IOC Report
ElitechLogWin V6.4.6.exe

loading gif

Files

File Path
Type
Category
Malicious
ElitechLogWin V6.4.6.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
C:\ElitechLogWin\Drivers\CH341\DRVSETUP64\DRVSETUP64.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\ElitechLogWin\is-3KLJS.tmp
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\ElitechLogWin\is-64LH2.tmp
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\ElitechLogWin\Async_MessageBox.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\CH341PT.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\WindowsInstaller-KB893803-v2-x86.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\dotNetFx40_Client_x86_x64.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\is-69FOL.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\is-77COG.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\is-R21KT.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\is-V65L8.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\wic_x86_chs.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Components\wic_x86_enu.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Crc32.NET.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\Crc32.NET.xml (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\DB\data.db3 (copy)
data
dropped
C:\ElitechLogWin\DB\is-8N0RS.tmp
data
dropped
C:\ElitechLogWin\DL.exe (copy)
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\DL.exe.config (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\DL.pdb (copy)
MSVC program database ver 7.00, 512*5383 bytes
dropped
C:\ElitechLogWin\Drivers\CH341\CH341M64.SYS (copy)
PE32+ executable (native) Aarch64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341PORTS.DLL (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341PORTSA64.DLL (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341PT.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341PTA64.DLL (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341S64.SYS (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341S98.SYS (copy)
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341SER.CAT (copy)
data
dropped
C:\ElitechLogWin\Drivers\CH341\CH341SER.INF (copy)
Windows setup INFormation
dropped
C:\ElitechLogWin\Drivers\CH341\CH341SER.SYS (copy)
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\CH341SER.VXD (copy)
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\ElitechLogWin\Drivers\CH341\DRVSETUP64\is-DA5P5.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\SETUP.EXE (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341M64.sys (copy)
PE32+ executable (native) Aarch64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341PORTS.DLL (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341PORTSA64.DLL (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341PT.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341PTA64.DLL (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341S64.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341S98.SYS (copy)
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341SER.CAT (copy)
data
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341SER.INF (copy)
Windows setup INFormation
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341SER.VXD (copy)
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\CH341SER.sys (copy)
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-3KCTN.tmp
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-4V221.tmp
PE32+ executable (native) Aarch64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-6HU8U.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-7O4QT.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-G2AIM.tmp
Windows setup INFormation
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-I08DP.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-J4G7J.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-TKQEB.tmp
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-UM7HD.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-VI31J.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\WIN 1X\is-VV0UG.tmp
data
dropped
C:\ElitechLogWin\Drivers\CH341\is-19MS8.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-23GIR.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-2GNAT.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-3H8ON.tmp
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\ElitechLogWin\Drivers\CH341\is-FE8JT.tmp
data
dropped
C:\ElitechLogWin\Drivers\CH341\is-J5RC5.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-NM5RC.tmp
PE32+ executable (native) Aarch64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-QFG43.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-RB961.tmp
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-RJR4R.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CH341\is-S2COG.tmp
Windows setup INFormation
dropped
C:\ElitechLogWin\Drivers\CH341\is-U8CBL.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\CP210xVCPInstaller_x64.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\CP210xVCPInstaller_x86.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\ReleaseNotes.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Drivers\CP210x\SLAB_License_Agreement_VCP_Windows.txt (copy)
ASCII text, with very long lines (935), with CRLF line terminators
dropped
C:\ElitechLogWin\Drivers\CP210x\dpinst.xml (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Drivers\CP210x\is-4T4TN.tmp
data
dropped
C:\ElitechLogWin\Drivers\CP210x\is-8TFHD.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Drivers\CP210x\is-C2G31.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\is-HILAD.tmp
ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Drivers\CP210x\is-J0HG7.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\is-ORT92.tmp
ASCII text, with very long lines (935), with CRLF line terminators
dropped
C:\ElitechLogWin\Drivers\CP210x\is-QIODI.tmp
Windows setup INFormation
dropped
C:\ElitechLogWin\Drivers\CP210x\slabvcp.cat (copy)
data
dropped
C:\ElitechLogWin\Drivers\CP210x\slabvcp.inf (copy)
Windows setup INFormation
dropped
C:\ElitechLogWin\Drivers\CP210x\x64\WdfCoInstaller01009.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x64\is-0J93G.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x64\is-7BD1E.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x64\is-TFEFO.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x64\silabenm.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x64\silabser.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x86\WdfCoInstaller01009.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x86\is-B02VC.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x86\is-FOH79.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x86\is-L43UA.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x86\silabenm.sys (copy)
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Drivers\CP210x\x86\silabser.sys (copy)
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\Firmware\Tlog100_V2.0.bin (copy)
data
dropped
C:\ElitechLogWin\Firmware\is-U5M1B.tmp
data
dropped
C:\ElitechLogWin\ICSharpCode.SharpZipLib.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\Images\Guide\zh\1.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\10.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\2.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\3.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\4.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\5.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\6.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\7.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\8.png (copy)
PNG image data, 1920 x 1030, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\9.png (copy)
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-29I7U.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-29NF0.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-ADD01.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-B7QP7.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-GKPNI.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-HDLK4.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-JDNGO.tmp
PNG image data, 1920 x 1030, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-R7Q5A.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-RQJHF.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Guide\zh\is-SFAST.tmp
PNG image data, 1920 x 1040, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\-logo(...).png (copy)
PNG image data, 1030 x 249, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\-logo.png (copy)
PNG image data, 1030 x 249, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\ADD.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Data-Export.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Delet.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\ExportFile.png (copy)
PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\FDA-logo.png (copy)
PNG image data, 600 x 542, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\FDA-logo@32.png (copy)
PNG image data, 35 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\FDA-logo@48.png (copy)
PNG image data, 53 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\FDA-logo@64.png (copy)
PNG image data, 70 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\JingChuang.ico (copy)
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
C:\ElitechLogWin\Images\Icons\JingChuang.png (copy)
PNG image data, 188 x 60, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\JingChuangLogo.png (copy)
PNG image data, 188 x 60, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Next.png (copy)
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Next_2.png (copy)
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Previous.png (copy)
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Previous_2.png (copy)
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Query.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Restore.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Signature.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Skip.png (copy)
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\Skip_2.png (copy)
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\about-us@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit-refresh@22.png (copy)
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit-refresh@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit-sys-event@16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit-sys-event@22.png (copy)
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit-sys@16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit-sys@22.png (copy)
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit@16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\audit@22.png (copy)
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-dataview-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-email@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-export.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-help@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-import-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-mail@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-param@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-query-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-query@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-save-gray.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-save-green.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-save-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-summary@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-sys-setting@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-toggle-down.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-toggle-normal.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-toggle-up.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\btn-user@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\cloud.png (copy)
PNG image data, 51 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\connected.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\elitech.ico (copy)
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
C:\ElitechLogWin\Images\Icons\elitech.png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\elitechLogo.png (copy)
PNG image data, 1030 x 249, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\export-elt-x64.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\export-excel-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\export-excel-x64.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\export-pdf-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\export-pdf-x64.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\help.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-chart-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-chart@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-db.png (copy)
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-db@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-db@64.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-filter-blue-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-filter-x16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-filter-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-reset-blue-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-reset-x16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-reset-x32.png (copy)
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-row-selected-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-statusbar-com@16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-statusbar-usb@16.png (copy)
PNG image data, 21 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-text-fi-audit@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-warning-gray@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-warning-no-x16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-warning-no-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-warning-red@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-warning-yes-x16.png (copy)
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\icon-warning-yes-x32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\index.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\index2.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-0E4V7.tmp
PNG image data, 157 x 70, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-0L966.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-0OHC4.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-0OK4C.tmp
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
C:\ElitechLogWin\Images\Icons\is-17HB5.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-1L8PR.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-1NEES.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-2D35S.tmp
PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-2M3KM.tmp
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-37EIA.tmp
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-3BCDH.tmp
PNG image data, 21 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-3Q32J.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-3TJHS.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-4ASCA.tmp
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-4DPRG.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-4II1N.tmp
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-4JIC8.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-4LO7C.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-4SBMD.tmp
PNG image data, 188 x 60, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-55LT5.tmp
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-5BFUI.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-5DRR4.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-5M73O.tmp
PNG image data, 1030 x 249, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-5UET9.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-5V8GJ.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-5VU5O.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-62MHI.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-6IK7Q.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-7KMTT.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-88K76.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-894UP.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-8GAGP.tmp
PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-8QL4S.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-8RDFG.tmp
PNG image data, 188 x 60, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-94DQM.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-9CUUN.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-9D3SR.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-AQ0PE.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-BI9G8.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-BP4RH.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-BSJ6A.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-C9AQO.tmp
JPEG image data, JFIF standard 1.02, resolution (DPCM), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS3 Windows, datetime=2019:02:14 13:19:29], progressive, precision 8, 500x300, components 3
dropped
C:\ElitechLogWin\Images\Icons\is-CFSS1.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-CLPJP.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-COSPP.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-CPN5K.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-DBHJ7.tmp
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-DQK1S.tmp
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-E3UUA.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-ECK1O.tmp
PNG image data, 1030 x 249, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-EFCL8.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-F5BKD.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-F7I58.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-G2G5B.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-GIPNG.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-GL5IN.tmp
PNG image data, 70 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-GRGHP.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-HAAP1.tmp
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-HI7K9.tmp
PNG image data, 35 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-HNEOI.tmp
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-I70EL.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-ICR6H.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-IHJDM.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-IM7JN.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-INPQA.tmp
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-IP3O8.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-J5631.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-JBPST.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-JKO8D.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-K16VS.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-KDI48.tmp
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-KEN8G.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-KII30.tmp
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-KLPDO.tmp
PNG image data, 1030 x 249, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-LN857.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-M1L31.tmp
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-MD6KE.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-MREJU.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-N0PCF.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-N2IDQ.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-NRMDA.tmp
PNG image data, 53 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-OSUF1.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-PFILU.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-PQ4RQ.tmp
PNG image data, 51 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-Q0VSV.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-QPUAA.tmp
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-QU4P7.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-QVSJ9.tmp
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-R3MK5.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-RVVEA.tmp
PNG image data, 600 x 542, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-S3JU1.tmp
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-SGLV2.tmp
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
C:\ElitechLogWin\Images\Icons\is-SJ364.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-SNJN0.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-SQ058.tmp
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-STPKC.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-TFD3F.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-UJRKO.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\is-UVA1O.tmp
JPEG image data, JFIF standard 1.02, resolution (DPCM), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS3 Windows, datetime=2019:02:18 13:14:43], progressive, precision 8, 500x300, components 3
dropped
C:\ElitechLogWin\Images\Icons\is-VTM1T.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\jpg1.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\jpg2.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\lang-en.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\lang-zh.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\line-chart-x28.png (copy)
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\line-chart.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\login-eye@22.png (copy)
PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\login-password@24.png (copy)
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\login-password@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\login-user@24.png (copy)
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\login-user@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\logo.png (copy)
PNG image data, 157 x 70, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\sensor1.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPCM), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS3 Windows, datetime=2019:02:14 13:19:29], progressive, precision 8, 500x300, components 3
dropped
C:\ElitechLogWin\Images\Icons\sensor2.jpg (copy)
JPEG image data, JFIF standard 1.02, resolution (DPCM), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS3 Windows, datetime=2019:02:18 13:14:43], progressive, precision 8, 500x300, components 3
dropped
C:\ElitechLogWin\Images\Icons\txt.png (copy)
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\user-add@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Icons\user-edit@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Skin\gbx-headline@32.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Skin\is-G6CLN.tmp
PNG image data, 800 x 800, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\Skin\is-VPIIO.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\Skin\login-top-banner.png (copy)
PNG image data, 800 x 800, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00001[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00003[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00005[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00007[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00010[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00011[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00012[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\00015[48x48x8BPP].png (copy)
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-5652K.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-6CICJ.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-BS5NG.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-GUK93.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-HAB8S.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-LIFNK.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-T7D3N.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Images\import-icons\is-VL9U4.tmp
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Ionic.Zip.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\Log\NLog.config (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Log\is-07HJ6.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\LumiSoft.Net.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\MarkControl.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\NGettext.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\NGettext.xml (copy)
XML 1.0 document, ASCII text, with very long lines (1244), with CRLF line terminators
dropped
C:\ElitechLogWin\NLog.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\NLog.xml (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\NPOI.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\Newtonsoft.Json.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\Newtonsoft.Json.xml (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Properties\app.manifest (copy)
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\ElitechLogWin\Properties\is-HLFM4.tmp
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\ElitechLogWin\Resource\SysConfig.xml (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Resource\Sysinfo.dat (copy)
ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Resource\alarm.png (copy)
PNG image data, 154 x 138, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Resource\is-00CJG.tmp
ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Resource\is-33NRP.tmp
PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resource\is-AQK0N.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Resource\is-G7PA2.tmp
ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Resource\is-JLT7T.tmp
PNG image data, 154 x 138, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resource\is-TOH61.tmp
PNG image data, 154 x 138, 8-bit/color RGB, non-interlaced
dropped
C:\ElitechLogWin\Resource\noAlarm.png (copy)
PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resource\ok.png (copy)
PNG image data, 154 x 138, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resources\is-HB3QV.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resources\is-LIPIV.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resources\is-OASR0.tmp
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resources\script_export.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resources\script_import.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\Resources\script_save.png (copy)
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
C:\ElitechLogWin\System.Data.SQLite.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\System.Data.SQLite.dll.config (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\System.Data.SQLite.xml (copy)
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\Tem.ico (copy)
MS Windows icon resource - 1 icon, 48x96, 8 bits/pixel
dropped
C:\ElitechLogWin\UpgradeFile\Local.xml (copy)
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\ElitechLogWin\UpgradeFile\is-TQC4A.tmp
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\ElitechLogWin\app.manifest (copy)
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\ElitechLogWin\elitech.ico (copy)
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
C:\ElitechLogWin\en.pdf (copy)
PDF document, version 1.7
dropped
C:\ElitechLogWin\es.pdf (copy)
PDF document, version 1.7
dropped
C:\ElitechLogWin\is-0ANOE.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-1T4ET.tmp
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
dropped
C:\ElitechLogWin\is-22UOT.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\is-4QHAT.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-4RFOM.tmp
MS Windows icon resource - 1 icon, 48x96, 8 bits/pixel
dropped
C:\ElitechLogWin\is-6NPH5.tmp
XML 1.0 document, ASCII text, with very long lines (1244), with CRLF line terminators
dropped
C:\ElitechLogWin\is-7A1RE.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\is-7B027.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-7UN9L.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-9A33P.tmp
MSVC program database ver 7.00, 512*5383 bytes
dropped
C:\ElitechLogWin\is-9M3SJ.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-ACGED.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-DH4PP.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-EN453.tmp
PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-F2Q6U.tmp
PDF document, version 1.7
dropped
C:\ElitechLogWin\is-FCR10.tmp
XML 1.0 document, ASCII text, with CRLF, LF line terminators
dropped
C:\ElitechLogWin\is-G9K3Q.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-GDL1S.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-HM61C.tmp
XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-JET2T.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-K0HRO.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-KN84P.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-LJB4O.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\is-NS0HU.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-OLJUM.tmp
PDF document, version 1.7
dropped
C:\ElitechLogWin\is-PNGP1.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-QK9HR.tmp
PDF document, version 1.7
dropped
C:\ElitechLogWin\is-S32UM.tmp
PDF document, version 1.7
dropped
C:\ElitechLogWin\is-U1RFV.tmp
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ElitechLogWin\is-UK8OS.tmp
PDF document, version 1.7
dropped
C:\ElitechLogWin\is-VJMDN.tmp
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\itextsharp.dll (copy)
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\ElitechLogWin\itextsharp.xml (copy)
XML 1.0 document, ASCII text, with CRLF, LF line terminators
dropped
C:\ElitechLogWin\locales\de.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\en.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\es.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\fr.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-0U79H.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-15IDE.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-1CAND.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-7C05R.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-CBI41.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-D1H7D.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\is-FOICQ.tmp
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\pt.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\zh-TW.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\locales\zh.mo (copy)
GNU message catalog (little endian), revision 0.0, 658 messages, Project-Id-Version: ElitechLog
dropped
C:\ElitechLogWin\pt.pdf (copy)
PDF document, version 1.7
dropped
C:\ElitechLogWin\unins000.dat
InnoSetup Log ElitechLogWin V6.4.6 {43B523E1-27F6-432D-BAE3-1BAE1392BDCC}, version 0x418, 48815 bytes, 724536\37\user\376, C:\ElitechLogWin\376\377\377\007 \003
dropped
C:\ElitechLogWin\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\x64\SQLite.Interop.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\x64\is-P7DP7.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\ElitechLogWin\x86\SQLite.Interop.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\x86\is-4IMP3.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ElitechLogWin\zh-TW.pdf (copy)
PDF document, version 1.7
dropped
C:\ElitechLogWin\zh.pdf (copy)
PDF document, version 1.7
dropped
C:\Program Files\DIFX\4A7292F75FEBBD3C\CP210xVCPInstaller_x64.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElitechLogWin\ElitechLogWin.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Oct 8 14:44:48 2024, mtime=Tue Oct 8 14:44:48 2024, atime=Thu Oct 19 19:53:28 2023, length=2235904, window=hide
dropped
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElitechLogWin\Uninstall ElitechLogWin.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Oct 8 14:44:47 2024, mtime=Tue Oct 8 14:44:47 2024, atime=Tue Oct 8 14:44:33 2024, length=1202385, window=hide
dropped
C:\Users\Public\Desktop\ElitechLogWin.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Tue Oct 8 14:44:48 2024, mtime=Tue Oct 8 14:45:06 2024, atime=Thu Oct 19 19:53:28 2023, length=2235904, window=hide
dropped
C:\Users\Public\Documents\EDataLog\data.db3 (copy)
data
dropped
C:\Users\Public\Documents\EDataLog\is-KSFCK.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\is-PF8BI.tmp\ElitechLogWin V6.4.6.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\is-TN1V0.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\SETE36F.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\SETE380.tmp
Windows setup INFormation
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\slabvcp.cat (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\slabvcp.inf (copy)
Windows setup INFormation
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\x64\SETE224.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\x64\SETE2A2.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\x64\SETE2F1.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\x64\WdfCoinstaller01009.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\x64\silabenm.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\x64\silabser.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341PORTSA64.DLL (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341PT.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341PTA64.DLL (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341S64.SYS (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341SER.CAT (copy)
data
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341SER.INF (copy)
Windows setup INFormation
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\SETD13C.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\SETD14D.tmp
Windows setup INFormation
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\SETD15D.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\SETD17D.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\SETD19E.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\SETD1CE.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Windows\DPINST.LOG
Unicode text, UTF-16, little-endian text, with CRLF line terminators
modified
C:\Windows\INF\oem4.inf
Windows setup INFormation
dropped
C:\Windows\INF\oem5.inf
Windows setup INFormation
dropped
C:\Windows\INF\setupapi.dev.log
Generic INItialization configuration [BeginLog]
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\CH341PORTSA64.DLL (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\CH341PT.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\CH341PTA64.DLL (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\CH341S64.SYS (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\CH341SER.CAT (copy)
data
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\CH341SER.INF (copy)
Windows setup INFormation
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\SETD5FF.tmp
data
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\SETD62F.tmp
Windows setup INFormation
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\SETD66E.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\SETD6FC.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\SETD75A.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{4c235721-279b-e440-9ea0-d7fb75483a24}\SETD7AA.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\SETE7D4.tmp
data
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\SETE7E5.tmp
Windows setup INFormation
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\slabvcp.cat (copy)
data
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\slabvcp.inf (copy)
Windows setup INFormation
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\x64\SETE745.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\x64\SETE755.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\x64\SETE775.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\x64\WdfCoinstaller01009.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\x64\silabenm.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\DriverStore\Temp\{9dbe3dcc-aac2-3347-bacd-266adbab13bb}\x64\silabser.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\Drivers\CH341S98.SYS (copy)
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Windows\System32\Drivers\CH341SER.SYS (copy)
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDCE5.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDD06.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDD85.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDD95.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDE05.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDE25.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDED3.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETDF03.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETE2BE.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETE2DE.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETE37C.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETE38D.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\System32\SETE3CC.tmp
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\Windows\System32\SETE44B.tmp
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\Windows\System32\catroot2\dberr.txt
ASCII text, with CRLF line terminators
modified
C:\Windows\System32\drivers\SETDCC5.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\drivers\SETDD64.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\drivers\SETDDE4.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\drivers\SETDEB2.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\drivers\SETE2AD.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\drivers\SETE35C.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\System32\drivers\SETE40C.tmp
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Windows\System32\drivers\SETE49A.tmp
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Windows\Temp\OLDDD52.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDD72.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDD92.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDDD2.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDDF2.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDE12.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDE90.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDEC0.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDDEF0.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE29A.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE2AB.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE2CB.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE349.tmp
PE32 executable (native) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE36A.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE37A.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\OLDE437.tmp
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
C:\Windows\Temp\OLDE476.tmp
PE32 executable (DLL) (native) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Windows\system32\CH341PORTS.DLL (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\system32\CH341PT.DLL (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Windows\system32\CH341SER.VXD (copy)
MS-DOS executable, LE executable for MS Windows (VxD)
dropped
There are 525 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\ElitechLogWin\Drivers\CH341\DRVSETUP64\DRVSETUP64.exe
C:\ElitechLogWin\Drivers\CH341\DRVSETUP64\DRVSETUP64.EXE \s
 malicious
C:\Users\user\Desktop\ElitechLogWin V6.4.6.exe
"C:\Users\user\Desktop\ElitechLogWin V6.4.6.exe"
C:\Users\user\AppData\Local\Temp\is-PF8BI.tmp\ElitechLogWin V6.4.6.tmp
"C:\Users\user\AppData\Local\Temp\is-PF8BI.tmp\ElitechLogWin V6.4.6.tmp" /SL5="$20444,64977810,121344,C:\Users\user\Desktop\ElitechLogWin V6.4.6.exe"
C:\ElitechLogWin\Drivers\CH341\SETUP.EXE
"C:\ElitechLogWin\Drivers\CH341\SETUP.exe" /S
C:\Windows\System32\drvinst.exe
DrvInst.exe "4" "0" "C:\Users\user\AppData\Local\Temp\{94a1b697-dd28-de4e-a85e-00e6b0e0107b}\CH341SER.INF" "9" "4a0278e77" "000000000000015C" "WinSta0\Default" "0000000000000164" "208" "C:\ElitechLogWin\Drivers\CH341\WIN 1X"
C:\ElitechLogWin\Drivers\CP210x\CP210xVCPInstaller_x64.exe
"C:\ElitechLogWin\Drivers\CP210x\CP210xVCPInstaller_x64.exe" /S
C:\Windows\System32\drvinst.exe
DrvInst.exe "4" "8" "C:\Users\user\AppData\Local\Temp\{2f13b34c-0ba8-f847-b9c7-ad55e9c92521}\slabvcp.inf" "9" "43ef4524b" "0000000000000168" "WinSta0\Default" "0000000000000118" "208" "c:\elitechlogwin\drivers\cp210x"

URLs

Name
IP
Malicious
http://www.innosetup.com/
unknown
http://wch.cnEmail:
unknown
http://wch.cn
unknown
http://www.elitechlog.com/
unknown
http://www.elitechlog.com/softwares/
unknown
http://www.elitechlog.com/)
unknown
http://www.elitechlog.com/4http://www.elitechlog.com/Hhttp://www.elitechlog.com/softwares/
unknown
http://www.nlog-project.org/schemas/NLog.xsd
unknown
http://www.remobjects.com/ps
unknown
http://www.elitechlog.com/softwares/A
unknown
http://www.jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
unknown
There are 1 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
171.39.242.20.in-addr.arpa
unknown

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\{BA3BA252-6989-4856-AAD0-F762C42DC072}
DBPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\{BA3BA252-6989-4856-AAD0-F762C42DC072}
UpdateState
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall
ElitechLog_is1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ElitechLogWin_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: Selected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: Deselected Tasks
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Inno Setup: Language
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
DisplayIcon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
Publisher
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
URLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
HelpLink
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
URLUpdateInfo
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
MajorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
MinorVersion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
VersionMajor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
VersionMinor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43B523E1-27F6-432D-BAE3-1BAE1392BDCC}}_is1
EstimatedSize
HKEY_LOCAL_MACHINE\SYSTEM\Setup\SetupapiLogStatus
setupapi.dev.log
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\B97004A400E30DCF940971EFA7A0C13C6B0A4B66
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\B97004A400E30DCF940971EFA7A0C13C6B0A4B66
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\B97004A400E30DCF940971EFA7A0C13C6B0A4B66
DisplayIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\B97004A400E30DCF940971EFA7A0C13C6B0A4B66
DisplayVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\B97004A400E30DCF940971EFA7A0C13C6B0A4B66
Publisher
There are 30 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
5E8000
heap
page read and write
619000
heap
page read and write
C4F000
heap
page read and write
5F1000
heap
page read and write
5BF000
heap
page read and write
C54000
heap
page read and write
22FD000
direct allocation
page read and write
5A8000
heap
page read and write
1C92D21F000
heap
page read and write
1C028740000
heap
page read and write
67F000
heap
page read and write
1C92D232000
heap
page read and write
6EA757E000
stack
page read and write
3320000
direct allocation
page read and write
78F000
heap
page read and write
1C0287C2000
heap
page read and write
22D2000
direct allocation
page read and write
C1F000
heap
page read and write
605000
heap
page read and write
5D0000
heap
page read and write
1C0289D5000
heap
page read and write
5F3000
heap
page read and write
226D000
direct allocation
page read and write
1C0287C9000
heap
page read and write
C35000
heap
page read and write
1C92D229000
heap
page read and write
C39000
heap
page read and write
605000
heap
page read and write
C44000
heap
page read and write
C4F000
heap
page read and write
1C92D21B000
heap
page read and write
7C7000
stack
page read and write
5C3000
heap
page read and write
605000
heap
page read and write
61F000
heap
page read and write
C54000
heap
page read and write
1C92D25D000
heap
page read and write
1C92D232000
heap
page read and write
79F000
heap
page read and write
7A1000
heap
page read and write
C87000
heap
page read and write
5BB000
heap
page read and write
1C92D22F000
heap
page read and write
1C92D25D000
heap
page read and write
C21000
heap
page read and write
1C0287C8000
heap
page read and write
100C000
unkown
page read and write
574000
heap
page read and write
5BF000
heap
page read and write
5E8000
heap
page read and write
1C92D23D000
heap
page read and write
1C92D22F000
heap
page read and write
7AB000
heap
page read and write
2292000
direct allocation
page read and write
349A000
direct allocation
page read and write
1C0287EC000
heap
page read and write
1C92D226000
heap
page read and write
590000
heap
page read and write
2210000
direct allocation
page read and write
574000
heap
page read and write
1C92D21B000
heap
page read and write
1C92D24B000
heap
page read and write
5BC000
heap
page read and write
1C92D24B000
heap
page read and write
41C000
unkown
page readonly
1C92D224000
heap
page read and write
C16000
heap
page read and write
5D4000
heap
page read and write
5E1000
heap
page read and write
5A8000
heap
page read and write
1C92D212000
heap
page read and write
574000
heap
page read and write
1C0287A9000
heap
page read and write
574000
heap
page read and write
2306000
direct allocation
page read and write
1C92D205000
heap
page read and write
1C92D23F000
heap
page read and write
1C0287BB000
heap
page read and write
364F000
heap
page read and write
1C0287EC000
heap
page read and write
5B6000
heap
page read and write
1C92D070000
heap
page read and write
615000
heap
page read and write
C45000
heap
page read and write
C75000
heap
page read and write
7FF779908000
unkown
page readonly
C54000
heap
page read and write
2331000
direct allocation
page read and write
1C028833000
heap
page read and write
5A8000
heap
page read and write
5F1000
heap
page read and write
3190000
direct allocation
page read and write
5CA000
heap
page read and write
5D0000
heap
page read and write
3E50000
trusted library allocation
page read and write
5BF000
heap
page read and write
1C92D224000
heap
page read and write
1C0287E6000
heap
page read and write
598000
heap
page read and write
C84000
heap
page read and write
BBC000
heap
page read and write
5EA000
heap
page read and write
5EA000
heap
page read and write
574000
heap
page read and write
1C92D25D000
heap
page read and write
1C0287A9000
heap
page read and write
1C92D234000
heap
page read and write
1C92D23F000
heap
page read and write
5E7000
heap
page read and write
5E5000
heap
page read and write
1C92D22F000
heap
page read and write
1C92D23D000
heap
page read and write
3611000
heap
page read and write
574000
heap
page read and write
1C92D23D000
heap
page read and write
65F000
heap
page read and write
5E3000
heap
page read and write
1C92D253000
heap
page read and write
1C028797000
heap
page read and write
1C92D24F000
heap
page read and write
624000
heap
page read and write
5C6000
heap
page read and write
C63000
heap
page read and write
5EF000
heap
page read and write
2990000
trusted library allocation
page read and write
1C0287BB000
heap
page read and write
22BC000
direct allocation
page read and write
1C0287CF000
heap
page read and write
C54000
heap
page read and write
C3B000
heap
page read and write
1C92D234000
heap
page read and write
654000
heap
page read and write
3E50000
trusted library allocation
page read and write
5B1000
heap
page read and write
5C6000
heap
page read and write
1C0287CF000
heap
page read and write
5C0000
heap
page read and write
8ACBA7F000
stack
page read and write
1C92D24F000
heap
page read and write
66E000
heap
page read and write
5BF000
heap
page read and write
C98000
heap
page read and write
5C6000
heap
page read and write
1C92D241000
heap
page read and write
224B000
direct allocation
page read and write
66E000
heap
page read and write
2A10000
heap
page read and write
65F000
heap
page read and write
1C92D2BE000
heap
page read and write
61D000
heap
page read and write
C27000
heap
page read and write
666000
heap
page read and write
690000
trusted library allocation
page read and write
61D000
heap
page read and write
C26000
heap
page read and write
1C92D247000
heap
page read and write
C2D000
heap
page read and write
C83000
heap
page read and write
5C7000
heap
page read and write
C29000
heap
page read and write
1C92D234000
heap
page read and write
7A7000
heap
page read and write
2580000
heap
page read and write
1C92D247000
heap
page read and write
5C2000
heap
page read and write
775000
heap
page read and write
5D4000
heap
page read and write
5B1000
heap
page read and write
1C0287A5000
heap
page read and write
1C92D208000
heap
page read and write
662000
heap
page read and write
1F6E000
stack
page read and write
2C90000
trusted library allocation
page read and write
1C92D24B000
heap
page read and write
28C0000
heap
page read and write
C57000
heap
page read and write
C51000
heap
page read and write
C3F000
heap
page read and write
1C92D21C000
heap
page read and write
5CF000
heap
page read and write
1C92D247000
heap
page read and write
2235000
direct allocation
page read and write
690000
trusted library allocation
page read and write
C58000
heap
page read and write
1C0287CD000
heap
page read and write
C54000
heap
page read and write
C35000
heap
page read and write
5D0000
heap
page read and write
5CE000
heap
page read and write
5D0000
heap
page read and write
231C000
direct allocation
page read and write
574000
heap
page read and write
5BF000
heap
page read and write
2282000
direct allocation
page read and write
1C92D24B000
heap
page read and write
669000
heap
page read and write
605000
heap
page read and write
5A8000
heap
page read and write
2233000
direct allocation
page read and write
C44000
heap
page read and write
8ACB725000
stack
page read and write
839000
heap
page read and write
1C92D244000
heap
page read and write
79F000
heap
page read and write
5CF000
heap
page read and write
5F4000
heap
page read and write
1C92D22C000
heap
page read and write
47E000
stack
page read and write
5CE000
heap
page read and write
7FF779908000
unkown
page readonly
5A8000
heap
page read and write
1C92D2C5000
heap
page read and write
417000
unkown
page read and write
C75000
heap
page read and write
5F8000
heap
page read and write
1C92D2BE000
heap
page read and write
3E50000
trusted library allocation
page read and write
1C0287BC000
heap
page read and write
5B1000
heap
page read and write
5F8000
heap
page read and write
430000
heap
page read and write
70F000
stack
page read and write
5C8000
heap
page read and write
19C000
stack
page read and write
1C92D22C000
heap
page read and write
2214000
direct allocation
page read and write
C40000
heap
page read and write
1C92D22C000
heap
page read and write
520000
heap
page read and write
348E000
direct allocation
page read and write
5BC000
heap
page read and write
1C92D247000
heap
page read and write
1000000
unkown
page readonly
831000
heap
page read and write
C51000
heap
page read and write
30B5000
heap
page read and write
77B000
heap
page read and write
1C92D213000
heap
page read and write
5B1000
heap
page read and write
5E8000
heap
page read and write
5D0000
heap
page read and write
5F9000
heap
page read and write
61D000
heap
page read and write
5B1000
heap
page read and write
5C0000
heap
page read and write
5C0000
heap
page read and write
5C7000
heap
page read and write
5F1000
heap
page read and write
C5B000
heap
page read and write
1C92D223000
heap
page read and write
1C0287F7000
heap
page read and write
1C92D22F000
heap
page read and write
412000
unkown
page write copy
666000
heap
page read and write
22E1000
direct allocation
page read and write
C3D000
heap
page read and write
61D000
heap
page read and write
574000
heap
page read and write
2596000
direct allocation
page read and write
5C8000
heap
page read and write
5C6000
heap
page read and write
1C92D229000
heap
page read and write
78B000
heap
page read and write
5BF000
heap
page read and write
1C92D230000
heap
page read and write
3652000
heap
page read and write
C3F000
heap
page read and write
65D000
heap
page read and write
5B1000
heap
page read and write
5D0000
heap
page read and write
5D9000
heap
page read and write
C35000
heap
page read and write
1C028843000
heap
page read and write
7A5000
heap
page read and write
5D1000
heap
page read and write
C35000
heap
page read and write
1C92D234000
heap
page read and write
614000
heap
page read and write
5C0000
heap
page read and write
1C92D250000
heap
page read and write
5E8000
heap
page read and write
1C028833000
heap
page read and write
1C0287B8000
heap
page read and write
1C92D26A000
heap
page read and write
5CF000
heap
page read and write
C69000
heap
page read and write
662000
heap
page read and write
C83000
heap
page read and write
1C92D2BE000
heap
page read and write
C35000
heap
page read and write
C54000
heap
page read and write
2C92000
trusted library allocation
page read and write
C63000
heap
page read and write
5CB000
heap
page read and write
3091000
heap
page read and write
1C028809000
heap
page read and write
3469000
direct allocation
page read and write
5E8000
heap
page read and write
60B000
heap
page read and write
1C92D241000
heap
page read and write
1C92D22F000
heap
page read and write
646000
heap
page read and write
C7000
stack
page read and write
574000
heap
page read and write
1C92D23F000
heap
page read and write
5CA000
heap
page read and write
6EA747E000
stack
page read and write
6EA7165000
stack
page read and write
1C92D23D000
heap
page read and write
5A8000
heap
page read and write
5EC000
heap
page read and write
68E000
stack
page read and write
5B6000
heap
page read and write
662000
heap
page read and write
C21000
heap
page read and write
5B1000
heap
page read and write
C1E000
heap
page read and write
19C000
stack
page read and write
624000
heap
page read and write
5C3000
heap
page read and write
C12000
heap
page read and write
C57000
heap
page read and write
5D0000
heap
page read and write
3611000
heap
page read and write
A4F000
stack
page read and write
5C9000
heap
page read and write
624000
heap
page read and write
1C92D25D000
heap
page read and write
1C92D23D000
heap
page read and write
67D000
heap
page read and write
C37000
heap
page read and write
5CB000
heap
page read and write
1C0287BB000
heap
page read and write
1C0287BB000
heap
page read and write
1C92D21D000
heap
page read and write
2209000
direct allocation
page read and write
1C0287BB000
heap
page read and write
1C92D230000
heap
page read and write
690000
trusted library allocation
page read and write
1C92D22F000
heap
page read and write
5D0000
heap
page read and write
C75000
heap
page read and write
C97000
heap
page read and write
5E8000
heap
page read and write
1C92D241000
heap
page read and write
1C92D22F000
heap
page read and write
60E000
heap
page read and write
5E1000
heap
page read and write
C40000
heap
page read and write
C54000
heap
page read and write
1C92D213000
heap
page read and write
1C92D206000
heap
page read and write
8ACB7AE000
stack
page read and write
410000
unkown
page read and write
5C0000
heap
page read and write
67D000
heap
page read and write
3652000
heap
page read and write
C63000
heap
page read and write
31A0000
direct allocation
page read and write
5BC000
heap
page read and write
226F000
direct allocation
page read and write
340F000
stack
page read and write
1C0287C4000
heap
page read and write
5D8000
heap
page read and write
5B5000
heap
page read and write
1C92D284000
heap
page read and write
653000
heap
page read and write
51E000
stack
page read and write
C1B000
heap
page read and write
1C92D234000
heap
page read and write
5B1000
heap
page read and write
626000
heap
page read and write
22F0000
direct allocation
page read and write
C51000
heap
page read and write
5C5000
heap
page read and write
C3C000
heap
page read and write
C2D000
heap
page read and write
1C028660000
heap
page read and write
38CF000
stack
page read and write
2C98000
trusted library allocation
page read and write
1C0287DB000
heap
page read and write
1C028790000
heap
page read and write
22E9000
direct allocation
page read and write
C6F000
heap
page read and write
1C92D224000
heap
page read and write
1C0287DB000
heap
page read and write
530000
heap
page read and write
2550000
heap
page read and write
1C92D2BD000
heap
page read and write
5D1000
heap
page read and write
1C92D234000
heap
page read and write
C54000
heap
page read and write
1C92D260000
heap
page read and write
29E0000
heap
page read and write
C69000
heap
page read and write
401000
unkown
page execute read
C44000
heap
page read and write
5F1000
heap
page read and write
1C92D25D000
heap
page read and write
647000
heap
page read and write
1C0287B4000
heap
page read and write
2560000
trusted library allocation
page read and write
1C0287EA000
heap
page read and write
76E000
heap
page read and write
1C92D24F000
heap
page read and write
5F3000
heap
page read and write
1C92D224000
heap
page read and write
C5F000
heap
page read and write
2328000
direct allocation
page read and write
3098000
heap
page read and write
669000
heap
page read and write
21A0000
heap
page read and write
1C0287DB000
heap
page read and write
1C028817000
heap
page read and write
7A9000
heap
page read and write
4F0000
heap
page read and write
C2D000
heap
page read and write
799000
heap
page read and write
1C92D20A000
heap
page read and write
1C92D222000
heap
page read and write
C49000
heap
page read and write
BEC000
heap
page read and write
605000
heap
page read and write
5F20000
direct allocation
page read and write
625000
heap
page read and write
1C92D213000
heap
page read and write
1C0287BB000
heap
page read and write
5D0000
heap
page read and write
5D9000
heap
page read and write
3611000
heap
page read and write
1C92D24B000
heap
page read and write
1C92D284000
heap
page read and write
5CE000
heap
page read and write
BB6000
heap
page read and write
7FF7798F1000
unkown
page write copy
5E1000
heap
page read and write
3E50000
trusted library allocation
page read and write
1C92D21B000
heap
page read and write
C29000
heap
page read and write
2227000
direct allocation
page read and write
5F3000
heap
page read and write
5B1000
heap
page read and write
1C0287C4000
heap
page read and write
24F3000
heap
page read and write
1C92D24B000
heap
page read and write
5CE000
heap
page read and write
5F8000
heap
page read and write
C49000
heap
page read and write
424000
unkown
page readonly
1C92D24F000
heap
page read and write
C43000
heap
page read and write
5A8000
heap
page read and write
605000
heap
page read and write
1C92D224000
heap
page read and write
2260000
direct allocation
page read and write
5CB000
heap
page read and write
C41000
heap
page read and write
5D8000
heap
page read and write
1C92D25D000
heap
page read and write
18C000
stack
page read and write
5C3000
heap
page read and write
67D000
heap
page read and write
63C000
heap
page read and write
1C92D2B9000
heap
page read and write
1C0287E8000
heap
page read and write
1C0287CD000
heap
page read and write
605000
heap
page read and write
1C0287C4000
heap
page read and write
D2F000
stack
page read and write
8ACBB7E000
stack
page read and write
7C1000
heap
page read and write
9C000
stack
page read and write
35D1000
heap
page read and write
2274000
direct allocation
page read and write
5C6000
heap
page read and write
232A000
direct allocation
page read and write
5F8000
heap
page read and write
1C92D23D000
heap
page read and write
50A000
unkown
page read and write
21A4000
heap
page read and write
C5A000
heap
page read and write
30C2000
heap
page read and write
623000
heap
page read and write
1C0287DB000
heap
page read and write
1C92D208000
heap
page read and write
648000
heap
page read and write
525000
heap
page read and write
61D000
heap
page read and write
C57000
heap
page read and write
5E1000
heap
page read and write
1C92D241000
heap
page read and write
5C8000
heap
page read and write
22CD000
direct allocation
page read and write
1C92D244000
heap
page read and write
2C99000
trusted library allocation
page read and write
1C92D234000
heap
page read and write
5EF000
heap
page read and write
1C92D25D000
heap
page read and write
5E1000
heap
page read and write
1C92D24F000
heap
page read and write
C88000
heap
page read and write
1C0287B8000
heap
page read and write
1C92D243000
heap
page read and write
1C92D24F000
heap
page read and write
5F1000
heap
page read and write
1C028843000
heap
page read and write
614000
heap
page read and write
7C0000
heap
page read and write
C54000
heap
page read and write
5C9000
heap
page read and write
605000
heap
page read and write
5CC000
heap
page read and write
24F0000
heap
page read and write
2C9A000
trusted library allocation
page read and write
C54000
heap
page read and write
5D0000
heap
page read and write
2241000
direct allocation
page read and write
5BF000
heap
page read and write
BEA000
heap
page read and write
3090000
heap
page read and write
1C92D2BD000
heap
page read and write
1C0287C0000
heap
page read and write
1C0287D0000
heap
page read and write
2250000
direct allocation
page read and write
1C92D23D000
heap
page read and write
347A000
direct allocation
page read and write
5BF000
heap
page read and write
1C0287AB000
heap
page read and write
1C92D23D000
heap
page read and write
1C92D247000
heap
page read and write
1C92D25D000
heap
page read and write
5BB000
heap
page read and write
5C4000
heap
page read and write
847000
heap
page read and write
1C92D244000
heap
page read and write
1C92D284000
heap
page read and write
5CE000
heap
page read and write
5A8000
heap
page read and write
C20000
heap
page read and write
C61000
heap
page read and write
5E1000
heap
page read and write
C26000
heap
page read and write
1C92D241000
heap
page read and write
1001000
unkown
page execute read
5BC000
heap
page read and write
63C000
heap
page read and write
222C000
direct allocation
page read and write
1C92D2BD000
heap
page read and write
C88000
heap
page read and write
79A000
heap
page read and write
3473000
direct allocation
page read and write
60B000
heap
page read and write
401000
unkown
page execute read
1C92D247000
heap
page read and write
1C92D21F000
heap
page read and write
7FF7798F3000
unkown
page readonly
5C0000
heap
page read and write
C16000
heap
page read and write
7FF779870000
unkown
page readonly
1C92D25D000
heap
page read and write
619000
heap
page read and write
1C92D22F000
heap
page read and write
5E8000
heap
page read and write
5EF000
heap
page read and write
C44000
heap
page read and write
22A0000
direct allocation
page read and write
C3C000
heap
page read and write
26F0000
heap
page read and write
400000
unkown
page readonly
6EA71EF000
stack
page read and write
5C5000
heap
page read and write
5C3000
heap
page read and write
3190000
direct allocation
page read and write
5E7000
heap
page read and write
1C92D222000
heap
page read and write
1C0287B6000
heap
page read and write
5F9000
heap
page read and write
614000
heap
page read and write
1C92D231000
heap
page read and write
66E000
heap
page read and write
2C9F000
trusted library allocation
page read and write
658000
heap
page read and write
5D4000
heap
page read and write
1C92D22F000
heap
page read and write
662000
heap
page read and write
231A000
direct allocation
page read and write
C83000
heap
page read and write
5BF000
heap
page read and write
C61000
heap
page read and write
5F8000
heap
page read and write
1C028814000
heap
page read and write
1C0287BF000
heap
page read and write
B70000
heap
page read and write
60E000
heap
page read and write
C18000
heap
page read and write
5F3000
heap
page read and write
2289000
direct allocation
page read and write
5CE000
heap
page read and write
1C92D23F000
heap
page read and write
C51000
heap
page read and write
574000
heap
page read and write
5B1000
heap
page read and write
5E1000
heap
page read and write
C54000
heap
page read and write
5BF000
heap
page read and write
1C92D24B000
heap
page read and write
C1F000
heap
page read and write
47E000
stack
page read and write
624000
heap
page read and write
C36000
heap
page read and write
5D0000
heap
page read and write
647000
heap
page read and write
1C0287CA000
heap
page read and write
5D0000
heap
page read and write
1C92D23D000
heap
page read and write
411000
unkown
page write copy
5D5000
heap
page read and write
1C92D23D000
heap
page read and write
C45000
heap
page read and write
348C000
direct allocation
page read and write
BA0000
trusted library allocation
page read and write
5F1000
heap
page read and write
1C0287A7000
heap
page read and write
C34000
heap
page read and write
605000
heap
page read and write
93000
stack
page read and write
1C92D241000
heap
page read and write
5F1000
heap
page read and write
401000
unkown
page execute read
1C02884A000
heap
page read and write
5CA000
heap
page read and write
500000
unkown
page execute read
1C92D24B000
heap
page read and write
60B000
heap
page read and write
C4F000
heap
page read and write
574000
heap
page read and write
31A0000
direct allocation
page read and write
3330000
heap
page read and write
3652000
heap
page read and write
C49000
heap
page read and write
2920000
heap
page read and write
60E000
heap
page read and write
20A0000
heap
page read and write
574000
heap
page read and write
C83000
heap
page read and write
1C92D25D000
heap
page read and write
5C0000
heap
page read and write
364F000
heap
page read and write
C83000
heap
page read and write
574000
heap
page read and write
1C92D24F000
heap
page read and write
5BC000
heap
page read and write
1C028849000
heap
page read and write
5D0000
heap
page read and write
5D8000
heap
page read and write
5CA000
heap
page read and write
5A8000
heap
page read and write
1C92D223000
heap
page read and write
646000
heap
page read and write
1C92D201000
heap
page read and write
1C0287CA000
heap
page read and write
1C0287D0000
heap
page read and write
1C0287DB000
heap
page read and write
624000
heap
page read and write
5E8000
heap
page read and write
5E1000
heap
page read and write
5A8000
heap
page read and write
574000
heap
page read and write
513000
unkown
page readonly
1C92D24B000
heap
page read and write
C49000
heap
page read and write
5AF0000
heap
page read and write
5C8000
heap
page read and write
1C92D23D000
heap
page read and write
619000
heap
page read and write
831000
heap
page read and write
C63000
heap
page read and write
1C92D23D000
heap
page read and write
1C92D1FB000
heap
page read and write
1C0287CD000
heap
page read and write
60B000
heap
page read and write
1C0287A1000
heap
page read and write
2C95000
trusted library allocation
page read and write
1C92D2A4000
heap
page read and write
800000
heap
page read and write
C54000
heap
page read and write
1C92D22A000
heap
page read and write
5BC000
heap
page read and write
5A8000
heap
page read and write
34AF000
direct allocation
page read and write
1C0287CF000
heap
page read and write
5C8000
heap
page read and write
780000
heap
page read and write
5E9000
heap
page read and write
2375000
heap
page read and write
2C9D000
trusted library allocation
page read and write
348A000
direct allocation
page read and write
1C92D25D000
heap
page read and write
5EA000
heap
page read and write
1C92D224000
heap
page read and write
2C9B000
trusted library allocation
page read and write
5A8000
heap
page read and write
5F1000
heap
page read and write
22A2000
direct allocation
page read and write
5D0000
heap
page read and write
C3B000
heap
page read and write
7FF779871000
unkown
page execute read
666000
heap
page read and write
61F000
heap
page read and write
5CB000
heap
page read and write
222E000
direct allocation
page read and write
309A000
heap
page read and write
647000
heap
page read and write
5CB000
heap
page read and write
C54000
heap
page read and write
5C0000
heap
page read and write
5D7000
heap
page read and write
5DE000
heap
page read and write
623000
heap
page read and write
1C92D244000
heap
page read and write
1C0287E8000
heap
page read and write
5F8000
heap
page read and write
1C0287CF000
heap
page read and write
1C92D22F000
heap
page read and write
C54000
heap
page read and write
626000
heap
page read and write
61D000
heap
page read and write
1C92D241000
heap
page read and write
229A000
direct allocation
page read and write
1C92D244000
heap
page read and write
1C028849000
heap
page read and write
C83000
heap
page read and write
1C92D150000
heap
page read and write
39CF000
stack
page read and write
3450000
direct allocation
page read and write
51F000
unkown
page readonly
5F3000
heap
page read and write
1C0287F5000
heap
page read and write
5B0000
heap
page read and write
C75000
heap
page read and write
65C000
heap
page read and write
574000
heap
page read and write
1C92D224000
heap
page read and write
223C000
direct allocation
page read and write
5CB000
heap
page read and write
1C92D234000
heap
page read and write
1C0287CD000
heap
page read and write
5E6000
heap
page read and write
5EC000
heap
page read and write
1C0287C2000
heap
page read and write
65F000
heap
page read and write
C26000
heap
page read and write
401000
unkown
page execute read
F5F000
stack
page read and write
1C92D1F0000
heap
page read and write
1C92D23D000
heap
page read and write
36D1000
heap
page read and write
353E000
stack
page read and write
30C4000
heap
page read and write
2900000
heap
page read and write
1C0287F1000
heap
page read and write
1C0287DC000
heap
page read and write
5E8000
heap
page read and write
1C92D23D000
heap
page read and write
C31000
heap
page read and write
60F000
heap
page read and write
C89000
heap
page read and write
5A8000
heap
page read and write
C75000
heap
page read and write
1C92D3D5000
heap
page read and write
51A000
unkown
page readonly
5C0000
heap
page read and write
1C0287CB000
heap
page read and write
1C92D21F000
heap
page read and write
5CA000
heap
page read and write
5C8000
heap
page read and write
1C92D2A1000
heap
page read and write
65C000
heap
page read and write
1C028813000
heap
page read and write
1012000
unkown
page readonly
1C0287DB000
heap
page read and write
605000
heap
page read and write
35D0000
heap
page read and write
206F000
stack
page read and write
1C92D244000
heap
page read and write
34BF000
direct allocation
page read and write
1C92D20A000
heap
page read and write
1C92D244000
heap
page read and write
419000
unkown
page write copy
5B1000
heap
page read and write
1000000
unkown
page readonly
C55000
heap
page read and write
5F4000
heap
page read and write
C84000
heap
page read and write
1C92D22F000
heap
page read and write
7FD20000
direct allocation
page read and write
506000
unkown
page read and write
1C92D2B9000
heap
page read and write
1C92D2A4000
heap
page read and write
C4F000
heap
page read and write
65F000
heap
page read and write
1C92D20A000
heap
page read and write
690000
trusted library allocation
page read and write
1C028809000
heap
page read and write
5B1000
heap
page read and write
1C92D2AE000
heap
page read and write
C54000
heap
page read and write
1C028849000
heap
page read and write
5BF000
heap
page read and write
600000
heap
page read and write
1C92D250000
heap
page read and write
7B0000
heap
page read and write
1C0287DB000
heap
page read and write
67D000
heap
page read and write
7F2000
heap
page read and write
2252000
direct allocation
page read and write
1C92D23F000
heap
page read and write
1C0287CD000
heap
page read and write
5F1000
heap
page read and write
1C92D23F000
heap
page read and write
1C0287CB000
heap
page read and write
2A09000
heap
page read and write
C24000
heap
page read and write
574000
heap
page read and write
5BF000
heap
page read and write
1001000
unkown
page execute read
1C028812000
heap
page read and write
1C0287BB000
heap
page read and write
574000
heap
page read and write
605000
heap
page read and write
540000
heap
page read and write
647000
heap
page read and write
5A8000
heap
page read and write
1C02884D000
heap
page read and write
1C92D21B000
heap
page read and write
1C92D23F000
heap
page read and write
C35000
heap
page read and write
1C92D248000
heap
page read and write
C57000
heap
page read and write
1C92D247000
heap
page read and write
61F000
heap
page read and write
1C92D22F000
heap
page read and write
1C92D21F000
heap
page read and write
94E000
stack
page read and write
1C0287FB000
heap
page read and write
22A8000
direct allocation
page read and write
1C92D24B000
heap
page read and write
1C92D20A000
heap
page read and write
21F3000
direct allocation
page read and write
1C92D248000
heap
page read and write
5F8000
heap
page read and write
1C92D2B9000
heap
page read and write
605000
heap
page read and write
1C92D247000
heap
page read and write
5B1000
heap
page read and write
400000
unkown
page readonly
C75000
heap
page read and write
22AF000
direct allocation
page read and write
5BC000
heap
page read and write
1C028809000
heap
page read and write
1C0287BC000
heap
page read and write
2268000
direct allocation
page read and write
5C1000
heap
page read and write
1C0287CB000
heap
page read and write
C18000
heap
page read and write
1C0287F7000
heap
page read and write
1C92D22F000
heap
page read and write
364F000
heap
page read and write
60B000
heap
page read and write
5F4000
heap
page read and write
60E000
heap
page read and write
3693000
heap
page read and write
C44000
heap
page read and write
574000
heap
page read and write
5E8000
heap
page read and write
C35000
heap
page read and write
79F000
heap
page read and write
1C92D227000
heap
page read and write
7FE2E000
direct allocation
page read and write
221E000
direct allocation
page read and write
BDE000
heap
page read and write
5CC000
heap
page read and write
624000
heap
page read and write
21B0000
direct allocation
page read and write
5D7000
heap
page read and write
1C0287DB000
heap
page read and write
227B000
direct allocation
page read and write
5C4000
heap
page read and write
1C92D284000
heap
page read and write
605000
heap
page read and write
5C6000
heap
page read and write
BDB000
heap
page read and write
6F0000
heap
page read and write
60E000
heap
page read and write
1C0287C4000
heap
page read and write
C5E000
heap
page read and write
5D6000
heap
page read and write
C45000
heap
page read and write
652000
heap
page read and write
22CB000
direct allocation
page read and write
574000
heap
page read and write
2313000
direct allocation
page read and write
5F1000
heap
page read and write
5CB000
heap
page read and write
1C0287FB000
heap
page read and write
5F1000
heap
page read and write
41A000
unkown
page readonly
1C92D227000
heap
page read and write
1C92D25D000
heap
page read and write
1C92D25D000
heap
page read and write
623000
heap
page read and write
5C2000
heap
page read and write
EF0000
heap
page read and write
1C0287CB000
heap
page read and write
C40000
heap
page read and write
1C92D25D000
heap
page read and write
1C92D24F000
heap
page read and write
1C0287BF000
heap
page read and write
5E0000
heap
page read and write
1C0289D0000
heap
page read and write
1C92D23D000
heap
page read and write
666000
heap
page read and write
C2E000
heap
page read and write
B6E000
stack
page read and write
C2D000
heap
page read and write
1C92D250000
heap
page read and write
1C92D22C000
heap
page read and write
C43000
heap
page read and write
2257000
direct allocation
page read and write
C3C000
heap
page read and write
5C5000
heap
page read and write
6EA74FE000
stack
page read and write
34CF000
direct allocation
page read and write
623000
heap
page read and write
1C028849000
heap
page read and write
5EA000
heap
page read and write
669000
heap
page read and write
C84000
heap
page read and write
750000
heap
page read and write
1C0287DB000
heap
page read and write
B90000
heap
page read and write
614000
heap
page read and write
338F000
stack
page read and write
2520000
heap
page read and write
1C92D2A5000
heap
page read and write
669000
heap
page read and write
9B000
stack
page read and write
1C92D23F000
heap
page read and write
1C92D22F000
heap
page read and write
5D0000
heap
page read and write
1C92D22C000
heap
page read and write
1C0287DB000
heap
page read and write
1C0287CB000
heap
page read and write
1C92D23D000
heap
page read and write
1C92D23D000
heap
page read and write
5D0000
heap
page read and write
2259000
direct allocation
page read and write
1C0287BF000
heap
page read and write
29B0000
heap
page read and write
647000
heap
page read and write
5CF000
heap
page read and write
5F3000
heap
page read and write
1C0287F7000
heap
page read and write
66E000
heap
page read and write
574000
heap
page read and write
5BC000
heap
page read and write
1C92D24B000
heap
page read and write
1C028829000
heap
page read and write
480000
heap
page read and write
758000
heap
page read and write
1C92D3D0000
heap
page read and write
1C028843000
heap
page read and write
1C0287F5000
heap
page read and write
36D1000
heap
page read and write
3611000
heap
page read and write
C45000
heap
page read and write
5EA000
heap
page read and write
1012000
unkown
page readonly
781000
heap
page read and write
710000
heap
page read and write
574000
heap
page read and write
5F1000
heap
page read and write
C51000
heap
page read and write
619000
heap
page read and write
C6F000
heap
page read and write
63C000
heap
page read and write
1C028831000
heap
page read and write
5D0000
heap
page read and write
1C92D247000
heap
page read and write
C83000
heap
page read and write
624000
heap
page read and write
5D0000
heap
page read and write
6720000
heap
page read and write
1C92D22F000
heap
page read and write
5D0000
heap
page read and write
1C92D21B000
heap
page read and write
1C0287CB000
heap
page read and write
77E000
heap
page read and write
79E000
heap
page read and write
2C97000
trusted library allocation
page read and write
1C0287DB000
heap
page read and write
5BC000
heap
page read and write
C61000
heap
page read and write
C45000
heap
page read and write
1C92D213000
heap
page read and write
5C6000
heap
page read and write
5EB000
heap
page read and write
1C92D21F000
heap
page read and write
412000
unkown
page read and write
1C0287CD000
heap
page read and write
1C92D244000
heap
page read and write
1C0287CD000
heap
page read and write
C4F000
heap
page read and write
7FF779870000
unkown
page readonly
1C92D248000
heap
page read and write
C12000
heap
page read and write
C69000
heap
page read and write
1C0287DC000
heap
page read and write
1C92D247000
heap
page read and write
1C92D22F000
heap
page read and write
1C0287DB000
heap
page read and write
2B40000
heap
page read and write
5F8000
heap
page read and write
1C92D234000
heap
page read and write
63C000
heap
page read and write
50A000
heap
page read and write
4C0000
heap
page read and write
1C92D23D000
heap
page read and write
230D000
direct allocation
page read and write
1C92D234000
heap
page read and write
5D0000
heap
page read and write
BEA000
heap
page read and write
2299000
direct allocation
page read and write
C29000
heap
page read and write
C9D000
heap
page read and write
619000
heap
page read and write
364F000
heap
page read and write
1C92D204000
heap
page read and write
1C92D234000
heap
page read and write
5C2000
heap
page read and write
1C0287B6000
heap
page read and write
666000
heap
page read and write
614000
heap
page read and write
60E000
heap
page read and write
418000
unkown
page read and write
5E8000
heap
page read and write
574000
heap
page read and write
1C92D25D000
heap
page read and write
605000
heap
page read and write
2C91000
trusted library allocation
page read and write
1C92D2BD000
heap
page read and write
5C7000
heap
page read and write
2249000
direct allocation
page read and write
60E000
heap
page read and write
574000
heap
page read and write
1C92D227000
heap
page read and write
5CE000
heap
page read and write
C51000
heap
page read and write
5C5000
heap
page read and write
1C92D21B000
heap
page read and write
5E3000
heap
page read and write
C83000
heap
page read and write
3430000
direct allocation
page read and write
1C028843000
heap
page read and write
223A000
direct allocation
page read and write
C3E000
heap
page read and write
100A000
unkown
page read and write
76F000
stack
page read and write
1C0287CB000
heap
page read and write
5F8000
heap
page read and write
26F2000
heap
page read and write
5E0000
heap
page read and write
1C92D244000
heap
page read and write
5BC000
heap
page read and write
5B1000
heap
page read and write
5CF000
heap
page read and write
65F000
heap
page read and write
5BF000
heap
page read and write
5C3000
heap
page read and write
2379000
heap
page read and write
6F3000
heap
page read and write
5D8000
heap
page read and write
400000
unkown
page readonly
5CE000
heap
page read and write
5BB000
heap
page read and write
647000
heap
page read and write
1C92D24F000
heap
page read and write
1C92D24F000
heap
page read and write
3693000
heap
page read and write
67D000
heap
page read and write
5B1000
heap
page read and write
C44000
heap
page read and write
65E000
heap
page read and write
5CF000
heap
page read and write
C75000
heap
page read and write
1C92D23D000
heap
page read and write
624000
heap
page read and write
5C1000
heap
page read and write
5B1000
heap
page read and write
5B1000
heap
page read and write
1C0287CB000
heap
page read and write
1C92D20F000
heap
page read and write
7F2000
heap
page read and write
BA0000
trusted library allocation
page read and write
662000
heap
page read and write
61F000
heap
page read and write
653000
heap
page read and write
5F1000
heap
page read and write
1C92D25D000
heap
page read and write
1C92D24B000
heap
page read and write
1C92D23D000
heap
page read and write
1C028836000
heap
page read and write
5F9000
heap
page read and write
320F000
stack
page read and write
1C92D227000
heap
page read and write
5CD000
heap
page read and write
C69000
heap
page read and write
1C0287B4000
heap
page read and write
67E000
heap
page read and write
690000
trusted library allocation
page read and write
1C0287CD000
heap
page read and write
779000
heap
page read and write
570000
heap
page read and write
C3C000
heap
page read and write
1C92D25D000
heap
page read and write
574000
heap
page read and write
502000
unkown
page write copy
1C92D229000
heap
page read and write
1C92D241000
heap
page read and write
5E8000
heap
page read and write
5C0000
heap
page read and write
5F3000
heap
page read and write
2202000
direct allocation
page read and write
5EC000
heap
page read and write
1C92D2B9000
heap
page read and write
2480000
direct allocation
page read and write
110000
heap
page read and write
574000
heap
page read and write
5E8000
heap
page read and write
C4F000
heap
page read and write
7AB000
heap
page read and write
40F000
unkown
page write copy
1C92D24F000
heap
page read and write
7FF7798F1000
unkown
page read and write
1C92D241000
heap
page read and write
5C0000
heap
page read and write
3210000
heap
page read and write
5C8000
heap
page read and write
63C000
heap
page read and write
1C0287B4000
heap
page read and write
1C92D22F000
heap
page read and write
63C000
heap
page read and write
5CB000
heap
page read and write
1C92D20A000
heap
page read and write
21F0000
direct allocation
page read and write
2C94000
trusted library allocation
page read and write
5EA000
heap
page read and write
1C92D247000
heap
page read and write
63C000
heap
page read and write
1C028760000
heap
page read and write
2C9E000
trusted library allocation
page read and write
1C92D247000
heap
page read and write
1C92D224000
heap
page read and write
C26000
heap
page read and write
1C0287CF000
heap
page read and write
2480000
direct allocation
page read and write
40F000
unkown
page write copy
65C000
heap
page read and write
1C92D25D000
heap
page read and write
5C7000
heap
page read and write
BB0000
heap
page read and write
22D9000
direct allocation
page read and write
605000
heap
page read and write
1C0287C2000
heap
page read and write
5E6000
heap
page read and write
1C0287CD000
heap
page read and write
22EF000
direct allocation
page read and write
1C92D229000
heap
page read and write
615000
heap
page read and write
C69000
heap
page read and write
A50000
heap
page read and write
2304000
direct allocation
page read and write
5CC000
heap
page read and write
C84000
heap
page read and write
1C0287FD000
heap
page read and write
5C6000
heap
page read and write
5BF000
heap
page read and write
66E000
stack
page read and write
5BC000
heap
page read and write
2C96000
trusted library allocation
page read and write
5BF000
heap
page read and write
1C0287D1000
heap
page read and write
1C0287DB000
heap
page read and write
610000
heap
page read and write
5C8000
heap
page read and write
835000
heap
page read and write
1C92D22F000
heap
page read and write
C51000
heap
page read and write
225E000
direct allocation
page read and write
787000
heap
page read and write
1C92D234000
heap
page read and write
C2F000
heap
page read and write
1C92D24B000
heap
page read and write
1C92D23F000
heap
page read and write
1C92D234000
heap
page read and write
1C92D29A000
heap
page read and write
574000
heap
page read and write
5B1000
heap
page read and write
5BC000
heap
page read and write
1C92D2B9000
heap
page read and write
5CF000
heap
page read and write
5F3000
heap
page read and write
C3D000
heap
page read and write
1C92D2BE000
heap
page read and write
720000
direct allocation
page execute and read and write
63C000
heap
page read and write
C2F000
heap
page read and write
647000
heap
page read and write
1C92D224000
heap
page read and write
5E1000
heap
page read and write
5A8000
heap
page read and write
5B1000
heap
page read and write
7F2000
heap
page read and write
C1B000
heap
page read and write
C4F000
heap
page read and write
3091000
heap
page read and write
C69000
heap
page read and write
1C92D220000
heap
page read and write
5C7000
heap
page read and write
1C0287DB000
heap
page read and write
40D000
unkown
page readonly
5BF000
heap
page read and write
C1E000
heap
page read and write
1C028817000
heap
page read and write
574000
heap
page read and write
1C92D21B000
heap
page read and write
1C92D22F000
heap
page read and write
7FE32000
direct allocation
page read and write
5F4000
heap
page read and write
5BF000
heap
page read and write
50D000
unkown
page read and write
2592000
direct allocation
page read and write
3611000
heap
page read and write
338E000
stack
page read and write
647000
heap
page read and write
1C92D23D000
heap
page read and write
EF5000
heap
page read and write
5BC000
heap
page read and write
C6F000
heap
page read and write
60B000
heap
page read and write
364F000
heap
page read and write
50D000
unkown
page write copy
500000
heap
page read and write
C12000
heap
page read and write
3611000
heap
page read and write
2217000
direct allocation
page read and write
2C93000
trusted library allocation
page read and write
C92000
heap
page read and write
5D4000
heap
page read and write
41A000
unkown
page readonly
1C0287DB000
heap
page read and write
88F000
stack
page read and write
5F8000
heap
page read and write
1C0287CF000
heap
page read and write
C62000
heap
page read and write
BEC000
heap
page read and write
574000
heap
page read and write
574000
heap
page read and write
1C92D248000
heap
page read and write
C36000
heap
page read and write
791000
heap
page read and write
1C028812000
heap
page read and write
1C0287CF000
heap
page read and write
1C92D250000
heap
page read and write
5F3000
heap
page read and write
C4F000
heap
page read and write
1C92D244000
heap
page read and write
5BC000
heap
page read and write
22FF000
direct allocation
page read and write
1C0287AB000
heap
page read and write
1C0287BC000
heap
page read and write
1C92D20F000
heap
page read and write
1C0287B6000
heap
page read and write
2338000
direct allocation
page read and write
34D8000
direct allocation
page read and write
1C028812000
heap
page read and write
34A8000
direct allocation
page read and write
5BF000
heap
page read and write
C97000
heap
page read and write
5D0000
heap
page read and write
230C000
direct allocation
page read and write
78E000
stack
page read and write
5C0000
heap
page read and write
1C028831000
heap
page read and write
2244000
direct allocation
page read and write
5B1000
heap
page read and write
1C92D224000
heap
page read and write
1C92D21B000
heap
page read and write
400000
unkown
page readonly
1C92D24B000
heap
page read and write
1C92D29F000
heap
page read and write
1C92D21B000
heap
page read and write
1C92D2A4000
heap
page read and write
5F8000
heap
page read and write
1C0287B3000
heap
page read and write
8ACBAFF000
stack
page read and write
3310000
unkown
page read and write
5EA000
heap
page read and write
5D1000
heap
page read and write
60B000
heap
page read and write
C44000
heap
page read and write
2314000
direct allocation
page read and write
1C0287CB000
heap
page read and write
C5F000
heap
page read and write
C2D000
heap
page read and write
5E8000
heap
page read and write
619000
heap
page read and write
1C0287DB000
heap
page read and write
669000
heap
page read and write
5F3000
heap
page read and write
3091000
heap
page read and write
2C9C000
trusted library allocation
page read and write
22AD000
direct allocation
page read and write
1C028813000
heap
page read and write
1C0287CB000
heap
page read and write
5E1000
heap
page read and write
1C028843000
heap
page read and write
C44000
heap
page read and write
40D000
unkown
page readonly
C1C000
heap
page read and write
78B000
heap
page read and write
5EA000
heap
page read and write
5EC000
heap
page read and write
29AE000
stack
page read and write
5CE000
heap
page read and write
C69000
heap
page read and write
7FF7798F3000
unkown
page readonly
5F8000
heap
page read and write
C1E000
heap
page read and write
C75000
heap
page read and write
C45000
heap
page read and write
5B1000
heap
page read and write
1C0287DB000
heap
page read and write
1C0287FB000
heap
page read and write
5CE000
heap
page read and write
1C0287C9000
heap
page read and write
A10000
heap
page read and write
1C92D2A4000
heap
page read and write
2370000
heap
page read and write
5E6000
heap
page read and write
5F9000
heap
page read and write
1C92D170000
heap
page read and write
2323000
direct allocation
page read and write
5C0000
heap
page read and write
6CE000
stack
page read and write
5C1000
heap
page read and write
1C92D2BD000
heap
page read and write
5C3000
heap
page read and write
5EA000
heap
page read and write
22E8000
direct allocation
page read and write
66E000
heap
page read and write
1C0287CB000
heap
page read and write
2A00000
heap
page read and write
22B5000
direct allocation
page read and write
1C92D21B000
heap
page read and write
7FF779871000
unkown
page execute read
3E50000
trusted library allocation
page read and write
5C4000
heap
page read and write
C83000
heap
page read and write
1C0287CD000
heap
page read and write
5DF000
heap
page read and write
5EF000
heap
page read and write
5D7000
heap
page read and write
1C0287CF000
heap
page read and write
1C0288B0000
heap
page read and write
647000
heap
page read and write
1C028849000
heap
page read and write
2265000
direct allocation
page read and write
5B1000
heap
page read and write
1C92D23D000
heap
page read and write
805000
heap
page read and write
1C92D224000
heap
page read and write
5CF000
heap
page read and write
1C92D247000
heap
page read and write
1C028843000
heap
page read and write
1C028849000
heap
page read and write
1C92D24F000
heap
page read and write
C3C000
heap
page read and write
1C0288B1000
heap
page read and write
79C000
heap
page read and write
C29000
heap
page read and write
C2E000
heap
page read and write
647000
heap
page read and write
420000
heap
page read and write
5C7000
heap
page read and write
1C92D20A000
heap
page read and write
C75000
heap
page read and write
61F000
heap
page read and write
5D4000
heap
page read and write
605000
heap
page read and write
502000
unkown
page read and write
1C0287DB000
heap
page read and write
76A000
heap
page read and write
3611000
heap
page read and write
C83000
heap
page read and write
C45000
heap
page read and write
1C92D241000
heap
page read and write
1C92D23F000
heap
page read and write
1C92D244000
heap
page read and write
There are 1399 hidden memdumps, click here to show them.