primary Certification Authority - G50
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=>7>R>m>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=(=0=H=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=,=0=4=8=<=D=H=L=P=T=X=\=`=d=h=l=p=x=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =$=4=8=<=@=D=H=L=P=T=X=\=`=d=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =(=9=A=I=U=a=i=u=}=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =(=@=P=T=d=h=l=p=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
= =@=L=l=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=">/>C>j>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=4=<=D=L=T=\=d=l=t=|=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=4=<=D=L=T=\=d=l=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=4=<=D=L=T=\=d=p=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=,=8=X=`=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=0=P=X=`=h=p=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=<=L=P=`=d=h=l=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=<=L=P=T=X=\=`=d=l=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=D=L=T=\=h=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=$=D=L=X=x=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
='=8=B=P=X=`=i=o=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
='=8=D=I=S=_=d=n=z=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=(=8=c=h=n=u=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=/=8=?=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=:=C=v=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)=C=X=f=v=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=)>;>^>c>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=*=X=f=o=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=,=<=@=D=L=d=h=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=,=L=T=\=d=l=t=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=0>>>V?c?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=8=L=X=`=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=8>E>_>}>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=;=H=P=`=w=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=K>h>n>u>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
=R> ?B?I?T?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>>C>f>x>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>(>0>4>8><>@>D>H>L>P>T>X>\>d>h>l>p>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>,>D>H>`>d>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >$>4>8><>D>\>l>p>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >(>0>8>@>H>P>X>`>h>t>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> >/>6>C>c>m>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> ?1?K?V?e?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
> ?B?N?T?h?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>!>&>6>;>A>G>]>d>q?v?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>!>0>9>?>D>U>c>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>">(>6>J>j>p>{>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>">0>>>j>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>#>->3>F>O>X>^>h>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>#?7?L?_?z?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>#?K?U?`?r?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>,>4><>D>L>T>\>d>l>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>,>4><>D>P>p>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>4>8><>@>D>H>P>h>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>$>4>8>H>L>P>T>\>t>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>%>*>4>@>E>O>[>`>j>z>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>%>5>;>[>`>v>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>,>0>4>8><>D>\>l>p>t>x>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>0>H>h>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>0>H>T>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>(>4>T>`>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>*>8>C>H>^>d>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>+?7?C?I?`?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>,>4><>D>L>T>\>d>l>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>,>4><>H>h>p>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>->2>i>v>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>-?3???J?O?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>/>T>a>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>0?>?H?R?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>3>8>=>o>x>}>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>3>K>Q>j>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4><>D>L>T>\>d>l>t>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4><>D>L>X>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4>@>`>h>p>x>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>4>D>L>`>h>|>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>6>D>U>d>s>
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>FillColorWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>X?]?f?u?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
>z><?d?t?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?$?(?0?H?X?\?l?p?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?%?;?A?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?,?L?T?\?d?l?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?0?4?8?@?X?h?l?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
? ?D?L?T?\?d?l?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?(?8?<?@?D?H?L?P?T?X?\?d?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?4?<?D?L?T?\?d?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?4?<?D?L?T?\?d?p?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?4?H?P?T?\?d?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?8?X?`?l?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?,?8?X?d?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?$?6?@?E?a?k?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?%?*?4?@?E?O?[?`?j?v?{?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?,?D?H?`?p?t?x?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?,?D?T?X?h?l?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?0?8?@?P?X?d?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?(?;?H?b?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?)?0?=?T?d?k?x?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?4?;?C?H?L?P?y?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?4?<?H?l?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?4?<?T?h?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?8?D?d?l?t?|?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
?<?T?d?t?
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\8allBrowsersW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Downloads
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Google\Chrome\User Data\Default\Preferences
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\Mozilla\Firefox
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\prefs.js
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\profiles.ini
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\shell\open\command\
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
\system32\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
^pgrfdexW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_^strVersionWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__clrcall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__fastcall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__restrict
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__stdcall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__thiscall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
__unaligned
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_nextafter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_TrackMouseEvent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`copy constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`default constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`dynamic atexit destructor for '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`dynamic initializer for '
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector destructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector vbase constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`eh vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`G'xcHfQ6X@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local static guard'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local static thread guard'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`local vftable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`managed vector constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`managed vector copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`managed vector destructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`omni callsig'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`placement delete closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`ppFontWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`scalar deleting destructor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`udt returning'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vbase destructor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vbtable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector deleting destructor'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector destructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector vbase constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`vftable'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
`virtual displacement map'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
A valid JSON document must be either an array or an object value.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
a\shell\open\command\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Aborting setuiready, due to cancel
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
about:blank
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
additional six characters expected to parse unicode surrogate pair.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AdjustWindowRectEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Adobe ImageReadyq
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ADVAPI32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Advapi32.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AllowSetForegroundWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AllowSetForegroundWindow failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AlphaBlend
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AltBkg
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AltText
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
american english
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
american-english
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
analytics.xml
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Anchor Color
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Anchor Color Visited
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Another installer is running.Please try the Template Only option on the Avery.com template page.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
aPIPClientWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apn_pip_local\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apnanalytics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apnconfig.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
apnconfig_en.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNInstaller
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNLog.txt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APNPIP
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
APPID
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
appliesTo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AreThereOffersToDownloadAndExecute : False
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AreThereOffersToDownloadAndExecute : true. Identified fileid:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Arg list too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ask.com1>0<
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AskInstaller
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AskInstaller.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AssocQueryStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
async
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Async attribute specified, skipping wait on process completion.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ATL:%p
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AtlAxWin100
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AtlAxWinLic100
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
australian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AXWIN
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AXWIN Frame Window
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
AXWIN UI Window
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
b(ppDispPIPSOW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BackColorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
background
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad address
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad allocation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad cast
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad character: outside Unicode space
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad escape sequence in string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad exception
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad file descriptor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bad locale name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad Unicode character
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad Unicode character - unexpected surrogate
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad unicode escape sequence in string: four digits expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad unicode escape sequence in string: hexadecimal digit expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bad UTF-8 sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonIconPath
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonIconTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BalloonTip
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BchromeDefaultSearchProviderWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
beacon
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon HttpOpenRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon HttpSendRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon sent to
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Beacon URL incorrect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BeginPaint
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Bgcolor
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bgcolor
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bitmap
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BitsDownloadFiles
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
bkgImage
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Broken pipe
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Browser and Toolbar Utils InterfaceWWW(
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Browser Info CoClassWW#
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
browserinfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BrowserInfoWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
brtype
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Back
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Cancel
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Finish
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BtnBkg_Next
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
BUTTON
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
button
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
C:\.jenkins\jobs\PIP2.0_INSTALLER\workspace\release\AskInstaller_1_.pdb
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Callback for rules executorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CallWindowProcW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
campaignID
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cancel
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cancel_PIP
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cancelchoose
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelDeclinesOffer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cancellation in progress
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelWaitableTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelX
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CancelY
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Cannot get icmp protocol
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CanPublish returning false
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cAskInstallerLibW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertCloseStore
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertFindCertificateInStore
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertFreeCertificateContext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CertGetNameStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
cgetCommandLineWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CharLowerBuffW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CharNextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
checkbox
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
checked
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-hongkong
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-simplified
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-singapore
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chinese-traditional
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chrome
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chrome.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
chromeHomePageWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ClientToScreen
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CloseHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Closes the most recently opened block created by a call to groupWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CLSIDFromProgID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CLSIDFromString
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoCreateInstance
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoGetClassObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInitializeEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoInitializeSecurity
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Color
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
color
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
COMCTL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
command
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Command line argument "
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Comments must start with /
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CompanyName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CompareFileTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CompareStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Component Categories
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
condition
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Config
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CONOUT$
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Content-Type: application/x-www-form-urlencoded
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
control
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
controls
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ConvertSidToStringSidW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CopyFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CorExitProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoTaskMemAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoTaskMemFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoTaskMemRealloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Could NOT Find Configuration File.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CoUninitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Create a script object to be injected into the PIP ViewWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Create thread failed in ExecuteAllOfferFiles()
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateAcceleratorTableW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Created by MIDL version 7.00.0555 at Tue Jun 11 16:42:01 2013
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateDIBSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateEventW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFileA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFileMappingW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFontIndirectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateFontW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateMutexW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreatePIPSOW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateProcessW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateSO called
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateSolidBrush
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateStreamOnHGlobal
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateToolhelp32Snapshot
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateWaitableTimerW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CreateWindowExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CRYPT32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptAcquireContextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptCreateHash
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptDecodeObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptDestroyHash
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptGetHashParam
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptHashData
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptMsgClose
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptMsgGetParam
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptQueryObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CryptReleaseContext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CSystemUtil::getRegValue Failed : UnSupported Variant Type of %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ctrltype
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ctrlvalue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Current style %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CurrentVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CustomCloseHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CustomCloseWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
CustomTitleHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
D$$!|$\!|$`
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
D$$Yf;D$4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
D$(9D$ t^h
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dddd, MMMM dd, yyyy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
debugWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Decline
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
decline:true
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DecodePointer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Default ui ready time out from server %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DefaultScope
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DefaultUiReadyTimeout
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DefWindowProcW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
delayInstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
delete
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Delete
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteFileA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteMemberByNameWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteRegister:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DeleteUrlCacheEntryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Deleting file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Dependent offer ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
deque<T> too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DestroyAcceleratorTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DestroyIcon
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DestroyWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dEventmanager running. ThreadID %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DialogBoxIndirectParamW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Directory not empty
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DispatchMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
display
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayDynamicUI()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
displayname
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DisplayOffer()... complete.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Distribution1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dlg_transparency
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DlgInit
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Domain error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DOMAIN error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
download
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download APNAnalytics.xml file failed, attempting to use local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download balloon icon file failed:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download Config.xml file failed, attempting to use local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download file error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download file:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Download thread terminated
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadAllDynamicImage()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadAllDynamicImages()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()... return false.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBalloonIcon()... return true.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... return false.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... return true.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBkgFile()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadBtnBkg()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadDefaultBkgFile()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : Empty String For From!!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : Empty String for To!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader : NULL the Source or(and) Destination!!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Downloader(BITS)::InitializeBITS::CoInitializeSecurity : Error = 0x%X - %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadScrollFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DownloadSingleFile()... url:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dpipoffers.apnpartners.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DrawFocusRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
DrawTextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dStopMonitor waitonhandle %0x returning %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Durbanville1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
dutch-belgian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
eBalloonIconPath
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EgetDiskFreeSizeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
eGetExitCode returning %d Remote process exitcode %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ekernel32.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Empty escape sequence in string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
enabled
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EnableWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EncodePointer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
encoding="
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
encoding="%s"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EndDialog
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-american
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-aus
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-belize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-can
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-caribbean
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-ire
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-jamaica
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-nz
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-south africa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-trinidad y tobago
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-uk
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-us
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
english-usa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EnterCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
EnumSystemLocalesA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ERROR
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
error
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error description not provided
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error document empty.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error end tag.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error in command line arguments - check the log file for details
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error null (0) or unexpected EOF found in input stream.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing CDATA.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Comment.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Declaration.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Element.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error parsing Unknown.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error reading Attributes.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error reading Element value.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error when TiXmlDocument added to document, because TiXmlDocument can only be at the root.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Error: empty tag.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
errorDescription
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
errorWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Event manager thread not active
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Event manager thread still active
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
eWait on thread handle result %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exec format error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
execute
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExecuteAllOfferFiles()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExecuteSingleFile()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Executing file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Executing file:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
exitCode
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exiting because no valid offers to display
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Exiting FinishUIOffer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ExitProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
expecting another \u token to begin the second half of a unicode surrogate pair
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
F=ieVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to execute file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get Chrome version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get FF DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get FF Hpr value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get Firefox version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get GChrome DS value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get GChrome HPR value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE default Search provider. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE Hpr value. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get IE version. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to get memory status. Win32 error code %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to open file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Failed to read Element name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed to set recv timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
failed to set send timeout: %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FailureText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
false
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
falseparams
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
falseValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ffDefaultSearchProviderWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ffHomePageWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ffVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File #
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File exists
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
File too large
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FileDescription
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
fileid
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Filename too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FileVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindClose
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindFirstFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindNextFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindResourceExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindResourceW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FindWindowW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finish
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished Parsing offer xml file.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished Parsing the config.xml file, ... show previous :
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished saving offer state for offer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Finished successfully executing file
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FinshUIOffer()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Fire the rules callback functionWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
firefox
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
firefox.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FireRulesCallbackWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsAlloc
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsFree
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsGetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlsSetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlushFileBuffers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FlushInstructionCache
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
fontsize
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ForceRemove
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ForeColorWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
format
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FormatMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FreeEnvironmentStringsW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
FreeLibrary
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-belgian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-canadian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-luxembourg
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
french-swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Function not implemented
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GDI32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipBitmapLockBits
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipBitmapUnlockBits
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipCloneImage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipCreateBitmapFromFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipCreateBitmapFromScan0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipDeleteGraphics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipDisposeImage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipDrawImageI
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImageGraphicsContext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImageHeight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImagePalette
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImagePaletteSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImagePixelFormat
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdipGetImageWidth
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
gdiplus.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdiplusShutdown
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GdiplusStartup
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GeneralParameters
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-austrian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-lichtenstein
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-luxembourg
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
german-swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Commandline of current process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Firefox browser4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Google Chrome browserWW*
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Default Search provider in Internet Explorer browserWW.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get File or Directory in MBWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get free disk space in MBW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Home Page in Firefox browserWW&
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Home Page in Google Chrome browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Home Page in Internet Explorer browser
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get object from ScriptObject Map using object name as keyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Product InfoWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Product VersionWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get registry value
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get the current logging levelW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get Total Physical Memory StatusWW"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Firefox browser$
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Google Chrome browserWW8
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Get version of Internet Explorer browserWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetActiveWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetBkColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCapture
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetChromeIncumbentDSProvider in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetChromeIncumbentHPR in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClassInfoExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClassNameW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetClientRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCommandLineW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetConsoleCP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetConsoleMode
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCPInfo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetCursorPos
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDateFormatA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser out
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser vista
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDefaultBrowser xp
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDesktopWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDeviceCaps
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDIBColorTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDiskFreeSpaceExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDispIDWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDlgCtrlID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDlgItem
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetDownloadProgress percent %I64d bytesTransferred %I64d total %I64d @ %I64dB/s result %s
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCode returning %d Remote process exitcode %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCodeProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetExitCodeThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFFIncumbentDSProvider in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFFIncumbentHPR in
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileAttributesW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getFileOrDirSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileType
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLastActivePopup
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLastError
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocaleInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetLocalTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMemberNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMemberPropertiesW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMessagePos
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetModuleHandleW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetMonitorInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetNameSpaceParentWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetNextDispIDWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetObjectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getObjectWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getOffersWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetOfferUIControl()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetParent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPartnerID()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPrivateProfileSectionA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPrivateProfileSectionNamesA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetPrivateProfileStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcAddress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcessHeap
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getProductInfoWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getProductVersionWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Gets the offer attributesW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetServer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStartupInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStdHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStockObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetStringTypeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSysColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemDefaultLCID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemInfo
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemMetrics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTempPathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTextColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTickCount
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTimeFormatA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTimeZoneInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetTokenInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
getTotalPhysicalMemoryWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetUserDefaultLCID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetUserObjectInformationW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetVersion
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetVersionExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowLongW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowsDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowTextLengthW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowTextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowThreadID failed last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GetWindowThreadProcessId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GHuwchpH!0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Cancel
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Local_Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Mutex
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_Remote_Exit
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Data
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Local
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Global\PIP_UI_Ready_Remote
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalLock
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalMemoryStatusEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
GlobalUnlock
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
google:baseURL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
great britain
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
groupEnd@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
groupWWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleDownloads
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents returning %s further.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents returning abort. LastError %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HandleEvents. EventID %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_local_error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling pip_ui_ready_remote_data
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling remote exit event
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Handling remote process exited.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapCreate
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapDestroy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapReAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HeapSetInformation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
height
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Height
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HideEula
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hidePIP
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HideTitleBar
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Hiding eula disclosure based on setting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Hiding last offer screen
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hIPIPClientWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKCU{Software{Classes
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CLASSES_ROOT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CLASSES_ROOT\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_CONFIG
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_USER
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_DYN_DATA
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_LOCAL_MACHINE
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_PERFORMANCE_DATA
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HKEY_USERS
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hong-kong
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ak.pipoffers.apnpartners.com/static/partners/{partnerid}/APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://localhost/APNAnalytics.xml
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://localhost/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.thawte.com0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.verisign.com0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ocsp.verisign.com0;
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://pipoffers.apnpartners.com/PIP/Server.jhtml?partner_id={partnerid}&language={locale}&version={version}&src={publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://ts-ocsp.ws.symantec.com07
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http://www.163.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
http\shell\open\command\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpOpenRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpOpenRequestW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpQueryInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https://www.verisign.com/cps0*
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
https://www.verisign.com/rpa0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpSendRequest return failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
HttpSendRequestW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ht|HtWHt>h
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
hyperlink
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IBrowserInfox
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icParams
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icProceed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
icUrl
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IDispatch error #%d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IDispatchExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ieDefaultSearchProviderWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ieHomePageWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iexplore
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iexplore.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IHKCU{Software{Classes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Illegal byte sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
imageheight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ImageList_Destroy
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ImageList_GetIconSize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
imagewidth
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IMicrosoft Visual C++ Runtime Library
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Improper link
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Inappropriate I/O control operation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitCommonControlsEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitializeCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitializeCriticalSectionAndSpinCount
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InitializeInformation()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Input/output error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Install checker download failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker exe run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker exe validation failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Installchecker success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InstallerLocation
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
integer out of signed integer range
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Interface
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedCompareExchange
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedDecrement
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedExchange
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedIncrement
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedPopEntrySList
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InterlockedPushEntrySList
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Error description -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Error parsing. Actual value -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Member result not provided.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Result string empty.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Return string NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Internal error. Return type string expected, actual return type -
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternalName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetCloseHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetConnectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetCrackUrlW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetGetCookieW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetOpen Failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetOpenW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetReadFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetSetCookieW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InternetSetOptionW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Interrupted function call
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid Argument
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid argument
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid argument.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration file
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid configuration. Could NOT Parse File.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid File donwload progress pointer. Skipping progress update.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
invalid map/set<T> iterator
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Invalid seek
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
invalid string position
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
invalid vector<T> subscript
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InvalidateRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
InvalidateRgn
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::badbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::eofbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ios_base::failbit set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
iostream stream error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
irish-english
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Is a directory
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isBold
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IScriptObjectWWWX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsDebuggerPresent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IServiceProvider
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isHScroll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsImageButton
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isItalics
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isMainOffer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isMutiLines
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsProcessorFeaturePresent
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isReadOnly
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isUnderlined
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsValidCodePage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsValidLocale
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
isVScroll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsWindowEnabled
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IsWow64Process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
italian-swiss
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
IThe out pointer (dispatch pointer of the object) is NULL.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
JanFebMarAprMayJunJulAugSepOctNovDec
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
JAVASCRIPT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KERNEL32.DLL
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KERNEL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Killing the dialog timer and exiting.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Killing the dialog timer due to parent cancellation..
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KillTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
KISystemUtilW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
L7cvarRefArgWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
langID
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
langid
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LanguageParameters
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LC_COLLATE
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LC_MONETARY
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LC_NUMERIC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LCMapStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LeaveCriticalSection
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LegalCopyright
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lEUw+Ei5m6
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LguidServiceW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Like group, but the block is initially collapsed.W@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadBitmapW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadCursorW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadIconW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadImageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Loading
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadingTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadLibraryExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadLibraryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadResource
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LoadStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local .xml will be used:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local already send the event exiting remote
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local mode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Local ui.xml will be used:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
locale
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LocalFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LockResource
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Log Exiting.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger CoClass
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger InterfaceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger: Beacon InternetConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logger::Initialize()... InternetConnect() failed. Error code:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a messaageWWW'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the DEBUG categoryWWW&
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the ERROR categoryWWW=
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the INFO category)
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Logs a message under the WARNING categoryW'
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LONG_PTRd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Lookup breaking. Parent exitcode %d waitWindow %x
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Lookup max timeout reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lookupTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LsetRuleCallbackW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lstrcmpiW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
lstrcpynW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
LWFq{&~'I
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
M_rgiRefArgWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
malformd UTF-8: not enough followers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
malformd UTF-8: too many followers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
map/set<T> too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MapDialogRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MapWindowPoints
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
marquee
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MbstrName
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Message and Exit error:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MESSAGE_BOX_ID_NO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MESSAGE_BOX_ID_YES
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageAndExit()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageBoxTitle
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageBoxW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MessageUser
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Microsoft Visual C++ Runtime Library
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MinimumVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing ',' or ']' in array declaration
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing ',' or '}' in object declaration
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing ':' after object member name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Missing '}' or object member name
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Module
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Module_Raw
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Monitor started
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MonitorAndCompleteJob
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MonitorFromWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MoveFileExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MoveWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MS Shell Dlg
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
mscoree.dll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
msctls_progress32
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
msiexec.exe
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MSIMG32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
MultiByteToWideChar
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
N getRegValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
N00000000NNN00NN00N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
n\Mozilla\Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
new-zealand
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextX
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NextY
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
nKERNEL32.DLL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NN000000N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NNN0000000NNN
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NNN000000N
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No .xml file is found:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No child processes
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No left top published. Using CenterLeft %0x CenterTop %0x
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No local file available for copy
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No locks available
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No space left on device
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such device
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such device or address
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such file or directory
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
No such process
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NoAttempt
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NoOfferText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NoRemove
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
norwegian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
norwegian-bokmal
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Norwegian-Nynorsk
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
norwegian-nynorsk
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Not a directory
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Not enough space
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray add false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray delete false. Lasterror %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Notifying Tray modify false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NumberOfPrimOffersToShow
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
NumberOfSecOffersToShow
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Object Model Root InterfaceWWW7
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
objectmodel.js
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offer::GetDownloadProgress done. Job
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offer::GetDownloadProgress inprogress. Job
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerBottom
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offercast
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Offercast - APN Install Manager
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offercast.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offereula
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerid
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerLeft
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerProvider
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerRight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerTop
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
offerType
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OfferXmlMiss
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OffsetRect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ole32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OLEAUT32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OleInitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OleLockRunning
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OleUninitialize
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
olSizeWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedCancel()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedNext()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnClickedPrevious()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnInitDialog......0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete - SetWindowPos notopmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete - SetWindowPos notopmost success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnLoadComplete()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OnPostReporting...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OpenProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OpenProcess failed Last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OpenProcessToken
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Operation not permitted
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
optin
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OptInTextSize
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
optout
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
orchestrator
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Orchestrator
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
organization
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OriginalFilename
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Out of boundry. Monitor top %d left %d bottom %d right %d Parent top %d left %d bottom %d right %d Dlg top %d left %d bottom %d right %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OutputDebugStringA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
OutputDebugStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 2 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 3 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 4 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 5 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
overlong 6 bytes sequence
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
param
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Parameters
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
params
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Parent exited with success code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Parent offer ineligible
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
parentOfferID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml()... success.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseAnalyticsXml():Not use local.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseConfigXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseUi
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ParseUiXml()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Partner cancelled pip.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Partner ID empty
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Partner process id to watch %d Process handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
partnerID is
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Path to Msi
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PathFileExistsW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pbstrNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pDispExCallbackFunctionWL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pDispObj@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PeekMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Permission denied
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Ping return:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP host run failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP Rules CoClassW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP UI event happened locally, no need to wait
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP UI ready successfully set
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Exit_Code
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Offers_Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Offers_Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Offers_Selection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_SkipAll
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Toolbar_Exitcode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Toolbar_Launched
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_Toolbar_Selection
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_UI_Complete
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIP_UI_Ready
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPAttempt
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipclient
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPClient CoClassW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPHost
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPOffer
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipoffers.apnpartners.com
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPOutcome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pipPartnerName=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPReportSever
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPRuleManagerWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPStats
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PIPTemp123456789
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
placementID
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
portuguese-brazilian
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
postInstall
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PostMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppDispObjWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppPictureWWW,
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppunkWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ppvObjectWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Previous
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
PreviousY
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
primary_offers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Prints an interactive listing of all properties of the objectW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Process handle null
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Process32FirstW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Process32NextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProductName
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProductVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Profile0
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Progid
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgIDFromCLSID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
programName
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
progress
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarBackgroundColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarColor
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarHeight
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ProgressBarWidth
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
promptmsg
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pruntime error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pspCallerWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pstrLevelWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
pstrTextd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ptbpartnerid
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
puerto-rico
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
QBWBWBWBWBWBWBWB
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
QI to get the object's dispatch interface pointer failed.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
QueryPerformanceCounter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R"*%*%*u{
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6002- floating point support not loaded
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6008- not enough space for arguments
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6009- not enough space for environment
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6010- abort() has been called
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6016- not enough space for thread data
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6017- unexpected multithread lock error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6018- unexpected heap error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6019- unable to open console device
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6024- not enough space for _onexit/atexit table
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6025- pure virtual function call
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6026- not enough space for stdio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6027- not enough space for lowio initialization
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6028- unable to initialize heap
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6030- CRT not initialized
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6032- not enough space for locale information
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
radio
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RaiseException
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rchromeVersionWWWx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Read-only file system
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Real out of signed integer range
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Reboot command:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Received OnExit
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RedrawWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCloseKey
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegCreateKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegDeleteValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegisterClassExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
REGISTRY
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegNotifyChangeKeyValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegOpenKeyTransactedW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegQueryInfoKeyW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegQueryValueExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RegSetValueExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
regular
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ReleaseCapture
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ReleaseDC
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ReleaseMutex
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote already send the event exiting local
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote failed to set the event, exiting gracefully
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote mode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote process died already
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Remote process started. Handle %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RemoteInvokeExWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RemoveDirectoryW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Reply from %s: bytes=%d time=%.0fms TTL=%d icmp_seq=%u
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
reporting
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resetting timer to honour server uiready of %I64d ms. Local UIReady time expired: %I64u ms, UIReady time remaining (relative to remote server data): %I64d ms.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resource deadlock avoided
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resource device
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Resource temporarily unavailable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
result
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Result too large
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ResumeThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RET_OFFER message received
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Retrieving remote process exit code
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RetryTimeout
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Return buffer allocation NULL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rgvarRefArgW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RPCRT4.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RpcStringFreeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RSSSSSSQP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
RtlUnwind
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Rule execution aborted- either local / remote succeeded.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rules
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
rundll32 shell32, OpenAs_RunDLL
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version < minimum version. Running version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version >= upgrade version. Running version:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Running version allowed to continue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Runtime Error!Program:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
S-1-5-18
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sActual path %s . CreateDirectory last error %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
saturation
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SaveCurrentOfferState()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Saving toolbar offer selections:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
screeenversion
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
screenNumber
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ScreenToClient
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Script Object CoClassW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Script Object InterfaceWWW9
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Script Object Root CoClass
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ScriptObjectX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
scrolltext
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondary
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondary_offers
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferBottom
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferLeft
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferRight
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
secondaryOfferTop
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Segoe UI
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SelectObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Send Beacon finished
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Send Reporting finished
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SendDlgItemMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SendMessageW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
September
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2012
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k3
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k3 R2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k8
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
server 2k8 r2
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Set the logging levelW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetBkColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetBkMode
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetCapture
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetCursor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetDIBColorTable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetEndOfFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetEnvironmentVariableA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetFilePointer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetForegroundWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetForegroundWindow failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetHandleCount
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetLastError
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetLayeredWindowAttributes
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetRectEmpty
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Sets the rules callbackWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetStdHandle
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetTextColor
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetThreadStackGuarantee
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetUnhandledExceptionFilter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWaitableTimer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowContextHelpId
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowLongW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowPos
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowPos topmost lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowPos topmost success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowsHookExW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowTextW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SetWindowTheme
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHELL32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Shell_NotifyIconW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShellExecuteW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHGetFolderPathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHGetSpecialFolderPathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
shldrunparam
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
shldrunresult
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHLWAPI.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SHOpenFolderAndSelectItems
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowExecutionProgress
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowICONOnToolbar
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowLoadingScreen
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowPrevious
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ShowWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SING error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SizeofResource
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
skipall
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SkipAll
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
skipall:
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SkipAllAbort
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Skipping cancel for execution progress
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Skipping further processing of offers. Offers processed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Skipping offer. File ID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
smooth
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
sNotifying Tray delete false. Lasterror %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Socket failed
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\APN PIP\ipc
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\APN PIP\{partnerid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\Main
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\SearchScopes
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Internet Explorer\Settings
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\Installer
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\RunOnce
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\userchoice
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SOFTWARE\Mozilla\Mozilla Firefox
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south africa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south korea
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south-africa
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
south-korea
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-argentina
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-bolivia
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-chile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-colombia
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-costa rica
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-dominican republic
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-ecuador
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-el salvador
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-guatemala
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-honduras
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-mexican
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-modern
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-nicaragua
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-panama
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-paraguay
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-peru
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-puerto rico
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-uruguay
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
spanish-venezuela
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
standalone
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
standalone="
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
standalone="%s"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Start Page
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Start_Install
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
static
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stbpartnerid
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stdole2.tlbWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StopMonitor eventmanager handle %0x
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StopMonitor exiting.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StopMonitor waitonhandle %0x returning %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
STORE_HISTORY
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strCmdLineWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StretchBlt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
STRID_CANCEL_TEXT
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strInfoTypeW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
string too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StringFileInfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StringFromGUID2
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
StringHexToRGB()...[
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
stringtable
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strMessageWW@
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strNodePathW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strObjectNameWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strProductNameWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
strRulesJSUrlWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Style
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
subctr
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
success
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Success
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SuccessCheck()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Successfully terminated
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SuccessText
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SullTotalPhysicalMemoryWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
summary
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SunMonTueWedThuFriSat
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SupressCancelDialog
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SuspendThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
swedish-finland
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
switchcontroltype
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Symantec Corporation100.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Symantec Corporation1402
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Syntax error: value, object or array expected.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
System Utility InterfaceWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
System Utils CoClassWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SystemTimeToFileTime
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
SystemUtilWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
T$$RWWj?P
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
t]Ht@Ht$Hu
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Tahoma
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tAHt7Ht-HuP
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
td9~0u_jX
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Terminate thread failed
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TerminateProcess
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TerminateSubProcesses()...
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TerminateThread
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tEXtSoftware
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
thankyou
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Thawte Certification1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Thawte Timestamping CA0
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The config.xml file is missing or invalid!Please try the Template Only option on the Avery.com template page.
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The object was not available in the script object (outer object).
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The PIP Application object
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
The required key OfferXml is missing or invalid!
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Theme on, turning off.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Time out reached
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timed out, aborting download
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timer not started
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Timer started
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TimerProc() for timer id:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TimeStamp-2048-10
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TimeStamp-2048-20
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Title
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
title
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TLOSS error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TlsGetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TlsSetValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Too many links
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Too many open files
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Too many open files in system
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
toolbar
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tooltips_class32
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
total
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Total Memory status %I64d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Total number of eligible offers to report
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TotalNumberOfOffersToShow
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
trait
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TranslateMessage
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Translation
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
transparency
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TransparentBlt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Tray add success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Tray delete success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Tray modify success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
TrayTipTime
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
trinidad & tobago
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
trueValue
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tVersionString
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
twHHt,HHt
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
tWItHIt9It
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Type is not convertible to int
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Type is not convertible to string
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
u-9T$Lv'j
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
u09\$@v*j
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
u^9F$uT8^
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ub9|$,t\W
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ui.xml
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ui.xml_localmode
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
uiReady
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UIReadyTime=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
uiRules
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UnhandledExceptionFilter
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UnhookWindowsHookEx
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UNICODE
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
united-kingdom
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
united-states
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown command line argument:
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown error
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown Error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown error 0x%0lX
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown exception
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Unknown Product
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UnregisterClassA
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UpdateWindow
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UpgradeVersion
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UpgradeVersionPath
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
URLDownloadToFileW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
urlmon.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
USER32.DLL
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
USER32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
user_pref("browser.startup.homepage", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
user_pref("keyword.URL", "
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UTF-16LE
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UTF-8
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UuidCreate
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UuidToStringW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
UxTheme.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Valid dependent offer index but no offer
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
value:
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VarFileInfo
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
vector<T> too long
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSign Trust Network1:08
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSign Trust Network1;09
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSign, Inc.1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VeriSignMPKI-2-80
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VerQueryValueW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VERSION.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
version="
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
version="%s"
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
vertical
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualAlloc
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualFree
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualProtect
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VirtualQuery
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Visual C++ CRT: Not enough memory to complete call to strerror.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VSORootWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
VstrOfferIDWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on execution thread failure
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on execution thread success
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on mutex returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait on thread handle result %d
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait result for DefaultUiReadyTimeout returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wait result on new time returned %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitForDownloadCompleteInternal File Name %s BytesTotal %I64d BytesTransferred %I64d FileIndex %d
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitForMultipleObjects
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitForSingleObject
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waitforsingleobject failed Last error %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waiting for show UI signal.
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Waitwindow not found
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WaitWnd %x WaitWnd PID %d WaitWnd TID %d
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
watchWnd
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
watchwndCreatedByChild
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
watchWndLookupMaxTimeout
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Wednesday
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Western Cape1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WFType=
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WideCharToMultiByte
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
width
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Width
Ansi based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WININET.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WINTRUST.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WinVerifyTrust
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WM_ATLGETCONTROL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WM_ATLGETHOST
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WriteConsoleW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WriteFile
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WriteRegister()... name:
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
Writes a message to the console and opens a nested block to indent all future messages sent to the console. Call console.groupEnd() to close the block.WWW1
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WS2_32.dll
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WSA Startup error
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WTL_ColorHyperLink
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
WUSER32.DLL
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
www.ask.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
www.google.com
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
YDeleteMemberByDispID
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ypipPartnerName=
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
ZstrNameW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{BYTES_TOTAL}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{BYTES_XFER}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{current}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{downloads}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{FILENAME}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{funnelid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{locale}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{mydocuments}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{partnerid}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{PERCENT}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{publisher}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{temp}
Unicode based on Hybrid Analysis
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
{version}
Unicode based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
|$89|$(t4
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
|pHWNDWWWd
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}?2g[]a`T_
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
}varResultWWW
Ansi based on Memory/File Scan
(OffercastInstaller_AVR_U_0363_01_P_.exe.bin)
_logger = window.external.GetObject("logger");
Ansi based on Dropped File
(objectmodel.js)
browser = window.external.GetObject("browserinfo");
Ansi based on Dropped File
(objectmodel.js)
function init() {
Ansi based on Dropped File
(objectmodel.js)
if (objectModel.initialized === false && typeof window !== "undefined" &&
Ansi based on Dropped File
(objectmodel.js)
logger = {};
Ansi based on Dropped File
(objectmodel.js)
logger.debug = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.dir = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.error = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.error(x);
Ansi based on Dropped File
(objectmodel.js)
logger.group = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.info = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.log = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
logger.warn = function(var1) {
Ansi based on Dropped File
(objectmodel.js)
objectModel.initialized = false;
Ansi based on Dropped File
(objectmodel.js)
pipclient = window.external.GetObject("pipclient");
Ansi based on Dropped File
(objectmodel.js)
piprule = window.external.GetObject("piprule");
Ansi based on Dropped File
(objectmodel.js)
return _logger.debug(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.dir(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.error(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.group(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.info(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.log(var1);
Ansi based on Dropped File
(objectmodel.js)
return _logger.warn(var1);
Ansi based on Dropped File
(objectmodel.js)
system = window.external.GetObject("system");
Ansi based on Dropped File
(objectmodel.js)
typeof window.external !== "undefined") {
Ansi based on Dropped File
(objectmodel.js)
var objectModel = {};
Ansi based on Dropped File
(objectmodel.js)
} catch (x) {
Ansi based on Dropped File
(objectmodel.js)
"use strict";
Ansi based on Dropped File
(orchestrator.html)
'"' : '\\"',
Ansi based on Dropped File
(orchestrator.html)
'[' + partial.join(',') + ']';
Ansi based on Dropped File
(orchestrator.html)
'[\n' + gap + partial.join(',\n' + gap) + '\n' + mind + ']' :
Ansi based on Dropped File
(orchestrator.html)
'\\': '\\\\'
Ansi based on Dropped File
(orchestrator.html)
'\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
Ansi based on Dropped File
(orchestrator.html)
'\b': '\\b',
Ansi based on Dropped File
(orchestrator.html)
'\f': '\\f',
Ansi based on Dropped File
(orchestrator.html)
'\n': '\\n',
Ansi based on Dropped File
(orchestrator.html)
'\r': '\\r',
Ansi based on Dropped File
(orchestrator.html)
'\t': '\\t',
Ansi based on Dropped File
(orchestrator.html)
'{' + partial.join(',') + '}';
Ansi based on Dropped File
(orchestrator.html)
'{\n' + gap + partial.join(',\n' + gap) + '\n' + mind + '}' :
Ansi based on Dropped File
(orchestrator.html)
('0000' + a.charCodeAt(0).toString(16)).slice(-4);
Ansi based on Dropped File
(orchestrator.html)
(function () {
Ansi based on Dropped File
(orchestrator.html)
(typeof replacer !== 'object' ||
Ansi based on Dropped File
(orchestrator.html)
.replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']')
Ansi based on Dropped File
(orchestrator.html)
.replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {
Ansi based on Dropped File
(orchestrator.html)
.test(text.replace(/\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g, '@')
Ansi based on Dropped File
(orchestrator.html)
// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval.
Ansi based on Dropped File
(orchestrator.html)
// A default replacer method can be provided. Use of the space parameter can
Ansi based on Dropped File
(orchestrator.html)
// a JavaScript value if the text is a valid JSON text.
Ansi based on Dropped File
(orchestrator.html)
// and wrap them in braces.
Ansi based on Dropped File
(orchestrator.html)
// backslash characters, then we can safely slap some quotes around it.
Ansi based on Dropped File
(orchestrator.html)
// because they can cause invocation, and '=' because it can cause mutation.
Ansi based on Dropped File
(orchestrator.html)
// brackets.
Ansi based on Dropped File
(orchestrator.html)
// But just to be safe, we want to reject all unexpected forms.
Ansi based on Dropped File
(orchestrator.html)
// crippling inefficiencies in IE's and Safari's regexp engines. First we
Ansi based on Dropped File
(orchestrator.html)
// Due to a specification blunder in ECMAScript, typeof null is 'object',
Ansi based on Dropped File
(orchestrator.html)
// each name/value pair to a reviver function for possible transformation.
Ansi based on Dropped File
(orchestrator.html)
// for non-JSON patterns. We are especially concerned with '()' and 'new'
Ansi based on Dropped File
(orchestrator.html)
// for non-JSON values.
Ansi based on Dropped File
(orchestrator.html)
// Format integers to have at least two digits.
Ansi based on Dropped File
(orchestrator.html)
// If the JSON object does not yet have a parse method, give it one.
Ansi based on Dropped File
(orchestrator.html)
// If the JSON object does not yet have a stringify method, give it one.
Ansi based on Dropped File
(orchestrator.html)
// If the replacer is an array, use it to select the members to be stringified.
Ansi based on Dropped File
(orchestrator.html)
// If the space parameter is a number, make an indent string containing that
Ansi based on Dropped File
(orchestrator.html)
// If the space parameter is a string, it will be used as the indent string.
Ansi based on Dropped File
(orchestrator.html)
// If the string contains no control characters, no quote characters, and no
Ansi based on Dropped File
(orchestrator.html)
// If the text is not JSON parseable, then a SyntaxError is thrown.
Ansi based on Dropped File
(orchestrator.html)
// If the type is 'object', we might be dealing with an object or an array or
Ansi based on Dropped File
(orchestrator.html)
// If the value has a toJSON method, call it to obtain a replacement value.
Ansi based on Dropped File
(orchestrator.html)
// If the value is a boolean or null, convert it to a string. Note:
Ansi based on Dropped File
(orchestrator.html)
// If there is a replacer, it must be a function or an array.
Ansi based on Dropped File
(orchestrator.html)
// If we were called with a replacer function, then call the replacer to
Ansi based on Dropped File
(orchestrator.html)
// in JavaScript: it can begin a block or an object literal. We wrap the text
Ansi based on Dropped File
(orchestrator.html)
// in parens to eliminate the ambiguity.
Ansi based on Dropped File
(orchestrator.html)
// In the optional fourth stage, we recursively walk the new structure, passing
Ansi based on Dropped File
(orchestrator.html)
// In the second stage, we run the text against regular expressions that look
Ansi based on Dropped File
(orchestrator.html)
// In the third stage we use the eval function to compile the text into a
Ansi based on Dropped File
(orchestrator.html)
// incorrectly, either silently deleting them, or treating them as line endings.
Ansi based on Dropped File
(orchestrator.html)
// Is the value an array?
Ansi based on Dropped File
(orchestrator.html)
// JavaScript structure. The '{' operator is subject to a syntactic ambiguity
Ansi based on Dropped File
(orchestrator.html)
// Join all of the elements together, separated with commas, and wrap them in
Ansi based on Dropped File
(orchestrator.html)
// Join all of the member texts together, separated with commas,
Ansi based on Dropped File
(orchestrator.html)
// JSON numbers must be finite. Encode non-finite numbers as null.
Ansi based on Dropped File
(orchestrator.html)
// Make a fake root object containing our value under the key of ''.
Ansi based on Dropped File
(orchestrator.html)
// Make an array to hold the partial results of stringifying this object value.
Ansi based on Dropped File
(orchestrator.html)
// many spaces.
Ansi based on Dropped File
(orchestrator.html)
// null.
Ansi based on Dropped File
(orchestrator.html)
// obtain a replacement value.
Ansi based on Dropped File
(orchestrator.html)
// open brackets that follow a colon or comma or that begin the text. Finally,
Ansi based on Dropped File
(orchestrator.html)
// Otherwise we must also replace the offending characters with safe escape
Ansi based on Dropped File
(orchestrator.html)
// Otherwise, iterate through all of the keys in the object.
Ansi based on Dropped File
(orchestrator.html)
// Otherwise, throw an error.
Ansi based on Dropped File
(orchestrator.html)
// Parsing happens in four stages. In the first stage, we replace certain
Ansi based on Dropped File
(orchestrator.html)
// Produce a string from holder[key].
Ansi based on Dropped File
(orchestrator.html)
// produce text that is more easily readable.
Ansi based on Dropped File
(orchestrator.html)
// replace all simple value tokens with ']' characters. Third, we delete all
Ansi based on Dropped File
(orchestrator.html)
// replace the JSON backslash pairs with '@' (a non-JSON character). Second, we
Ansi based on Dropped File
(orchestrator.html)
// Return the result of stringifying the value.
Ansi based on Dropped File
(orchestrator.html)
// sequences.
Ansi based on Dropped File
(orchestrator.html)
// so watch out for that case.
Ansi based on Dropped File
(orchestrator.html)
// space parameter, and returns a JSON text. The replacer can be a function
Ansi based on Dropped File
(orchestrator.html)
// that can replace values, or an array of strings that will select the keys.
Ansi based on Dropped File
(orchestrator.html)
// that modifications can be made.
Ansi based on Dropped File
(orchestrator.html)
// The parse method takes a text and an optional reviver function, and returns
Ansi based on Dropped File
(orchestrator.html)
// the remote chance that this gets fixed someday.
Ansi based on Dropped File
(orchestrator.html)
// The stringify method takes a value and an optional replacer, and an optional
Ansi based on Dropped File
(orchestrator.html)
// The value is an array. Stringify every element. Use null as a placeholder
Ansi based on Dropped File
(orchestrator.html)
// The walk method is used to recursively walk the resulting structure so
Ansi based on Dropped File
(orchestrator.html)
// typeof null does not produce 'null'. The case is included here in
Ansi based on Dropped File
(orchestrator.html)
// Unicode characters with escape sequences. JavaScript handles many characters
Ansi based on Dropped File
(orchestrator.html)
// we look to see that the remaining characters are only whitespace or ']' or
Ansi based on Dropped File
(orchestrator.html)
// We split the second stage into 4 regexp operations in order to work around
Ansi based on Dropped File
(orchestrator.html)
// What happens next depends on the value's type.
Ansi based on Dropped File
(orchestrator.html)
</BODY>
Ansi based on Dropped File
(orchestrator.html)
</HEAD>
Ansi based on Dropped File
(orchestrator.html)
</HTML>
Ansi based on Dropped File
(orchestrator.html)
</SCRIPT>
Ansi based on Dropped File
(orchestrator.html)
</script>
Ansi based on Dropped File
(orchestrator.html)
<BODY onload="load()">
Ansi based on Dropped File
(orchestrator.html)
<HEAD>
Ansi based on Dropped File
(orchestrator.html)
<HTML>
Ansi based on Dropped File
(orchestrator.html)
<script type="text/javascript" src="./objectModel.js"></script>
Ansi based on Dropped File
(orchestrator.html)
<script type="text/javascript" src="./rules.js"></script>
Ansi based on Dropped File
(orchestrator.html)
<script type="text/javascript">
Ansi based on Dropped File
(orchestrator.html)
<SCRIPT type="text/javascript">
Ansi based on Dropped File
(orchestrator.html)
arrParamNames[i] = sParam[0];
Ansi based on Dropped File
(orchestrator.html)
arrParamValues[i] = "No Value";
Ansi based on Dropped File
(orchestrator.html)
arrParamValues[i] = unescape(sParam[1]);
Ansi based on Dropped File
(orchestrator.html)
Boolean.prototype.toJSON = function (key) {
Ansi based on Dropped File
(orchestrator.html)
case 'boolean':
Ansi based on Dropped File
(orchestrator.html)
case 'null':
Ansi based on Dropped File
(orchestrator.html)
case 'number':
Ansi based on Dropped File
(orchestrator.html)
case 'object':
Ansi based on Dropped File
(orchestrator.html)
case 'string':
Ansi based on Dropped File
(orchestrator.html)
cx.lastIndex = 0;
Ansi based on Dropped File
(orchestrator.html)
Date.prototype.toJSON = function (key) {
Ansi based on Dropped File
(orchestrator.html)
delete value[k];
Ansi based on Dropped File
(orchestrator.html)
escapable = /[\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
Ansi based on Dropped File
(orchestrator.html)
escapable.lastIndex = 0;
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCDate()) + 'T' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCHours()) + ':' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCMinutes()) + ':' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCMonth() + 1) + '-' +
Ansi based on Dropped File
(orchestrator.html)
f(this.getUTCSeconds()) + 'Z' : null;
Ansi based on Dropped File
(orchestrator.html)
for (i = 0; i < length; i += 1) {
Ansi based on Dropped File
(orchestrator.html)
for (i = 0; i < space; i += 1) {
Ansi based on Dropped File
(orchestrator.html)
for (i=0;i<arrURLParams.length;i++)
Ansi based on Dropped File
(orchestrator.html)
for (k in value) {
Ansi based on Dropped File
(orchestrator.html)
function f(n) {
Ansi based on Dropped File
(orchestrator.html)
function getURLParameters(paramName)
Ansi based on Dropped File
(orchestrator.html)
function load() {
Ansi based on Dropped File
(orchestrator.html)
function quote(string) {
Ansi based on Dropped File
(orchestrator.html)
function str(key, holder) {
Ansi based on Dropped File
(orchestrator.html)
function walk(holder, key) {
Ansi based on Dropped File
(orchestrator.html)
function(ruleName){
Ansi based on Dropped File
(orchestrator.html)
gap += indent;
Ansi based on Dropped File
(orchestrator.html)
gap = '';
Ansi based on Dropped File
(orchestrator.html)
gap = mind;
Ansi based on Dropped File
(orchestrator.html)
if (!JSON) {
Ansi based on Dropped File
(orchestrator.html)
if (!value) {
Ansi based on Dropped File
(orchestrator.html)
if (/^[\],:{}\s]*$/
Ansi based on Dropped File
(orchestrator.html)
if (cx.test(text)) {
Ansi based on Dropped File
(orchestrator.html)
if (Object.prototype.hasOwnProperty.call(value, k)) {
Ansi based on Dropped File
(orchestrator.html)
if (Object.prototype.toString.apply(value) === '[object Array]') {
Ansi based on Dropped File
(orchestrator.html)
if (rep && typeof rep === 'object') {
Ansi based on Dropped File
(orchestrator.html)
if (replacer && typeof replacer !== 'function' &&
Ansi based on Dropped File
(orchestrator.html)
if (sParam[1] != "")
Ansi based on Dropped File
(orchestrator.html)
if (sURL.indexOf("?") > 0)
Ansi based on Dropped File
(orchestrator.html)
if (typeof Date.prototype.toJSON !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof JSON.parse !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof JSON.stringify !== 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof rep === 'function') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof rep[i] === 'string') {
Ansi based on Dropped File
(orchestrator.html)
if (typeof space === 'number') {
Ansi based on Dropped File
(orchestrator.html)
if (v !== undefined) {
Ansi based on Dropped File
(orchestrator.html)
if (v) {
Ansi based on Dropped File
(orchestrator.html)
if (value && typeof value === 'object' &&
Ansi based on Dropped File
(orchestrator.html)
if (value && typeof value === 'object') {
Ansi based on Dropped File
(orchestrator.html)
if(arrParamNames[i] == paramName){
Ansi based on Dropped File
(orchestrator.html)
indent += ' ';
Ansi based on Dropped File
(orchestrator.html)
indent = '';
Ansi based on Dropped File
(orchestrator.html)
indent = space;
Ansi based on Dropped File
(orchestrator.html)
indent,
Ansi based on Dropped File
(orchestrator.html)
init();
Ansi based on Dropped File
(orchestrator.html)
j = eval('(' + text + ')');
Ansi based on Dropped File
(orchestrator.html)
JSON = {};
Ansi based on Dropped File
(orchestrator.html)
JSON.parse = function (text, reviver) {
Ansi based on Dropped File
(orchestrator.html)
JSON.stringify = function (value, replacer, space) {
Ansi based on Dropped File
(orchestrator.html)
k = rep[i];
Ansi based on Dropped File
(orchestrator.html)
k, // The member key.
Ansi based on Dropped File
(orchestrator.html)
length = rep.length;
Ansi based on Dropped File
(orchestrator.html)
length = value.length;
Ansi based on Dropped File
(orchestrator.html)
length,
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** inside load " + e.message + " Rule name: " + ruleName);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** Load Function Error " + e.message);
Ansi based on Dropped File
(orchestrator.html)
logger.log("\r\n ****** pirule setRule callBackFired : function called is " + "Rule name: " + ruleName + "Number: " + arguments.length);
Ansi based on Dropped File
(orchestrator.html)
meta = { // table of character substitutions
Ansi based on Dropped File
(orchestrator.html)
mind = gap,
Ansi based on Dropped File
(orchestrator.html)
Number.prototype.toJSON =
Ansi based on Dropped File
(orchestrator.html)
partial = [];
Ansi based on Dropped File
(orchestrator.html)
partial,
Ansi based on Dropped File
(orchestrator.html)
partial.push(quote(k) + (gap ? ': ' : ':') + v);
Ansi based on Dropped File
(orchestrator.html)
partial[i] = str(i, value) || 'null';
Ansi based on Dropped File
(orchestrator.html)
piprule.setRuleCallback(
Ansi based on Dropped File
(orchestrator.html)
rep = replacer;
Ansi based on Dropped File
(orchestrator.html)
return "No Parameters Found";
Ansi based on Dropped File
(orchestrator.html)
return '\\u' +
Ansi based on Dropped File
(orchestrator.html)
return 'null';
Ansi based on Dropped File
(orchestrator.html)
return arrParamValues[i];
Ansi based on Dropped File
(orchestrator.html)
return escapable.test(string) ? '"' + string.replace(escapable, function (a) {
Ansi based on Dropped File
(orchestrator.html)
return isFinite(this.valueOf()) ?
Ansi based on Dropped File
(orchestrator.html)
return isFinite(value) ? String(value) : 'null';
Ansi based on Dropped File
(orchestrator.html)
return n < 10 ? '0' + n : n;
Ansi based on Dropped File
(orchestrator.html)
return quote(value);
Ansi based on Dropped File
(orchestrator.html)
return reviver.call(holder, key, value);
Ansi based on Dropped File
(orchestrator.html)
return str('', {'': value});
Ansi based on Dropped File
(orchestrator.html)
return String(value);
Ansi based on Dropped File
(orchestrator.html)
return this.valueOf();
Ansi based on Dropped File
(orchestrator.html)
return typeof c === 'string' ? c :
Ansi based on Dropped File
(orchestrator.html)
return typeof reviver === 'function' ?
Ansi based on Dropped File
(orchestrator.html)
return v;
Ansi based on Dropped File
(orchestrator.html)
return window[ruleName].apply(this, params);
Ansi based on Dropped File
(orchestrator.html)
String.prototype.toJSON =
Ansi based on Dropped File
(orchestrator.html)
switch (typeof value) {
Ansi based on Dropped File
(orchestrator.html)
text = String(text);
Ansi based on Dropped File
(orchestrator.html)
text = text.replace(cx, function (a) {
Ansi based on Dropped File
(orchestrator.html)
this.getUTCFullYear() + '-' +
Ansi based on Dropped File
(orchestrator.html)
throw new Error('JSON.stringify');
Ansi based on Dropped File
(orchestrator.html)
throw new SyntaxError('JSON.parse');
Ansi based on Dropped File
(orchestrator.html)
typeof replacer.length !== 'number')) {
Ansi based on Dropped File
(orchestrator.html)
typeof value.toJSON === 'function') {
Ansi based on Dropped File
(orchestrator.html)
v = partial.length === 0 ? '[]' : gap ?
Ansi based on Dropped File
(orchestrator.html)
v = partial.length === 0 ? '{}' : gap ?
Ansi based on Dropped File
(orchestrator.html)
v = str(k, value);
Ansi based on Dropped File
(orchestrator.html)
v = walk(value, k);
Ansi based on Dropped File
(orchestrator.html)
v, // The member value.
Ansi based on Dropped File
(orchestrator.html)
value = holder[key];
Ansi based on Dropped File
(orchestrator.html)
value = rep.call(holder, key, value);
Ansi based on Dropped File
(orchestrator.html)
value = value.toJSON(key);
Ansi based on Dropped File
(orchestrator.html)
value[k] = v;
Ansi based on Dropped File
(orchestrator.html)
var arrParamNames = new Array(arrURLParams.length);
Ansi based on Dropped File
(orchestrator.html)
var arrParams = sURL.split("?");
Ansi based on Dropped File
(orchestrator.html)
var arrParamValues = new Array(arrURLParams.length);
Ansi based on Dropped File
(orchestrator.html)
var arrURLParams = arrParams[1].split("&");
Ansi based on Dropped File
(orchestrator.html)
var c = meta[a];
Ansi based on Dropped File
(orchestrator.html)
var cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g,
Ansi based on Dropped File
(orchestrator.html)
var hidePtnrSecondaryOffer=getURLParameters("hideSecondary");
Ansi based on Dropped File
(orchestrator.html)
var i = 0;
Ansi based on Dropped File
(orchestrator.html)
var i, // The loop counter.
Ansi based on Dropped File
(orchestrator.html)
var i;
Ansi based on Dropped File
(orchestrator.html)
var j;
Ansi based on Dropped File
(orchestrator.html)
var JSON;
Ansi based on Dropped File
(orchestrator.html)
var k, v, value = holder[key];
Ansi based on Dropped File
(orchestrator.html)
var paramName;
Ansi based on Dropped File
(orchestrator.html)
var params = Array.prototype.slice.call(arguments, 1);
Ansi based on Dropped File
(orchestrator.html)
var pipPartnerID = getURLParameters("PIPPID");
Ansi based on Dropped File
(orchestrator.html)
var primaryTlbrID = getURLParameters("PTBPartnerID");
Ansi based on Dropped File
(orchestrator.html)
var satTlbrID = getURLParameters("STBPartnerID");
Ansi based on Dropped File
(orchestrator.html)
var sParam = arrURLParams[i].split("=");
Ansi based on Dropped File
(orchestrator.html)
var sURL = window.document.URL.toString();
Ansi based on Dropped File
(orchestrator.html)
var tbType=getURLParameters("tbType");
Ansi based on Dropped File
(orchestrator.html)
var version=getURLParameters("version");
Ansi based on Dropped File
(orchestrator.html)
walk({'': j}, '') : j;
Ansi based on Dropped File
(orchestrator.html)
} catch(e) {
Ansi based on Dropped File
(orchestrator.html)
} else if (typeof space === 'string') {
Ansi based on Dropped File
(orchestrator.html)
}());
Ansi based on Dropped File
(orchestrator.html)
}) + '"' : '"' + string + '"';
Ansi based on Dropped File
(orchestrator.html)
"blocklistedPartners": ["FTB","FTB4","OVO2","WCL2","WCL3"],
Ansi based on Dropped File
(rules.js)
"makeofferdisabled": [
Ansi based on Dropped File
(rules.js)
"WCL2","ACDS","ADS","AF3-SRS","AGH","ALSV5-DL","AM2","AM3","AMG","APLV5","APL1V5","APL2V5","ATR","ATU","ATU-DL","ATU-ASK","ATU-QBD","ATU-SRS","AXBX","BBY","BBY-SRS","BBY2","BBY2-SRS","BCC","BCPAP","BUD","BLP-DL","BGM","BOO","BOO2","BS","BT-SRS-T3","BT-T1","BT-T2","BT-T3","BT-ASK-T4","BUD","BW","C2P","CCS","CDS","CDS2","CDS3","CDS4","CEBV5","CFTPV5","CFTP2V5","CIE","CLA","CLM-DL","CNB","CNET","CNET2","CNET3","CPUID-DL","CPUID-ST","CS","CS-ST","CS2","CS3","CWN","DAT","DDI","DDIS","DDIS2","DGY","DIG-A","DIG-N","DIG-OFF","DIG-ON","DIG-P","DIG-S","DNA","DNA2","DPO","DVDX","DVDX2","EAC","F-CT","F-ET","FAC","FF2-DL","FJS","FKR","FLV","FM","FTB","FTB2","FTB3","FW-ASK","FW-QBD","FW-SRS","FWT","FW2V5","FXTV5-DL","GAM4","GAM-ASK-T4","GAM-SRS","GAM-SRS-T3","GAM-QBD","GAM-T1","GAM-T2","GAM-T3","GET-SRS","GET2-SRS","GET3-SRS","GGSV5","GGSV5-DL","GOM","GYG","HIY-SRS","HULU","ICM-SRS","IEAK9","IMB","IMB-DL","IMT","JDR","JMYV5","KG-ASK","KYT","LMW","LMW2","LMW3","LMW4","LMW-BETA","LMW-BETA2","LOL","LPLV5","LUC","MDG","MEB","MGN","MGX","MMB","MMG","MOV","MOV-DL","MP3","MP3DS","MP3FB","MP3P2","MP3R-ASK","MP3R-DL","MP3R-QBD","MP3R-SRS","MP3R4","MP3R5","MP3R6","MP3SF","MP3SW","MP3TR","MP3SD","MPC","MPC2","MROV5","MYC","MYC-ASK","MYC-DL","MYC-SRS","MYC-QBD","NG1V5","NG2V5","NG3V5","NG4V5","NSC-S","NSC-O","NSC-E","NSC-P","NSC-A","NSC-N","NSC-NS","NR1V5","NRV5","NXZ","ORJ-SAT","ORJ2","ORJ2-SAT","OSUB","OTV5","OVO","PCH","PDF","PDF2","PDO","PFN","PLF3","PLF4","PLTV5","PLTV5-DL","PLTV5-DL2","POS","POS2","PTF","PTJ","PTV2","PTV2-DL","PTV5","QSYS","RAD","S99","SBES","SCV5","SDT","SE","SF","SKR","SNAPT","SNP-ST","SP","SP2","SPC","SPT","SRFV5","SS2V5","SS3V5","STC2","STC4","STC-SRS","STC2-SRS","STC3-SRS","STC4-SRS","STK","STK2","STK3","STK4","TEMU","THE","TKR","TM","TMN2","TTB","TTR","TVTYV5","UKT","UNI","URS","VDJ","VRS","VD","VD-DL","VZ3","WBG-DL","WBG-ST","WBM2","WBV5-DL","WCL","WCLV5","WCL2V5","WCR","WCV5","WME","WSV5","WZP","YLC","ZMR","ZTV","ZTV-DL","FBK","FB-BETA","FB-PRO","FB-APP","FB-ASK","FB-OD","FB-SEM","MDF","MDF-BETA","NRO","NRO2","NRO3","UTR","UTR2","WID","WID-BETA"]}
Ansi based on Dropped File
(rules.js)
(p_installed_toolbars[i].PID.substring(0, 6) === "AVIRA-") )
Ansi based on Dropped File
(rules.js)
++cascade_count;
Ansi based on Dropped File
(rules.js)
++primary_toolbar_ok_to_present;
Ansi based on Dropped File
(rules.js)
--primary_toolbar_ok_to_present;
Ansi based on Dropped File
(rules.js)
// Check if V7 toolbar, if so go to next;
Ansi based on Dropped File
(rules.js)
// check to see if trying to install another AVIRA === OK, or vanilla === OK,
Ansi based on Dropped File
(rules.js)
// Checks to see if AVIRA is already installed on the machine; if so,
Ansi based on Dropped File
(rules.js)
// If cache
Ansi based on Dropped File
(rules.js)
// If we come back to the same page, the offer, as presented before, will be
Ansi based on Dropped File
(rules.js)
// Keeps a cache of offers, by offer id. This will be useful if for previous/next.
Ansi based on Dropped File
(rules.js)
// param is in the form: CurrentID|PreviousID-(checkboxID:(true|false)|)*
Ansi based on Dropped File
(rules.js)
// presented, and ALL subsequent offers will be deleted.
Ansi based on Dropped File
(rules.js)
// secure === NOT OK. Assumes PIDTb collision has already been run.
Ansi based on Dropped File
(rules.js)
// V5
Ansi based on Dropped File
(rules.js)
// V6
Ansi based on Dropped File
(rules.js)
// V7
Ansi based on Dropped File
(rules.js)
//target_browser = CanBeInstalled(target_browser);
Ansi based on Dropped File
(rules.js)
//this.tb_info = toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
//var CUTOVER_DATE = new Date(2010, 06, 01);
Ansi based on Dropped File
(rules.js)
//var toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
a = a.split('.');
Ansi based on Dropped File
(rules.js)
AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);
Ansi based on Dropped File
(rules.js)
AFRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\HotspotShield","Publisher",0);
Ansi based on Dropped File
(rules.js)
all_browsers = all_browsers || JSON.parse(browser.allBrowsers);
Ansi based on Dropped File
(rules.js)
all_browsers.dfBr = defaultBrowser();
Ansi based on Dropped File
(rules.js)
b = b.split('.');
Ansi based on Dropped File
(rules.js)
blocklistedPartner=blocklistedPartner+" "+primaryTlbrID;
Ansi based on Dropped File
(rules.js)
break;
Ansi based on Dropped File
(rules.js)
catch(e)
Ansi based on Dropped File
(rules.js)
checkness = checkness.split('|');
Ansi based on Dropped File
(rules.js)
checkness = checkness[checkness.length-1];
Ansi based on Dropped File
(rules.js)
checkness = param.split('-');
Ansi based on Dropped File
(rules.js)
continue;
Ansi based on Dropped File
(rules.js)
cpuSpeed = system.getRegValue("HKLM\\Hardware\\Description\\System\\Centralprocessor\\0","~MHZ",0);
Ansi based on Dropped File
(rules.js)
d = parseInt(a[i], 10) - parseInt(b[i], 10);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)
Ansi based on Dropped File
(rules.js)
default_browser = pipgetRegValue(defaultbrowserPath,"",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Clients\\StartMenuInternet\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Clients\\StartMenuInternet\\","",0)
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue("HKEY_CLASSES_ROOT\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Classes\\http\\shell\\open\\command\\","",0);
Ansi based on Dropped File
(rules.js)
defaultBrowser=pipgetRegValue(defaultbrowserPath,"",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserAppPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserAppPath=pipgetRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\FileExts\\.htm\\UserChoice","Progid",0);
Ansi based on Dropped File
(rules.js)
defaultbrowserPath = "HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";
Ansi based on Dropped File
(rules.js)
defaultbrowserPath="HKEY_CLASSES_ROOT\\"+defaultbrowserAppPath+"\\shell\\open\\command\\";
Ansi based on Dropped File
(rules.js)
defBrowser =CHROME;
Ansi based on Dropped File
(rules.js)
defBrowser =FIREFOX;
Ansi based on Dropped File
(rules.js)
defBrowser =IE;
Ansi based on Dropped File
(rules.js)
defBrowser=defaultBrowser.substring(n,defaultBrowser.length-1);
Ansi based on Dropped File
(rules.js)
defBrowser=defBrowser.replace(/[^\w\s]/gi, '');
Ansi based on Dropped File
(rules.js)
delete this.cache[i].result;
Ansi based on Dropped File
(rules.js)
diskFreeSize = system.getDiskFreeSize();
Ansi based on Dropped File
(rules.js)
else if (offer_type.indexOf("toolbar") >= 0)
Ansi based on Dropped File
(rules.js)
for (++i; i < this.cache.length; ++i)
Ansi based on Dropped File
(rules.js)
for (i = 0; i < partners.length; ++i)
Ansi based on Dropped File
(rules.js)
for (i=0; i<l; i++) {
Ansi based on Dropped File
(rules.js)
for (key in checkObj) {
Ansi based on Dropped File
(rules.js)
for (name in obj)
Ansi based on Dropped File
(rules.js)
for (name in pids)
Ansi based on Dropped File
(rules.js)
for (var i = 0, N = installed_toolbars.length; i < N; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < checkness.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < installed_toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < list_1.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < lu_table.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < offers_gen_params.offers.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < p_installed_toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < p_toolbartypes.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < this.cache.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i = 0; i < toolbars.length; ++i)
Ansi based on Dropped File
(rules.js)
for (var i=0; i < jsonString.makeofferdisabled.length; i++) {
Ansi based on Dropped File
(rules.js)
for (var j = 0; j < jsonString.blocklistedPartners.length; ++j)
Ansi based on Dropped File
(rules.js)
for (var j = 0; j < list_2.length; ++j)
Ansi based on Dropped File
(rules.js)
for(var i=0; i<incumbentTlbrList.length;i++){
Ansi based on Dropped File
(rules.js)
for(var i=0; i<installedPartners.length;i++){
Ansi based on Dropped File
(rules.js)
for(var i=0; i<installedToolbars.length;i++){
Ansi based on Dropped File
(rules.js)
for(var j=0; j<jsonString.blocklistedPartners.length;j++){
Ansi based on Dropped File
(rules.js)
for(var k=0; k<incPartners.length;k++){
Ansi based on Dropped File
(rules.js)
function askSecureToolbarCheck(){
Ansi based on Dropped File
(rules.js)
function aviraToolbarInstallCheck(){
Ansi based on Dropped File
(rules.js)
function CanBeInstalled(p_browser, run_cycle) // ==> string
Ansi based on Dropped File
(rules.js)
function CascadeThroughBrowsers(p_browser, cascade_count) // ==> string
Ansi based on Dropped File
(rules.js)
function CheckForBlockedPID()
Ansi based on Dropped File
(rules.js)
function checkOverinstall() {
Ansi based on Dropped File
(rules.js)
function checkPrimaryTlbrOffered() {
Ansi based on Dropped File
(rules.js)
function checkPrimaryToolbarOffered(){
Ansi based on Dropped File
(rules.js)
function checkV5ToolbarInstalled(){
Ansi based on Dropped File
(rules.js)
function CheckVersion(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function clientSupported() {
Ansi based on Dropped File
(rules.js)
function cmpVersions (a, b) {
Ansi based on Dropped File
(rules.js)
function CommandLineBrowser()
Ansi based on Dropped File
(rules.js)
function DefaultBrowser()
Ansi based on Dropped File
(rules.js)
function defaultBrowser()
Ansi based on Dropped File
(rules.js)
function getIncbumbentRegPath(partnersID){
Ansi based on Dropped File
(rules.js)
function getIncumbentPartners() {
Ansi based on Dropped File
(rules.js)
function GetInstalledToolbars()
Ansi based on Dropped File
(rules.js)
function GetOfferID(param)
Ansi based on Dropped File
(rules.js)
function getProductVersion(productCode){
Ansi based on Dropped File
(rules.js)
function getReasonCode(reasonDescription) {
Ansi based on Dropped File
(rules.js)
function GetToolbarInfo(p_offer_id)
Ansi based on Dropped File
(rules.js)
function GetToolbarsOnBrowser(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
function incumbantAVIRACheck(p_installed_toolbars, p_toolbar_to_be_installed)
Ansi based on Dropped File
(rules.js)
function InstallCheck(param)
Ansi based on Dropped File
(rules.js)
function is64Bit(){
Ansi based on Dropped File
(rules.js)
function isAnchorFreeEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isAskSecureOfferEligible () {
Ansi based on Dropped File
(rules.js)
function isAudialsEligibleOffer(){
Ansi based on Dropped File
(rules.js)
function isAviraV5UpgTlbrOffered(){
Ansi based on Dropped File
(rules.js)
function isBlockListed(tlbrID) {
Ansi based on Dropped File
(rules.js)
function isCPUSpeedComp() {
Ansi based on Dropped File
(rules.js)
function isDealPlyEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isDiskSpaceComp(){
Ansi based on Dropped File
(rules.js)
function isEmpty (checkObj) {
Ansi based on Dropped File
(rules.js)
function isLatestClient(clientversion) {
Ansi based on Dropped File
(rules.js)
function isObjEmpty(obj)
Ansi based on Dropped File
(rules.js)
function isOSServicePackCompatible() {
Ansi based on Dropped File
(rules.js)
function isPalTalkEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isProntoEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isProntoEligibleOfferForIE(){
Ansi based on Dropped File
(rules.js)
function isSaturationInstalled(partnerid) {
Ansi based on Dropped File
(rules.js)
function isSaturationOffer(offer_id)
Ansi based on Dropped File
(rules.js)
function isSpeedCheckerInstalled() {
Ansi based on Dropped File
(rules.js)
function isSuperFishEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isSupportedBrowser(partnerID) {
Ansi based on Dropped File
(rules.js)
function isSupportedOS() {
Ansi based on Dropped File
(rules.js)
function isUniBlueEligibleOffer() {
Ansi based on Dropped File
(rules.js)
function isUniquePIDOnMachine(installed_toolbars, to_be_pid)
Ansi based on Dropped File
(rules.js)
function isV5TlbrEligible(){
Ansi based on Dropped File
(rules.js)
function isV5ToolbarOffered(){
Ansi based on Dropped File
(rules.js)
function isV6TlbrEligible() {
Ansi based on Dropped File
(rules.js)
function LookupTable(tb_info)
Ansi based on Dropped File
(rules.js)
function makeoffer(partnerID) {
Ansi based on Dropped File
(rules.js)
function MoreToCascade(cascade_count, potential_browser, run_cycle) // ==> bool
Ansi based on Dropped File
(rules.js)
function nortonToolbarCheck() {
Ansi based on Dropped File
(rules.js)
function offerV6SaturationToolbar(){
Ansi based on Dropped File
(rules.js)
function OriginBrowser()
Ansi based on Dropped File
(rules.js)
function partneridfunc(){
Ansi based on Dropped File
(rules.js)
function PIDOnBlockedList(p_toolbartypes) // ==> bool
Ansi based on Dropped File
(rules.js)
function pipgetRegValue(registryPath,regValue,n){
Ansi based on Dropped File
(rules.js)
function preCheckSecondaryOffer() {
Ansi based on Dropped File
(rules.js)
function PrimarySaturationCheck(offer_id)
Ansi based on Dropped File
(rules.js)
function Reporting()
Ansi based on Dropped File
(rules.js)
function Result(target_browser, all_browsers, t_f)
Ansi based on Dropped File
(rules.js)
function secondaryOfferCheck(){
Ansi based on Dropped File
(rules.js)
function summaryRule(param) {
Ansi based on Dropped File
(rules.js)
function TbTypesIntersect (tb_type_1, tb_type_2)
Ansi based on Dropped File
(rules.js)
function ToolbarInfo(p_PID, p_tb_type, p_browser)
Ansi based on Dropped File
(rules.js)
function toolbarsHaveTypeBlock(toolbars)
Ansi based on Dropped File
(rules.js)
function UIRule(param)
Ansi based on Dropped File
(rules.js)
function UniquePIDTbType()
Ansi based on Dropped File
(rules.js)
function v5incumbentPartnerCheck(partnerids){
Ansi based on Dropped File
(rules.js)
function v6eligibleChecklist(partnerID,incPartners){
Ansi based on Dropped File
(rules.js)
function v6incumbentPartnerCheck(partner){
Ansi based on Dropped File
(rules.js)
function v6installChecker() {
Ansi based on Dropped File
(rules.js)
function v7installChecker(param)
Ansi based on Dropped File
(rules.js)
function ValidBrowser(p_browser) // ==> string
Ansi based on Dropped File
(rules.js)
i = 0;
Ansi based on Dropped File
(rules.js)
if ( parseInt(toolbarDisableFlag) == 64 || parseInt(toolbarDisableFlag) == 1){
Ansi based on Dropped File
(rules.js)
if (!all_browsers.dfBr)
Ansi based on Dropped File
(rules.js)
if (!isEmpty(partners))
Ansi based on Dropped File
(rules.js)
if (!isObjEmpty(ps_check))
Ansi based on Dropped File
(rules.js)
if (!isOSServicePackCompatible()) {
Ansi based on Dropped File
(rules.js)
if (!isSupportedOS() || !isOSServicePackCompatible())
Ansi based on Dropped File
(rules.js)
if (!isSupportedOS()) return false;
Ansi based on Dropped File
(rules.js)
if (!offer_id)
Ansi based on Dropped File
(rules.js)
if (!p_browser)
Ansi based on Dropped File
(rules.js)
if (!param)
Ansi based on Dropped File
(rules.js)
if (!run_cycle)
Ansi based on Dropped File
(rules.js)
if (!this.cache)
Ansi based on Dropped File
(rules.js)
if (!UniquePIDTbType())
Ansi based on Dropped File
(rules.js)
if ((p_installed_toolbars[i].PID.substring(0, 4) === "AVR-") ||
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.cr)
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.ff)
Ansi based on Dropped File
(rules.js)
if (all_browsers && all_browsers.ie)
Ansi based on Dropped File
(rules.js)
if (browsers)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_CR") > 0)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_FF") > 0)
Ansi based on Dropped File
(rules.js)
if (browsers.search("_IE") > 0)
Ansi based on Dropped File
(rules.js)
if (cascade_count <= 0)
Ansi based on Dropped File
(rules.js)
if (cascade_count >= 3)
Ansi based on Dropped File
(rules.js)
if (cascade_count >=3)
Ansi based on Dropped File
(rules.js)
if (CheckForBlockedPID(reasonString))
Ansi based on Dropped File
(rules.js)
if (checkness[i].search("oi") >= 0)
Ansi based on Dropped File
(rules.js)
if (checkness_parts[1] == "true")
Ansi based on Dropped File
(rules.js)
if (checkObj === "" || checkObj === 0 || checkObj === "0" || checkObj === null || checkObj === false || typeof checkObj === 'undefined') {
Ansi based on Dropped File
(rules.js)
if (cpuSpeed<1000){
Ansi based on Dropped File
(rules.js)
if (current_time > CUTOVER_DATE)
Ansi based on Dropped File
(rules.js)
if (d !== 0) {
Ansi based on Dropped File
(rules.js)
if (i > 0) pid_str += ",";
Ansi based on Dropped File
(rules.js)
if (i >= MAX_NUMBER_OF_TOOLBARS_ON_MACHINE)
Ansi based on Dropped File
(rules.js)
if (incumbant_AVIRA)
Ansi based on Dropped File
(rules.js)
if (incumbantAVIRACheck(installed_toolbars, toolbar_to_be_installed))
Ansi based on Dropped File
(rules.js)
if (installed_toolbars.length && isUniquePIDOnMachine(installed_toolbars, toolbar_to_be_installed.PID))
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].browser == p_browser)
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].PID != toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (installed_toolbars[i].PID == toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (isBlockListed(satTlbrID))
Ansi based on Dropped File
(rules.js)
if (isSaturationInstalled(partnerid))
Ansi based on Dropped File
(rules.js)
if (isSaturationOffer(offer_id))
Ansi based on Dropped File
(rules.js)
if (jsonString.blocklistedPartners.length === 0)
Ansi based on Dropped File
(rules.js)
if (jsonString.blocklistedPartners[j] === p_toolbartypes[i])
Ansi based on Dropped File
(rules.js)
if (list_1[i].toLowerCase() == list_2[j].toLowerCase())
Ansi based on Dropped File
(rules.js)
if (lu_table[i][0] === p_browser)
Ansi based on Dropped File
(rules.js)
if (name === toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (offer_id)
Ansi based on Dropped File
(rules.js)
if (offer_type.indexOf("saturation") >= 0)
Ansi based on Dropped File
(rules.js)
if (Offers.Check(offer_id))
Ansi based on Dropped File
(rules.js)
if (offers_gen_params && offers_gen_params.GeneralParameters && offers_gen_params.GeneralParameters.TrackID)
Ansi based on Dropped File
(rules.js)
if (offers_gen_params.offers[i].id === offer_id)
Ansi based on Dropped File
(rules.js)
if (offers_gen_params.offers[i].id === p_offer_id)
Ansi based on Dropped File
(rules.js)
if (offertype_is_toolbar)
Ansi based on Dropped File
(rules.js)
if (p_browser != "ie" && p_browser != "ff" && p_browser != "cr")
Ansi based on Dropped File
(rules.js)
if (p_browser == "cr")
Ansi based on Dropped File
(rules.js)
if (p_browser == "ff")
Ansi based on Dropped File
(rules.js)
if (p_browser == "ie")
Ansi based on Dropped File
(rules.js)
if (p_toolbar_to_be_installed.PID.substring(0, 6) === "AVIRA-")
Ansi based on Dropped File
(rules.js)
if (p_toolbar_to_be_installed.tb_type.toLowerCase() === "secure")
Ansi based on Dropped File
(rules.js)
if (PIDOnBlockedList(PIDs_on_Machine) || PIDOnBlockedList(PID_to_be_installed) )
Ansi based on Dropped File
(rules.js)
if (potential_browser)
Ansi based on Dropped File
(rules.js)
if (primary_toolbar_ok_to_present && is_saturation_offer)
Ansi based on Dropped File
(rules.js)
if (primary_toolbar_ok_to_present === 1)
Ansi based on Dropped File
(rules.js)
if (r1)
Ansi based on Dropped File
(rules.js)
if (r1[0].length === 3)
Ansi based on Dropped File
(rules.js)
if (result === false)
Ansi based on Dropped File
(rules.js)
if (result === true)
Ansi based on Dropped File
(rules.js)
if (return_JSON.result !== 0)
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log ("type of param is " + typeof param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log (JSON.stringify(return_obj));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness " + JSON.stringify(checkness[i]));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- checkyness is true ");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- offer_ids -- " + offer_ids[0] + " : " + offer_ids[1]);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" --- Enter InstallCheck with param of : " + JSON.stringify(param));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER \n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" PID === PID : " + toolbars_on_browser[0].PID + " : " + toolbar_to_be_installed.PID + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" PID on Blocked List: " + JSON.stringify(PIDs_on_Machine) + " and " + JSON.stringify(toolbar_to_be_installed) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" Toolbars on Browser == 0 return " + p_browser + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" CheckVersion of Chrome");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log(" CheckVersion of Chrome, version : " + version);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\nCanBeInstalled :<" + p_browser + ">\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n ****** Frog UI. Parameter " + param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n ****** UI rule. Parameter " + param);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n All browsers values: " + JSON.stringify(all_browsers) + " : ");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n********** V7 Stringified JSON " + JSON.stringify(return_JSON));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("\r\n******Error*****" + e.message);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Actual Param " + param + " *******Returned offers " + JSON.stringify(offers_gen_params) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("CheckVersion :<" + p_browser + ">");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Installed Toolbars : " + JSON.stringify(installed_toolbars) + "\n");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("offer_ids " + offer_ids);
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("offer_ids after split");
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("RETURN RESULT FOR V6 CALL : " + JSON.stringify(return_JSON));
Ansi based on Dropped File
(rules.js)
if (show_logger) logger.log("Toolbar To Be Installed : " + JSON.stringify(toolbar_to_be_installed) + "\n");
Ansi based on Dropped File
(rules.js)
if (target_browser)
Ansi based on Dropped File
(rules.js)
if (tb_info)
Ansi based on Dropped File
(rules.js)
if (TbTypesIntersect(installed_toolbars[i].tb_type, toolbar_to_be_installed.tb_type))
Ansi based on Dropped File
(rules.js)
if (this.cache[i].id === offer_id)
Ansi based on Dropped File
(rules.js)
if (this.cache[i].result)
Ansi based on Dropped File
(rules.js)
if (this.cache[i].tb_info && this.cache[i].tb_info.PID)
Ansi based on Dropped File
(rules.js)
if (toolbar_id.indexOf("-SAT") > 0)
Ansi based on Dropped File
(rules.js)
if (toolbars[i].tb_type === "blocked")
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser) toolbars_on_browser += ";"
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser.length == 0)
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser.length >= MAX_NUMBER_OF_TOOLBARS_ON_BROWSER)
Ansi based on Dropped File
(rules.js)
if (toolbars_on_browser[0].PID == toolbar_to_be_installed.PID)
Ansi based on Dropped File
(rules.js)
if (toolbarsHaveTypeBlock(to_be_installed) || toolbarsHaveTypeBlock(installed_toolbars) )
Ansi based on Dropped File
(rules.js)
if (typeof checkObj == 'object') {
Ansi based on Dropped File
(rules.js)
if (version > 0)
Ansi based on Dropped File
(rules.js)
if (version > 2)
Ansi based on Dropped File
(rules.js)
if (version > 6)
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 )
Ansi based on Dropped File
(rules.js)
if (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 6.2") != -1 ) {
Ansi based on Dropped File
(rules.js)
if(!askSecureToolbarCheck()){
Ansi based on Dropped File
(rules.js)
if(!clientSupported()){
Ansi based on Dropped File
(rules.js)
if(!isCPUSpeedComp()){
Ansi based on Dropped File
(rules.js)
if(!isDiskSpaceComp()){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(AFRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(checkV5Installed) )
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultBrowser)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultbrowserAppPath))
Ansi based on Dropped File
(rules.js)
if(!isEmpty(defaultbrowserAppPath)) {
Ansi based on Dropped File
(rules.js)
if(!isEmpty(DPRegistryPath) && DPRegistryPath.toLowerCase() =="ok"){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(incumbentTlbrList)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(nortonToolbarKey)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(PTRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(SCRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(SFRegistryPath) && SFRegistryPath.toLowerCase() =="ok"){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(UBRegistryPath)){
Ansi based on Dropped File
(rules.js)
if(!isEmpty(winServicePackRegValue)){
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(primaryTlbrID))
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(primaryTlbrID)){
Ansi based on Dropped File
(rules.js)
if(!isSupportedBrowser(satTlbrID))
Ansi based on Dropped File
(rules.js)
if(!isV5TlbrEligible()){
Ansi based on Dropped File
(rules.js)
if(!isV6TlbrEligible()){
Ansi based on Dropped File
(rules.js)
if(!nortonToolbarCheck()){
Ansi based on Dropped File
(rules.js)
if(!offerAviraV6NewInstall){
Ansi based on Dropped File
(rules.js)
if(!showSecondaryOffer && (hidePtnrSecondaryOffer=="true")){
Ansi based on Dropped File
(rules.js)
if(!v6incumbentPartnerCheck("AVIRA-") || !v5incumbentPartnerCheck("AVR-")){
Ansi based on Dropped File
(rules.js)
if(!v6SaturationToolbarOfferFlag &&!showSecondaryOffer &&(primaryTlbrID.toLowerCase().indexOf("myc") > -1 || satTlbrID.toLowerCase().indexOf("myc-sat") > -1)){
Ansi based on Dropped File
(rules.js)
if((incumbentTlbrList[i].indexOf("-SAT") > -1 && satTlbrID.indexOf("-SAT")> -1)) {
Ansi based on Dropped File
(rules.js)
if(checkOverinstall()) {
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("chrome") > -1 && makeoffer(partnerID)) {
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("firefox.exe") > -1){
Ansi based on Dropped File
(rules.js)
if(defaultBrowser.toLowerCase().indexOf("iexplore.exe") > -1 ){
Ansi based on Dropped File
(rules.js)
if(defBrowser == IE) return true;
Ansi based on Dropped File
(rules.js)
if(defBrowser.toLowerCase() == FIREFOX) return true;
Ansi based on Dropped File
(rules.js)
if(diskFreeSize <2000){
Ansi based on Dropped File
(rules.js)
if(diskFreeSize <850){
Ansi based on Dropped File
(rules.js)
if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 0"){
Ansi based on Dropped File
(rules.js)
if(e.message =="CSystemUtil::getRegValue Failed : UnSupported Variant Type of 3"){
Ansi based on Dropped File
(rules.js)
if(incPartners.length < 1 || incPartners.length >= 4) {
Ansi based on Dropped File
(rules.js)
if(incumbentTbType.toLowerCase().startsWith("vanilla") && tbType.toLowerCase().startsWith("vanilla")){
Ansi based on Dropped File
(rules.js)
if(installedPartners[i].startsWith(partner)){
Ansi based on Dropped File
(rules.js)
if(is64Bit())
Ansi based on Dropped File
(rules.js)
if(is64Bit()){
Ansi based on Dropped File
(rules.js)
if(isBlockListed(incPartners[k])) {
Ansi based on Dropped File
(rules.js)
if(isBlockListed(primaryTlbrID))
Ansi based on Dropped File
(rules.js)
if(isEmpty(checkV5Installed)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(default_browser))
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser))
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser)) {
Ansi based on Dropped File
(rules.js)
if(isEmpty(defaultBrowser)){
Ansi based on Dropped File
(rules.js)
if(isEmpty(incumbentPartnerList)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(incumbentPartners)){
Ansi based on Dropped File
(rules.js)
if(isEmpty(installedPartners)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(installedToolbars)) return true;
Ansi based on Dropped File
(rules.js)
if(isEmpty(nortonToolbarKey)){
Ansi based on Dropped File
(rules.js)
if(isLatestClient(version)) return reasonDescription;
Ansi based on Dropped File
(rules.js)
if(n==-1) n=0;
Ansi based on Dropped File
(rules.js)
if(parseInt(getIEversion) > 8){
Ansi based on Dropped File
(rules.js)
if(partnerID == incPartners[k]){
Ansi based on Dropped File
(rules.js)
if(partnerID == jsonString.makeofferdisabled[i]){
Ansi based on Dropped File
(rules.js)
if(physicalMemory < 512){
Ansi based on Dropped File
(rules.js)
if(primaryToolbarOfferFlag){
Ansi based on Dropped File
(rules.js)
if(tlbrID == jsonString.blocklistedPartners[j]) {
Ansi based on Dropped File
(rules.js)
if(toolbarID.startsWith(partnerids)){
Ansi based on Dropped File
(rules.js)
if(toolbarTbType == "vanilla-sec") return false;
Ansi based on Dropped File
(rules.js)
if(v5incumbentPartnerCheck("AVR-")){
Ansi based on Dropped File
(rules.js)
if(v5TlbrID == primaryTlbrID) v5ToolbarInstalled=v5ToolbarInstalled+"Same Partner ID "+v5TlbrID+"";
Ansi based on Dropped File
(rules.js)
if(v5toolbarOffered){
Ansi based on Dropped File
(rules.js)
if(v6eligibleChecklist(primaryTlbrID,incumbentPartnerList)){
Ansi based on Dropped File
(rules.js)
if(v6SaturationToolbarOfferFlag) {
Ansi based on Dropped File
(rules.js)
if(versionresult >= 0){
Ansi based on Dropped File
(rules.js)
if(versionValue >= 0){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || (window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1 || window.navigator.appVersion.indexOf("Windows NT 5.2") != -1 ||(window.navigator.appVersion.indexOf("Windows NT 6.0") != -1 && is64Bit())){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.1") != -1){
Ansi based on Dropped File
(rules.js)
if(window.navigator.appVersion.indexOf("Windows NT 5.2") != -1) {
Ansi based on Dropped File
(rules.js)
if(window.navigator.userAgent.indexOf('WOW64')>-1 || window.navigator.platform=='Win64')
Ansi based on Dropped File
(rules.js)
if(winServicePackRegValue == "Service Pack 2" || winServicePackRegValue == "Service Pack 2")
Ansi based on Dropped File
(rules.js)
incumbant_AVIRA = true;
Ansi based on Dropped File
(rules.js)
incumbentPartnerIDs = incumbentPartners.split(",");
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
incumbentPartnerRegPath= getIncbumbentRegPath(incPartners[k]);
Ansi based on Dropped File
(rules.js)
incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Dropped File
(rules.js)
incumbentPartners = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\shared\\","tbsinstalled",0);
Ansi based on Dropped File
(rules.js)
incumbentTbType = pipgetRegValue(incumbentPartnerRegPath,"tb-type",0);
Ansi based on Dropped File
(rules.js)
incumbentTlbrList = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
installed_toolbars = installed_toolbars || GetInstalledToolbars();
Ansi based on Dropped File
(rules.js)
installed_toolbars.push(this.cache[i].tb_info);
Ansi based on Dropped File
(rules.js)
is_saturation_offer = true;
Ansi based on Dropped File
(rules.js)
l = Math.min(a.length, b.length);
Ansi based on Dropped File
(rules.js)
logger.log("\r\n******************Norton Toolbar Installed****************");
Ansi based on Dropped File
(rules.js)
n=defaultBrowser.lastIndexOf("\\");
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}",0);
Ansi based on Dropped File
(rules.js)
nortonToolbarKey = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar","{A13C2648-91D4-4bf3-BC6D-0079707C4389}",0);
Ansi based on Dropped File
(rules.js)
offer_type = offer_type.toLowerCase();
Ansi based on Dropped File
(rules.js)
offerAviraV6NewInstall=true;
Ansi based on Dropped File
(rules.js)
Offers.Check = function (offer_id)
Ansi based on Dropped File
(rules.js)
Offers.OfferedToolbars = function (installed_toolbars, offer_id)
Ansi based on Dropped File
(rules.js)
Offers.OfferedToolbars(installed_toolbars, offer_id);
Ansi based on Dropped File
(rules.js)
Offers.RetrieveResult = function (offer_id)
Ansi based on Dropped File
(rules.js)
Offers.StoreResult = function (offer_id, result, toolbar_to_be_installed)
Ansi based on Dropped File
(rules.js)
Offers.StoreResult(offer_id, return_JSON, toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
offers_gen_params = offers_gen_params || JSON.parse(pipclient.getOffers());
Ansi based on Dropped File
(rules.js)
offertype_is_toolbar = true;
Ansi based on Dropped File
(rules.js)
p_browser = p_browser.toLowerCase();
Ansi based on Dropped File
(rules.js)
parseInt(isIE9extnenabled,2)=system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Approved Extensions","{D4027C7F-154A-4066-A1AD-4243D8127440}",0);
Ansi based on Dropped File
(rules.js)
partnerid.value=incumbentTlbrList[i];
Ansi based on Dropped File
(rules.js)
partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
partnerRegPath = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
partnerRegPath+=partnersID+"\\Macro\\";
Ansi based on Dropped File
(rules.js)
physicalMemory=(system.getTotalPhysicalMemory());
Ansi based on Dropped File
(rules.js)
PID : toolbar_id,
Ansi based on Dropped File
(rules.js)
pid_str += name;
Ansi based on Dropped File
(rules.js)
PID_to_be_installed.push(toolbar_to_be_installed.PID);
Ansi based on Dropped File
(rules.js)
pids[pid_name] = 1;
Ansi based on Dropped File
(rules.js)
PIDs_on_Machine.push(installed_toolbars[i].PID);
Ansi based on Dropped File
(rules.js)
potential_browser = CascadeThroughBrowsers(p_browser, cascade_count);
Ansi based on Dropped File
(rules.js)
potential_browser = CheckVersion(potential_browser);
Ansi based on Dropped File
(rules.js)
potential_browser = ValidBrowser(potential_browser);
Ansi based on Dropped File
(rules.js)
primary_toolbar_ok_to_present = 0;
Ansi based on Dropped File
(rules.js)
primaryToolbarOfferFlag=true;
Ansi based on Dropped File
(rules.js)
r2 += "-V7";
Ansi based on Dropped File
(rules.js)
r2 += "V7";
Ansi based on Dropped File
(rules.js)
r2 = toolbar_id + "-V7"
Ansi based on Dropped File
(rules.js)
r2 = toolbar_id.slice(0, -r1[0].length);
Ansi based on Dropped File
(rules.js)
reasonString += " Installed PID/tbType " + installed_toolbars[i].PID + "/" + installed_toolbars[i].tb_type;
Ansi based on Dropped File
(rules.js)
reasonString += " New PID/tbType " + toolbar_to_be_installed.PID + "/" + toolbar_to_be_installed.tb_type;
Ansi based on Dropped File
(rules.js)
reasonString = AlreadyAtMaxNumberOfPartnersPerBrowser + " [" + pid_str + "]";
Ansi based on Dropped File
(rules.js)
reasonString = AviraToolbarPresentAskSecureOfferRejected;
Ansi based on Dropped File
(rules.js)
reasonString = BlockListV6IncumbentToolbarIsListedInLockList + incPartners[k];
Ansi based on Dropped File
(rules.js)
reasonString = inputBrowserTypeNotSupported + " [" + p_browser + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputCRBrowserVersionNotSupported + " [" + all_browsers.cr + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputFFBrowserVersionNotSupported + " [" + all_browsers.ff + "]";
Ansi based on Dropped File
(rules.js)
reasonString = inputIEBrowserVersionNotSupported + " [" + all_browsers.ie + "]";
Ansi based on Dropped File
(rules.js)
reasonString = MachineDiskFreeSpaceLessThan2000MB + diskFreeSize;
Ansi based on Dropped File
(rules.js)
reasonString = MachineDiskFreeSpaceLessThan850MB + diskFreeSize;
Ansi based on Dropped File
(rules.js)
reasonString = maxNumberOfPartnersExceeded + " [" + pid_str + "]";
Ansi based on Dropped File
(rules.js)
reasonString = NortonSafeSearchToolbarInstalled;
Ansi based on Dropped File
(rules.js)
reasonString = PIDIsOnBlockedList + " " + toolbar_to_be_installed.PID;
Ansi based on Dropped File
(rules.js)
reasonString = PIDsAreSameOnSameBrowser + ", Browser " + p_browser + " PIDS [" + toolbar_to_be_installed.PID + "]";
Ansi based on Dropped File
(rules.js)
reasonString = PriorToolbarType_Vanilla_SecureVanilla + incPartners[k];
Ansi based on Dropped File
(rules.js)
reasonString = SideBySideLimitExceeded;
Ansi based on Dropped File
(rules.js)
reasonString = tbtypeOfBlockPIDNotEqual + " PIDS " + installed_toolbars[0].PID + " and " + toolbar_to_be_installed.PID;
Ansi based on Dropped File
(rules.js)
reasonString = uniquePIDTbType;
Ansi based on Dropped File
(rules.js)
reasonString = UnsupportedOSXP64bit;
Ansi based on Dropped File
(rules.js)
reasonString = V6OfferAlreadyPresentWithSamePartnerID;
Ansi based on Dropped File
(rules.js)
reasonString= CPUSpeedLessThan1000MHZ + cpuSpeed;
Ansi based on Dropped File
(rules.js)
reasonString= SystemPhysicalMemoryIsVeryLow + physicalMemory;
Ansi based on Dropped File
(rules.js)
reasonString= XPServicePackNotCompatible + winServicePackRegValue;
Ansi based on Dropped File
(rules.js)
result = offerV6SaturationToolbar();
Ansi based on Dropped File
(rules.js)
result = v6installChecker(param);
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "cr"});
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "ff"});
Ansi based on Dropped File
(rules.js)
result.push({PID: partners[i], tb_type : tb_type, browser : "ie"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "cr"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ff"});
Ansi based on Dropped File
(rules.js)
result.push({PID: v5TlbrID, tb_type : "ALL", browser : "ie"});
Ansi based on Dropped File
(rules.js)
return ""
Ansi based on Dropped File
(rules.js)
return "";
Ansi based on Dropped File
(rules.js)
return "0:Not eligible for display";
Ansi based on Dropped File
(rules.js)
return "cr";
Ansi based on Dropped File
(rules.js)
return "ff";
Ansi based on Dropped File
(rules.js)
return "ie";
Ansi based on Dropped File
(rules.js)
return a.length - b.length;
Ansi based on Dropped File
(rules.js)
return AnchorFreeUnsupportedOS;
Ansi based on Dropped File
(rules.js)
return AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit;
Ansi based on Dropped File
(rules.js)
return d;
Ansi based on Dropped File
(rules.js)
return default_browser;
Ansi based on Dropped File
(rules.js)
return false
Ansi based on Dropped File
(rules.js)
return false;
Ansi based on Dropped File
(rules.js)
return getReasonCode(AskSecureToolbarPresentAviraOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraToolbarPresentAskSecureOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraV6InstallOfferPresentedAviraV6UpgradeRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented);
Ansi based on Dropped File
(rules.js)
return getReasonCode(blocklistedPartner);
Ansi based on Dropped File
(rules.js)
return getReasonCode(OldClientAskSecureOfferNotSupported);
Ansi based on Dropped File
(rules.js)
return getReasonCode(precheckSecondary);
Ansi based on Dropped File
(rules.js)
return getReasonCode(PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(reasonString);
Ansi based on Dropped File
(rules.js)
return getReasonCode(secondaryOfferInstalled);
Ansi based on Dropped File
(rules.js)
return getReasonCode(secondaryOfferRejected);
Ansi based on Dropped File
(rules.js)
return getReasonCode(unsupportedBrowser);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v5Offerpresented);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v5ToolbarInstalled);
Ansi based on Dropped File
(rules.js)
return getReasonCode(v6SatInstalled);
Ansi based on Dropped File
(rules.js)
return incumbentPartnerIDs;
Ansi based on Dropped File
(rules.js)
return JSON.stringify(Offers.RetrieveResult(offer_id));
Ansi based on Dropped File
(rules.js)
return JSON.stringify(ps_check);
Ansi based on Dropped File
(rules.js)
return JSON.stringify(return_JSON);
Ansi based on Dropped File
(rules.js)
return JSON.stringify(return_obj);
Ansi based on Dropped File
(rules.js)
return lu_table[i][cascade_count];
Ansi based on Dropped File
(rules.js)
return obj;
Ansi based on Dropped File
(rules.js)
return Offers.RetrieveResult(offer_id);
Ansi based on Dropped File
(rules.js)
return p_browser;
Ansi based on Dropped File
(rules.js)
return p_param[0];
Ansi based on Dropped File
(rules.js)
return partnerRegPath;
Ansi based on Dropped File
(rules.js)
return potential_browser;
Ansi based on Dropped File
(rules.js)
return productVersion;
Ansi based on Dropped File
(rules.js)
return registryValue;
Ansi based on Dropped File
(rules.js)
return result;
Ansi based on Dropped File
(rules.js)
return return_JSON;
Ansi based on Dropped File
(rules.js)
return tb.slice(0, 2);
Ansi based on Dropped File
(rules.js)
return this.cache[i].result;
Ansi based on Dropped File
(rules.js)
return this.indexOf(prefix) === 0;
Ansi based on Dropped File
(rules.js)
return toolbars_on_browser;
Ansi based on Dropped File
(rules.js)
return true
Ansi based on Dropped File
(rules.js)
return true;
Ansi based on Dropped File
(rules.js)
return v7_result;
Ansi based on Dropped File
(rules.js)
return {};
Ansi based on Dropped File
(rules.js)
return;
Ansi based on Dropped File
(rules.js)
return_JSON = new Result("", all_browsers, false);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result("ALL", all_browsers, true , toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result(target_browser, all_browsers, false);
Ansi based on Dropped File
(rules.js)
return_JSON = new Result(target_browser, all_browsers, true, toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = "";
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = reasonString;
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = result;
Ansi based on Dropped File
(rules.js)
return_JSON.errorDescription = secondaryOfferRejected;
Ansi based on Dropped File
(rules.js)
return_JSON.lookupTable.fileid = "v6ic";
Ansi based on Dropped File
(rules.js)
return_JSON.lookupTable.stubversion = "6.6.0";
Ansi based on Dropped File
(rules.js)
return_JSON.result = 0;
Ansi based on Dropped File
(rules.js)
return_JSON.result = 1;
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(reasonString, 10);
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(result, 10);
Ansi based on Dropped File
(rules.js)
return_JSON.result = parseInt(secondaryOfferRejected, 10);
Ansi based on Dropped File
(rules.js)
return_obj.display = 0;
Ansi based on Dropped File
(rules.js)
return_obj.display = 1;
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "";
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "Error Executing Rule";
Ansi based on Dropped File
(rules.js)
return_obj.errorDescription = "Value Was False";
Ansi based on Dropped File
(rules.js)
return_obj.result = 0;
Ansi based on Dropped File
(rules.js)
return_obj.result = 1;
Ansi based on Dropped File
(rules.js)
showSecondaryOffer = false;
Ansi based on Dropped File
(rules.js)
showSecondaryOffer=false;
Ansi based on Dropped File
(rules.js)
showSecondaryOffer=true;
Ansi based on Dropped File
(rules.js)
String.prototype.startsWith = function(prefix) {
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled("cr", true);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(CommandLineBrowser(), false);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(DefaultBrowser(), false);
Ansi based on Dropped File
(rules.js)
target_browser = target_browser || CanBeInstalled(OriginBrowser(), false);
Ansi based on Dropped File
(rules.js)
tb_type : toolbar_type
Ansi based on Dropped File
(rules.js)
this.apn_dbr = all_browsers.dfBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.browser = p_browser;
Ansi based on Dropped File
(rules.js)
this.BROWSER_TEXT = "Browser_" + target_browser.toUpperCase() + "_TXT";
Ansi based on Dropped File
(rules.js)
this.cache = [];
Ansi based on Dropped File
(rules.js)
this.cache.push(t_obj);
Ansi based on Dropped File
(rules.js)
this.cache[i].result = result;
Ansi based on Dropped File
(rules.js)
this.cache[i].tb_info = toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
this.ChromeTB = toolbars_on_cr;
Ansi based on Dropped File
(rules.js)
this.ChromeVersionInstalled = all_browsers.cr;
Ansi based on Dropped File
(rules.js)
this.cmdb = all_browsers.cmdBr;
Ansi based on Dropped File
(rules.js)
this.display = t_f === true ? 1 : 0;
Ansi based on Dropped File
(rules.js)
this.errorDescription = "";
Ansi based on Dropped File
(rules.js)
this.FFTB = toolbars_on_ff;
Ansi based on Dropped File
(rules.js)
this.FFVersionInstalled = all_browsers.ff;
Ansi based on Dropped File
(rules.js)
this.fileid = "QRST_ABCD";
Ansi based on Dropped File
(rules.js)
this.IETB = toolbars_on_ie;
Ansi based on Dropped File
(rules.js)
this.IEVersionInstalled = all_browsers.ie;
Ansi based on Dropped File
(rules.js)
this.lookupTable = t_f === true ? new LookupTable(arguments[3]) : {};
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.orgb = all_browsers.orBr.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.PID = p_PID;
Ansi based on Dropped File
(rules.js)
this.reporting = new Reporting();
Ansi based on Dropped File
(rules.js)
this.result = 0;
Ansi based on Dropped File
(rules.js)
this.stubversion = "7.0.0";
Ansi based on Dropped File
(rules.js)
this.targetBrowser = target_browser.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.tb_type = p_tb_type;
Ansi based on Dropped File
(rules.js)
this.tbID = tb_info.PID;
Ansi based on Dropped File
(rules.js)
this.TBPartnerid = toolbar_to_be_installed.PID
Ansi based on Dropped File
(rules.js)
this.tbType = tb_info?tb_info.tb_type:"";
Ansi based on Dropped File
(rules.js)
this.TrackID = offers_gen_params.GeneralParameters.TrackID;
Ansi based on Dropped File
(rules.js)
this.TrackID = "";
Ansi based on Dropped File
(rules.js)
this.trgb = target_browser.toUpperCase();
Ansi based on Dropped File
(rules.js)
this.value="";
Ansi based on Dropped File
(rules.js)
to_be_installed.push(toolbar_to_be_installed);
Ansi based on Dropped File
(rules.js)
toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
toolbar_id = r2;
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed = GetToolbarInfo(offer_id);
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed.browser = target_browser;
Ansi based on Dropped File
(rules.js)
toolbar_to_be_installed.PID = primaryTlbrID;
Ansi based on Dropped File
(rules.js)
toolbar_type = offers_gen_params.offers[i].tbType || "";
Ansi based on Dropped File
(rules.js)
toolbarDisableFlag = system.getRegValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{D4027C7F-154A-4066-A1AD-4243D8127440}","Flags",0);
Ansi based on Dropped File
(rules.js)
toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
toolbarID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
toolbarRegPath=getIncbumbentRegPath(installedToolbars[i]);
Ansi based on Dropped File
(rules.js)
toolbars_on_browser += installed_toolbars[i].PID + ":" + installed_toolbars[i].tb_type;
Ansi based on Dropped File
(rules.js)
toolbars_on_browser.push(installed_toolbars[i]);
Ansi based on Dropped File
(rules.js)
toolbars_on_cr = toolbars_on_cr || GetToolbarsOnBrowser("cr");
Ansi based on Dropped File
(rules.js)
toolbars_on_ff = toolbars_on_ff || GetToolbarsOnBrowser("ff");
Ansi based on Dropped File
(rules.js)
toolbars_on_ie = toolbars_on_ie || GetToolbarsOnBrowser("ie");
Ansi based on Dropped File
(rules.js)
toolbarTbType = pipgetRegValue(toolbarRegPath,"tb-type",0);
Ansi based on Dropped File
(rules.js)
try {
Ansi based on Dropped File
(rules.js)
unsupportedBrowser = IneligibleChrome;
Ansi based on Dropped File
(rules.js)
unsupportedBrowser=unsupportedBrowser+defBrowser;
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0) || "";
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0) || "";
Ansi based on Dropped File
(rules.js)
v5TlbrID = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\AskToolbar\\Macro","tb",0);
Ansi based on Dropped File
(rules.js)
v5ToolbarInstalled = v5ToolbarInstalled +" "+v5TlbrID;
Ansi based on Dropped File
(rules.js)
v5toolbarOffered=true;
Ansi based on Dropped File
(rules.js)
v6SatInstalled=v6SatInstalled +" "+ partnerid.value;
Ansi based on Dropped File
(rules.js)
v6SaturationToolbarOfferFlag = false;
Ansi based on Dropped File
(rules.js)
v6SaturationToolbarOfferFlag = true;
Ansi based on Dropped File
(rules.js)
var incumbant_AVIRA = false;
Ansi based on Dropped File
(rules.js)
var name;
Ansi based on Dropped File
(rules.js)
var pid_str = "";
Ansi based on Dropped File
(rules.js)
var PID_to_be_installed = [];
Ansi based on Dropped File
(rules.js)
var PIDs_on_Machine = [];
Ansi based on Dropped File
(rules.js)
var result = 1;
Ansi based on Dropped File
(rules.js)
var result;
Ansi based on Dropped File
(rules.js)
var return_JSON = {};
Ansi based on Dropped File
(rules.js)
var t_obj = {id : offers_gen_params.offers[i].id};
Ansi based on Dropped File
(rules.js)
var to_be_installed = [];
Ansi based on Dropped File
(rules.js)
var ttt = offers_gen_params.offers[i].id;
Ansi based on Dropped File
(rules.js)
var all_browsers;
Ansi based on Dropped File
(rules.js)
var cascade_count = 0;
Ansi based on Dropped File
(rules.js)
var checkness;
Ansi based on Dropped File
(rules.js)
var checkness_parts = checkness[i].split(':');
Ansi based on Dropped File
(rules.js)
var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");
Ansi based on Dropped File
(rules.js)
var current_time = new Date();
Ansi based on Dropped File
(rules.js)
var CUTOVER_DATE = new Date(2013, 05, 26);
Ansi based on Dropped File
(rules.js)
var default_browser;
Ansi based on Dropped File
(rules.js)
var defaultbrowserAppPath;
Ansi based on Dropped File
(rules.js)
var defaultbrowserPath;
Ansi based on Dropped File
(rules.js)
var incumbentPartnerRegPath;
Ansi based on Dropped File
(rules.js)
var installed_toolbars;
Ansi based on Dropped File
(rules.js)
var is_saturation_offer = false;
Ansi based on Dropped File
(rules.js)
var list_1 = tb_type_1.split(",");
Ansi based on Dropped File
(rules.js)
var list_2 = tb_type_2.split(",");
Ansi based on Dropped File
(rules.js)
var lu_table = [["cr", "ie", "ff"], ["ie", "cr", "ff"], ["ff", "cr", "ie"]];
Ansi based on Dropped File
(rules.js)
var MAX_NUMBER_OF_TOOLBARS_ON_BROWSER = 3;
Ansi based on Dropped File
(rules.js)
var MAX_NUMBER_OF_TOOLBARS_ON_MACHINE = 3;
Ansi based on Dropped File
(rules.js)
var name;
Ansi based on Dropped File
(rules.js)
var offer_id = GetOfferID(param);
Ansi based on Dropped File
(rules.js)
var offer_ids = param.split('-');
Ansi based on Dropped File
(rules.js)
var offer_ids = param.split('-')[0].split('|');
Ansi based on Dropped File
(rules.js)
var offer_type = offers_gen_params.offers[i].offerType || "";
Ansi based on Dropped File
(rules.js)
var Offers = {};
Ansi based on Dropped File
(rules.js)
var offers_gen_params;
Ansi based on Dropped File
(rules.js)
var offertype_is_toolbar = false;
Ansi based on Dropped File
(rules.js)
var p_param = param.split("|");
Ansi based on Dropped File
(rules.js)
var partners = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var pids = {};
Ansi based on Dropped File
(rules.js)
var potential_browser;
Ansi based on Dropped File
(rules.js)
var primary_toolbar_ok_to_present = 1;
Ansi based on Dropped File
(rules.js)
var ps_check = PrimarySaturationCheck (offer_id);
Ansi based on Dropped File
(rules.js)
var r1 = toolbar_id.match(reg_exp);
Ansi based on Dropped File
(rules.js)
var r2;
Ansi based on Dropped File
(rules.js)
var reg_exp = /-?(V5|V6|V7)$/i;
Ansi based on Dropped File
(rules.js)
var result = [];
Ansi based on Dropped File
(rules.js)
var return_JSON;
Ansi based on Dropped File
(rules.js)
var return_obj = {};
Ansi based on Dropped File
(rules.js)
var show_logger = true;
Ansi based on Dropped File
(rules.js)
var target_browser = "";
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.orBr);
Ansi based on Dropped File
(rules.js)
var tb_incumbent_path = "HKEY_LOCAL_MACHINE\\SOFTWARE\\AskPartnerNetwork\\Toolbar\\";
Ansi based on Dropped File
(rules.js)
var tb_path = tb_incumbent_path + partners[i] + "\\Macro\\"
Ansi based on Dropped File
(rules.js)
var toolbar_id = "";
Ansi based on Dropped File
(rules.js)
var toolbar_id = offers_gen_params.offers[i].ToolbarID || "";
Ansi based on Dropped File
(rules.js)
var toolbar_to_be_installed;
Ansi based on Dropped File
(rules.js)
var toolbar_type = "";
Ansi based on Dropped File
(rules.js)
var toolbars_on_browser = "";
Ansi based on Dropped File
(rules.js)
var toolbars_on_cr;
Ansi based on Dropped File
(rules.js)
var toolbars_on_ff;
Ansi based on Dropped File
(rules.js)
var toolbars_on_ie;
Ansi based on Dropped File
(rules.js)
var pid_name = installed_toolbars[i].PID;
Ansi based on Dropped File
(rules.js)
var AviraToolbarPresentAskSecureOfferRejected = "19: Avira Toolbar present, Ask secure offer rejected";
Ansi based on Dropped File
(rules.js)
var AviraV6InstallOfferRejectedAviraV6UpgradeOfferPresented = "22:Avira V6 new Install offer rejected, Avira V6 Upgrade Offer/Ask Secure Offer presented";
Ansi based on Dropped File
(rules.js)
var OldClientAskSecureOfferNotSupported = "24:Old Client AskSecure offer not supported";
Ansi based on Dropped File
(rules.js)
var PrimaryToolbarOfferPresentedDefaultPrimaryOfferRejected = "23:Primary Toolbar Offer presented, The default primary offer rejected";
Ansi based on Dropped File
(rules.js)
var v7_result = v7installChecker(param);
Ansi based on Dropped File
(rules.js)
var AFRegistryPath;
Ansi based on Dropped File
(rules.js)
var AlreadyAtMaxNumberOfPartnersPerBrowser = "34:Already At Maximum Number of Partners Per Browser";
Ansi based on Dropped File
(rules.js)
var AnchorFreeUnsupportedOS = "18: AnchorFree unsupported OS XP or Vista 64bit ";
Ansi based on Dropped File
(rules.js)
var AskSecureToolbarPresentAviraOfferRejected = "20:Ask Secure toolbar present, Avira offer rejected";
Ansi based on Dropped File
(rules.js)
var AudialsOfferNotEligibleUnsupportedOSXP32orVista64bit = "20: Audials offer not eligible as unsupported OS XP 32 or Vista 64 bit";
Ansi based on Dropped File
(rules.js)
var AviraV6InstallOfferPresentedAviraV6UpgradeRejected = "21:Avira V6 new Install offer presented, Avira V6 Upgrade rejected";
Ansi based on Dropped File
(rules.js)
var blocklistedPartner = "5:Block V6 ? New toolbar listed in the block list";
Ansi based on Dropped File
(rules.js)
var BlockListV6IncumbentToolbarIsListedInLockList = "6:Block list v6 - incumbent toolbar is listed as block list ";
Ansi based on Dropped File
(rules.js)
var checkObj;
Ansi based on Dropped File
(rules.js)
var checkV5Installed = getProductVersion("{86D4B82A-ABED-442A-BE86-96357B70F4FE}");
Ansi based on Dropped File
(rules.js)
var CHROME="Google Chrome";
Ansi based on Dropped File
(rules.js)
var cpuSpeed;
Ansi based on Dropped File
(rules.js)
var CPUSpeedLessThan1000MHZ = "14:CPU speed less than 1000 MHZ ";;
Ansi based on Dropped File
(rules.js)
var defaultBrowser;
Ansi based on Dropped File
(rules.js)
var defaultbrowserAppPath;
Ansi based on Dropped File
(rules.js)
var defaultbrowserPath;
Ansi based on Dropped File
(rules.js)
var defBrowser="";
Ansi based on Dropped File
(rules.js)
var diskFreeSize;
Ansi based on Dropped File
(rules.js)
var DPRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\DealPly","InstallStatus",0);
Ansi based on Dropped File
(rules.js)
var FIREFOX="firefox";
Ansi based on Dropped File
(rules.js)
var getIEversion ="";
Ansi based on Dropped File
(rules.js)
var getIEversion=browser.ieVersion;
Ansi based on Dropped File
(rules.js)
var i, l, d;
Ansi based on Dropped File
(rules.js)
var IE="Internet Explorer";
Ansi based on Dropped File
(rules.js)
var incumbentPartnerIDs="";
Ansi based on Dropped File
(rules.js)
var incumbentPartnerList = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var incumbentPartnerRegPath;
Ansi based on Dropped File
(rules.js)
var incumbentPartners;
Ansi based on Dropped File
(rules.js)
var incumbentTbType;
Ansi based on Dropped File
(rules.js)
var incumbentTlbrList;
Ansi based on Dropped File
(rules.js)
var IneligibleChrome = "3:Ineligible Chrome";
Ansi based on Dropped File
(rules.js)
var inputBrowserTypeNotSupported = "27:Input Browser Type is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputCRBrowserVersionNotSupported = "29:CR Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputFFBrowserVersionNotSupported = "30:FF Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var inputIEBrowserVersionNotSupported = "28:IE Browser Version Is NOT Supported";
Ansi based on Dropped File
(rules.js)
var installedPartners = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var installedToolbars = getIncumbentPartners();
Ansi based on Dropped File
(rules.js)
var isIE9extnenabled="";
Ansi based on Dropped File
(rules.js)
var jsonString={
Ansi based on Dropped File
(rules.js)
var key;
Ansi based on Dropped File
(rules.js)
var MachineDiskFreeSpaceLessThan2000MB = "15:64 bit machine Disk free space less than 2000MB ";
Ansi based on Dropped File
(rules.js)
var MachineDiskFreeSpaceLessThan850MB = "16:32 bit machine Disk free space less than 850MB ";
Ansi based on Dropped File
(rules.js)
var maxNumberOfPartnersExceeded = "25:Maximum Number of Unique Partners Already Exists";
Ansi based on Dropped File
(rules.js)
var n;
Ansi based on Dropped File
(rules.js)
var n=0;
Ansi based on Dropped File
(rules.js)
var NortonSafeSearchToolbarInstalled = "17:Norton Safe search Toolbar installed";
Ansi based on Dropped File
(rules.js)
var nortonToolbarKey;
Ansi based on Dropped File
(rules.js)
var obj = {
Ansi based on Dropped File
(rules.js)
var offerAviraV6NewInstall = false;
Ansi based on Dropped File
(rules.js)
var overinstallFlag=false;
Ansi based on Dropped File
(rules.js)
var partnerid =new partneridfunc();
Ansi based on Dropped File
(rules.js)
var partnerID;
Ansi based on Dropped File
(rules.js)
var partnerRegPath="";
Ansi based on Dropped File
(rules.js)
var physicalMemory;
Ansi based on Dropped File
(rules.js)
var PIDIsOnBlockedList = "33:PID is on Block List"
Ansi based on Dropped File
(rules.js)
var PIDsAreSameOnSameBrowser = "31:PIDs Are the Same, On the Same Browser";
Ansi based on Dropped File
(rules.js)
var precheckSecondary = "10:Secondary offer rejected as Manycam Saturation offer was made";
Ansi based on Dropped File
(rules.js)
var primaryToolbarOfferFlag=false;
Ansi based on Dropped File
(rules.js)
var PriorToolbarType_Vanilla_SecureVanilla = "4:Prior toolbar type(Vanilla)/Secure Vanilla ";
Ansi based on Dropped File
(rules.js)
var productVersion =system.getProductVersion(productCode);
Ansi based on Dropped File
(rules.js)
var PTRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\Paltalk","InstallerAppDir",0);
Ansi based on Dropped File
(rules.js)
var reasonString="";
Ansi based on Dropped File
(rules.js)
var registryPath;
Ansi based on Dropped File
(rules.js)
var registryPathx86 = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\";
Ansi based on Dropped File
(rules.js)
var registryValue=system.getRegValue(registryPath,regValue,n);
Ansi based on Dropped File
(rules.js)
var regsistryPathx64 = "HKEY_LOCAL_MACHINE\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\";
Ansi based on Dropped File
(rules.js)
var regValue="";
Ansi based on Dropped File
(rules.js)
var SCRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\Software\\Speedchecker Limited\\PC Speed Up","Uninstaller",0);
Ansi based on Dropped File
(rules.js)
var secondaryOfferInstalled = "11:Secondary Offer was not made as offer already exists";
Ansi based on Dropped File
(rules.js)
var secondaryOfferRejected = "9:Secondary offer rejected as Primary or Saturation offer was made";
Ansi based on Dropped File
(rules.js)
var SFRegistryPath = pipgetRegValue("HKEY_CURRENT_USER\\Software\\AppDataLow\\Software\\superfish","InstallStatus",0);
Ansi based on Dropped File
(rules.js)
var showSecondaryOffer=true;
Ansi based on Dropped File
(rules.js)
var SideBySideLimitExceeded = "8:Side by side limit exceeded";
Ansi based on Dropped File
(rules.js)
var SystemPhysicalMemoryIsVeryLow = "17:System Physical Memory is very low";
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.cmdBr);
Ansi based on Dropped File
(rules.js)
var tb = "" || (all_browsers && all_browsers.dfBr);
Ansi based on Dropped File
(rules.js)
var tbtypeOfBlockPIDNotEqual = "26:A Toolbar Type is of type block, PIDs are NOT equal";
Ansi based on Dropped File
(rules.js)
var toolbarDisableFlag="";
Ansi based on Dropped File
(rules.js)
var toolbarID;
Ansi based on Dropped File
(rules.js)
var toolbarRegPath;
Ansi based on Dropped File
(rules.js)
var toolbars_on_browser = [];
Ansi based on Dropped File
(rules.js)
var toolbarTypeCollision = "32:On the Same Browser, Toolbar Types Collide";
Ansi based on Dropped File
(rules.js)
var UBRegistryPath = pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Uniblue\\SpeedUpMyPC","InstalledLocation",0);
Ansi based on Dropped File
(rules.js)
var uniquePIDTbType = "35:Toolbar Type is already owned by PID";
Ansi based on Dropped File
(rules.js)
var unsupportedBrowser = "2:Unsupported default browser";
Ansi based on Dropped File
(rules.js)
var UnsupportedOSXP64bit = "11:Unsupported OS XP 64 bit";
Ansi based on Dropped File
(rules.js)
var v5Offerpresented = "7:Saturation offer was not made because primary offer was made";
Ansi based on Dropped File
(rules.js)
var v5TlbrID;
Ansi based on Dropped File
(rules.js)
var v5ToolbarInstalled = "1:Offer cannot be installed as offer already exists";
Ansi based on Dropped File
(rules.js)
var v5toolbarOffered = false;
Ansi based on Dropped File
(rules.js)
var V6OfferAlreadyPresentWithSamePartnerID = "1:V6 Offer already present with same partnerID";
Ansi based on Dropped File
(rules.js)
var v6SatInstalled = "4:Prior toolbar typet (Shopping)";
Ansi based on Dropped File
(rules.js)
var v6SaturationToolbarOfferFlag = false;
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.cr, 10);
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.ff, 10);
Ansi based on Dropped File
(rules.js)
var version = parseInt(all_browsers.ie, 10);
Ansi based on Dropped File
(rules.js)
var versionresult=cmpVersions(clientversion,"2.6.8.0");
Ansi based on Dropped File
(rules.js)
var versionValue=cmpVersions(version,"2.6.12.1");
Ansi based on Dropped File
(rules.js)
var winServicePackRegValue;
Ansi based on Dropped File
(rules.js)
var XPServicePackNotCompatible = "13:XP Service Pack not compatible ";
Ansi based on Dropped File
(rules.js)
varbrowsers = pipgetRegValue (partner_path, "Browsers", 0) || "";
Ansi based on Dropped File
(rules.js)
varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Info\\";
Ansi based on Dropped File
(rules.js)
varpartner_path = incumbentPartnerRegPath + partners[i] + "\\Macro\\";
Ansi based on Dropped File
(rules.js)
vartb_type = pipgetRegValue (partner_path, "tb-type", 0) || "";
Ansi based on Dropped File
(rules.js)
vartb_type = pipgetRegValue (tb_path, "tb-type", 0) || "";
Ansi based on Dropped File
(rules.js)
winServicePackRegValue=pipgetRegValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion","CSDVersion",0);
Ansi based on Dropped File
(rules.js)
} // CanBeInstalled
Ansi based on Dropped File
(rules.js)
} // CascadeThroughBrowsers(p_browser, cascade_count)
Ansi based on Dropped File
(rules.js)
} // CheckForBlockedPID
Ansi based on Dropped File
(rules.js)
} // CheckVersion
Ansi based on Dropped File
(rules.js)
} // defaultBrowser
Ansi based on Dropped File
(rules.js)
} // GetInstalledToolbars
Ansi based on Dropped File
(rules.js)
} // GetOfferID
Ansi based on Dropped File
(rules.js)
} // GetToolbarInfo
Ansi based on Dropped File
(rules.js)
} // GetToolbarsOnBrowser
Ansi based on Dropped File
(rules.js)
} // incumbantAVIRACheck
Ansi based on Dropped File
(rules.js)
} // InstallCheck
Ansi based on Dropped File
(rules.js)
} // isObjEmpty
Ansi based on Dropped File
(rules.js)
} // isSaturationOffer
Ansi based on Dropped File
(rules.js)
} // isUniquePIDOnMachine
Ansi based on Dropped File
(rules.js)
} // MoreToCascade
Ansi based on Dropped File
(rules.js)
} // Offers.Check
Ansi based on Dropped File
(rules.js)
} // Offers.OfferedToolbars
Ansi based on Dropped File
(rules.js)
} // Offers.RetrieveResult
Ansi based on Dropped File
(rules.js)
} // Offers.StoreResult
Ansi based on Dropped File
(rules.js)
} // PIDOnBlockedList
Ansi based on Dropped File
(rules.js)
} // Result
Ansi based on Dropped File
(rules.js)
} // TbTypesIntersect
Ansi based on Dropped File
(rules.js)
} // ToolbarInfo
Ansi based on Dropped File
(rules.js)
} // toolbarsHaveTypeBlock
Ansi based on Dropped File
(rules.js)
} // UniquePIDTbType
Ansi based on Dropped File
(rules.js)
} // v7installChecker
Ansi based on Dropped File
(rules.js)
} // ValidBrowser(p_browser)
Ansi based on Dropped File
(rules.js)
} catch (e)
Ansi based on Dropped File
(rules.js)
} catch(e)
Ansi based on Dropped File
(rules.js)
} else {
Ansi based on Dropped File
(rules.js)
} while (MoreToCascade(cascade_count, potential_browser, run_cycle));
Ansi based on Dropped File
(rules.js)
}catch (e)
Ansi based on Dropped File
(rules.js)
}catch(e)
Ansi based on Dropped File
(rules.js)
}catch(e){
Ansi based on Dropped File
(rules.js)
}else
Ansi based on Dropped File
(rules.js)
}else {
Ansi based on Dropped File
(rules.js)
}else{
Ansi based on Dropped File
(rules.js)
??_??s__,
Ansi based on Image Processing
(screen_0.png)
o_;_7
Ansi based on Image Processing
(screen_0.png)
Extracted Files
-
Clean 1
-
-
orchestrator.html
- Size
- 13KiB (13196 bytes)
- Type
- HTML document, ASCII text, with CRLF line terminators
- AV Scan Result
- 0/55
- MD5
-
fdd740a29f5849b4082b4267c045e33e
- SHA1
-
f859657d5b5d244218d7a4b051681a042eaecb87
- SHA256
-
1c784689cbe6f5597d72e6a672fbd5d7d536e288e2b6fc3c0f55d67d2fd86752
-
-
Informative 5
-
-
APNAnalytics[1].xml
- Size
- 2.5KiB (2517 bytes)
- Type
- XML document text
- MD5
-
c512efa072396eac3b40d89a161b5ede
- SHA1
-
02f4bb498f9ec385f337c85ce7923e6131781775
- SHA256
-
f471d2a652977c0de06a3338a712eaaf45e8aade4b9b0b186db9c2d6be0b3be9
-
APNAnalytics.xml
- Size
- 2.5KiB (2517 bytes)
- Type
- XML document text
- MD5
-
c512efa072396eac3b40d89a161b5ede
- SHA1
-
02f4bb498f9ec385f337c85ce7923e6131781775
- SHA256
-
f471d2a652977c0de06a3338a712eaaf45e8aade4b9b0b186db9c2d6be0b3be9
-
AveryError.png
- Size
- 4.8KiB (4940 bytes)
- Type
- PNG image data, 594 x 360, 8-bit colormap, non-interlaced
- MD5
-
d12d18809b8203f7dbaf6ed4a95ba79d
- SHA256
-
510b561ecc6d456c149a77c98b2afff99a3bb233dbe96ae619ef337730a482d5
-
objectmodel.js
- Size
- 1.3KiB (1354 bytes)
- Type
- ASCII text, with CRLF line terminators
- MD5
-
452a7be33226b83f62bb477cfefb624e
- SHA1
-
387902216ccbc6d8f014214ad61723b5198e635a
- SHA256
-
afa1881d3b2b142fa20a47c7bec3ac0d3d6e2dfc427e335e2911f68c77ea9fc0
-
rules.js
- Size
- 60KiB (61364 bytes)
- Type
- ASCII text, with very long lines, with CRLF line terminators
- MD5
-
9acb27a7c4ec3b69f3b69fd334510177
- SHA1
-
824f17653ad8ccceb8b231456c177bd999230df4
- SHA256
-
768b45cf3776abd3bcee7b09e1204ca7cf1ab66ec939aeedbb18fd70ea21dfdd
-
Notifications
-
Runtime
- Not all sources for signature ID "api-55" are available in the report
- Not all sources for signature ID "mutant-0" are available in the report
- Not all sources for signature ID "registry-25" are available in the report
- Not all sources for signature ID "stream-2" are available in the report
- Not all sources for signature ID "stream-32" are available in the report
- Not all sources for signature ID "string-3" are available in the report
- Some low-level details are hidden from the report due to oversize
Community
There are no community comments.
You must be logged in to submit a comment.