Windows Analysis Report
XDA_CDS v6.8.54_SE.exe

Overview

General Information

Sample name: XDA_CDS v6.8.54_SE.exe
Analysis ID: 1529182
MD5: 5f0a52b6484cd9d70421a3ac1389f220
SHA1: ca4d8c695752c63639b063239014bda6b332ace7
SHA256: 9b70be65faaa9818825e0b89cfa38a9fed843babb2970c901237a22a38f485c8
Infos:

Detection

Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Compliance

Score: 51
Range: 0 - 100

Signatures

Suricata IDS alerts for network traffic
.NET source code contains potential unpacker
Installs new ROOT certificates
Reads the Security eventlog
Reads the System eventlog
Adds / modifies Windows certificates
Allocates memory with a write watch (potentially for evading sandboxes)
Checks for available system drives (often done to infect USB drives)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates or modifies windows services
Creates processes with suspicious names
Deletes files inside the Windows folder
Detected potential crypto function
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Drops certificate files (DER)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)

Classification

Compliance
barindex
Uses 32bit PE files
Source: XDA_CDS v6.8.54_SE.exe Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Window detected: &Cancel&Next >License agreementSQL Server SelectionDatabase ServerSQL Database CreationDestination FolderDatabase OptionsReady To InstallInstallation ProgressSetup Complete&View ReadmeLicense agreementPlease read the following license agreement carefully.I &do not accept the terms in the license agreementI &accept the terms in the license agreementXerox CorporationSoftware End-User License Agreement (EULA)1.WHEN USED IN THIS EULA XEROX MEANS XEROX CORPORATION. YOU MEANS THE INDIVIDUAL OR LEGAL ENTITY ACQUIRING THE SOFTWARE. Please read this EULA carefully before downloading installing or using the Licensed Software. BY DOWNLOADING INSTALLING OR USING THE LICENSED SOFTWARE YOU ARE AGREEING TO BE LEGALLY BOUND BY THE TERMS OF THIS EULA GOVERNING THE USE OF THE LICENSED software. If you do not agree to the terms of this EULA downloading installation and use of the Licensed Software are strictly prohibited.2.Licensed Software. This EULA applies to the following software products (as they are issued as of the date of this EULA) and any subsequent upgrades supplements add-ons and substitute releases thereof: Xerox Device Manager (XDM) Xerox Device Agent (XDA) and the XDA family of software products CentreWare Web (CWW) Xerox Workplace Cloud Agent (XWCA) when provided with XDA and to any other software products provided with this EULA each a Licensed Software.3.Xerox Tools. The Xerox Tools are certain software-based components documentation and methodology-based components hosted by Xerox and used to provide print services to customers. No rights are granted to you under this EULA with respect to the hosted Xerox Tools. The Licensed Software interacts with the Xerox Tools as set forth in Paragraph 6 below.4.License Grant. Xerox grants You a non-exclusive non-transferable license to install the Licensed Software on a host computer or server and to use the Licensed Software provided to you (a) if you have a contract for print services with Xerox or a Xerox-authorized service provider (Contract) to use XDM or XDA for the purpose of receiving print services during the term of the Contract; or (b) if you downloaded CWW from an authorized Xerox website to use CWW in accordance with the terms set forth on the authorized Xerox website or the accompanying user manual or documentation. If the Licensed Software includes software developed by a third party such third party shall be considered a third party beneficiary of Your obligations under this EULA. The readme and notice files may include third party flow down terms and conditions which are a part of this EULA. This EULA incorporates by reference and makes a part hereof any readme or notice files accompanying the Licensed Software. Title to the Licensed Software and all copies shall at all times reside exclusively with Xerox and/or its licensor(s). 5.Licensed Software Updates. Xerox may provide or otherwise make available updates bug fixes feature enhancements or improvem
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Window detected: &Cancel&Next >License agreementSQL Server SelectionDatabase ServerSQL Database CreationDestination FolderDatabase OptionsReady To InstallInstallation ProgressSetup Complete&View ReadmeLicense agreementPlease read the following license agreement carefully.I &do not accept the terms in the license agreementI &accept the terms in the license agreementXerox CorporationSoftware End-User License Agreement (EULA)1.WHEN USED IN THIS EULA XEROX MEANS XEROX CORPORATION. YOU MEANS THE INDIVIDUAL OR LEGAL ENTITY ACQUIRING THE SOFTWARE. Please read this EULA carefully before downloading installing or using the Licensed Software. BY DOWNLOADING INSTALLING OR USING THE LICENSED SOFTWARE YOU ARE AGREEING TO BE LEGALLY BOUND BY THE TERMS OF THIS EULA GOVERNING THE USE OF THE LICENSED software. If you do not agree to the terms of this EULA downloading installation and use of the Licensed Software are strictly prohibited.2.Licensed Software. This EULA applies to the following software products (as they are issued as of the date of this EULA) and any subsequent upgrades supplements add-ons and substitute releases thereof: Xerox Device Manager (XDM) Xerox Device Agent (XDA) and the XDA family of software products CentreWare Web (CWW) Xerox Workplace Cloud Agent (XWCA) when provided with XDA and to any other software products provided with this EULA each a Licensed Software.3.Xerox Tools. The Xerox Tools are certain software-based components documentation and methodology-based components hosted by Xerox and used to provide print services to customers. No rights are granted to you under this EULA with respect to the hosted Xerox Tools. The Licensed Software interacts with the Xerox Tools as set forth in Paragraph 6 below.4.License Grant. Xerox grants You a non-exclusive non-transferable license to install the Licensed Software on a host computer or server and to use the Licensed Software provided to you (a) if you have a contract for print services with Xerox or a Xerox-authorized service provider (Contract) to use XDM or XDA for the purpose of receiving print services during the term of the Contract; or (b) if you downloaded CWW from an authorized Xerox website to use CWW in accordance with the terms set forth on the authorized Xerox website or the accompanying user manual or documentation. If the Licensed Software includes software developed by a third party such third party shall be considered a third party beneficiary of Your obligations under this EULA. The readme and notice files may include third party flow down terms and conditions which are a part of this EULA. This EULA incorporates by reference and makes a part hereof any readme or notice files accompanying the Licensed Software. Title to the Licensed Software and all copies shall at all times reside exclusively with Xerox and/or its licensor(s). 5.Licensed Software Updates. Xerox may provide or otherwise make available updates bug fixes feature enhancements or improvem
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\xda.service.InstallLog
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\ReadMe.txt
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\data\ReadMeData.txt
Source: XDA_CDS v6.8.54_SE.exe Static PE information: certificate valid
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File opened: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\msvcr90.dll Jump to behavior
Source: unknown HTTPS traffic detected: 13.14.0.17:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.PDB source: dbVersionDetect.exe, 0000000F.00000002.1892522532.00000000007E3000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: Microsoft.Web.Administration.pdb source: rundll32.exe, 00000013.00000003.1937540569.0000000004C60000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000013.00000003.1943162223.000000000325E000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000014.00000003.1977139019.000000000327C000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000015.00000003.2011135049.000000000319C000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2162785269.00000000029DC000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\agent\_work\1\s\DSC\Device.SmartClient\Installer\INSTALLERS\XDASIXFOUR\Controller\bin\Release\Merged.Controller.pdb source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\MasterRepo\DSC\Device.SmartClient\ZPrototypes\dbVersionDetect\dbVersionDetect\obj\x86\Debug\dbVersionDetect.pdb source: dbVersionDetect.exe, 0000000F.00000002.1895473062.0000000002401000.00000004.00000800.00020000.00000000.sdmp, dbVersionDetect.exe, 0000000F.00000000.1889093552.0000000000012000.00000002.00000001.01000000.00000011.sdmp
Source: Binary string: mscorlib.pdb source: dbVersionDetect.exe, 0000000F.00000002.1895473062.0000000002401000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: C:\agent\_work\1\s\DSC\Device.SmartClient\Installer\INSTALLERS\XDASIXFOUR\Release\Bootstrapper.pdb& source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598044610.0000000000CCA000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\agent\_work\1\s\DSC\Device.SmartClient\Installer\INSTALLERS\XDASIXFOUR\Release\Bootstrapper.pdb source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598044610.0000000000CCA000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: b77a5c561934e089\mscorlib.pdb source: dbVersionDetect.exe, 0000000F.00000002.1892522532.000000000082F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xml9 source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xmlSTLIST. source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xml8 source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Windows\symbols\exe\dbVersionDetect.pdb source: dbVersionDetect.exe, 0000000F.00000002.1892522532.00000000007E3000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: ProductVersion%Init file copying =bin\Infrastructure.Library.dllEbin\Old_Infrastructure.Library.dll=bin\Infrastructure.Library.pdbEbin\Old_Infrastructure.Library.pdb?Infrastructure.Library_5435.dll?Infrastructure.Library_5435.pdb?Infrastructure.Library_5447.dll?Infrastructure.Library_5447.pdbEDM Error Patch Files move failed: ?Unable to stop Service / Shell -DM Error ReplaceDlls: +Starting XDA service ]The xda.service status is currently set to {0}QStarting XDA service fails source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xmlSTa source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: sqlceqp40.pdb source: DbCreate.exe, DbCreate.exe, 00000017.00000002.2804693445.000001D5BF954000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Program Files (x86)\Xerox\DSC Packager\Util\DownloadManager452\DownloadManager\Output\DownloadManager.pdb source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xmlST` source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: m@C:\Windows\dbVersionDetect.pdb source: dbVersionDetect.exe, 0000000F.00000002.1891229583.00000000001A8000.00000004.00000010.00020000.00000000.sdmp
Source: Binary string: XEROXX~1.PDBXerox.XDAMonitorService.pdb source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\agent\_work\8\s\build\ship\x86\SfxCA.pdb source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.000000000304B000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002738000.00000002.00000001.01000000.0000000F.sdmp
Source: Binary string: C:\agents\_work\6\s\Xerox.Installer.Platform\bin\Release\Merged\Xerox.Installer.Platform.pdb source: rundll32.exe, 00000013.00000003.1937540569.0000000004C60000.00000004.00000020.00020000.00000000.sdmp
Checks for available system drives (often done to infect USB drives)
Source: C:\Windows\System32\msiexec.exe File opened: z:
Source: C:\Windows\System32\msiexec.exe File opened: x:
Source: C:\Windows\System32\msiexec.exe File opened: v:
Source: C:\Windows\System32\msiexec.exe File opened: t:
Source: C:\Windows\System32\msiexec.exe File opened: r:
Source: C:\Windows\System32\msiexec.exe File opened: p:
Source: C:\Windows\System32\msiexec.exe File opened: n:
Source: C:\Windows\System32\msiexec.exe File opened: l:
Source: C:\Windows\System32\msiexec.exe File opened: j:
Source: C:\Windows\System32\msiexec.exe File opened: h:
Source: C:\Windows\System32\msiexec.exe File opened: f:
Source: C:\Windows\System32\msiexec.exe File opened: b:
Source: C:\Windows\System32\msiexec.exe File opened: y:
Source: C:\Windows\System32\msiexec.exe File opened: w:
Source: C:\Windows\System32\msiexec.exe File opened: u:
Source: C:\Windows\System32\msiexec.exe File opened: s:
Source: C:\Windows\System32\msiexec.exe File opened: q:
Source: C:\Windows\System32\msiexec.exe File opened: o:
Source: C:\Windows\System32\msiexec.exe File opened: m:
Source: C:\Windows\System32\msiexec.exe File opened: k:
Source: C:\Windows\System32\msiexec.exe File opened: i:
Source: C:\Windows\System32\msiexec.exe File opened: g:
Source: C:\Windows\System32\msiexec.exe File opened: e:
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe File opened: c:
Source: C:\Windows\System32\msiexec.exe File opened: a:
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\Temp\
Found inlined nop instructions (likely shell or obfuscated code)
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 4x nop then jmp 007969DEh 15_2_00796758
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 4x nop then jmp 00793DDCh 15_2_00793815
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 4x nop then jmp 00793DDCh 15_2_00793AAB

Networking
barindex
Suricata IDS alerts for network traffic
Source: Network traffic Suricata IDS: 2009897 - Severity 1 - ET MALWARE Possible Windows executable sent when remote host claims to send html content : 13.14.0.17:443 -> 192.168.2.16:49714
HTTP GET or POST without a user agent
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: transactions.services.xerox.comConnection: Keep-Alive
Source: global traffic HTTP traffic detected: GET /XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=1bb4b441-967b-455b-8874-10a3a6ff206e HTTP/1.1Host: transactions.services.xerox.com
Source: global traffic HTTP traffic detected: GET /XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=11c27bc5-ae02-43fe-93a0-af3015e8a46c HTTP/1.1Host: transactions.services.xerox.com
IP address seen in connection with other malware
Source: Joe Sandbox View IP Address: 13.14.0.17 13.14.0.17
Internet Provider seen in connection with other malware
Source: Joe Sandbox View ASN Name: XEROX-WBUS XEROX-WBUS
JA3 SSL client fingerprint seen in connection with other malware
Source: Joe Sandbox View JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Suricata IDS alerts with low severity for network traffic
Source: Network traffic Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49714 -> 13.14.0.17:443
Source: Network traffic Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49716 -> 13.14.0.17:443
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: transactions.services.xerox.comConnection: Keep-Alive
Source: global traffic HTTP traffic detected: GET /XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=1bb4b441-967b-455b-8874-10a3a6ff206e HTTP/1.1Host: transactions.services.xerox.com
Source: global traffic HTTP traffic detected: GET /XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=11c27bc5-ae02-43fe-93a0-af3015e8a46c HTTP/1.1Host: transactions.services.xerox.com
Source: global traffic DNS traffic detected: DNS query: transactions.services.xerox.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E7C1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: HTTPS://TRANSACTIONS.SERVICES.XEROX.COM
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46EE9000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp, DbCreate.exe, 00000017.00000002.2797736517.000001D5BF760000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46F01000.00000004.00000020.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2797736517.000001D5BF760000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46EE9000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp, DbCreate.exe, 00000017.00000002.2797736517.000001D5BF760000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46EE9000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp, DbCreate.exe, 00000017.00000002.2797736517.000001D5BF760000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://fontfabrik.com
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://localhost:1767/XLMAUWebSite/XLMAUWebService.asmx
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46EE9000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp, DbCreate.exe, 00000017.00000002.2797736517.000001D5BF760000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://ocsp.comodoca.com0
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46EE9000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp, DbCreate.exe, 00000017.00000002.2797736517.000001D5BF760000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://ocsp.sectigo.com0
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://opensource.org/licenses/MIT).
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EDF3000.00000004.00000800.00020000.00000000.sdmp, dbVersionDetect.exe, 0000000F.00000002.1895473062.0000000002401000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E7C1000.00000004.00000800.00020000.00000000.sdmp, Setup.exe, 0000000B.00000002.1772398910.0000000005347000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp, dbVersionDetect.exe, 0000000F.00000002.1895473062.0000000002401000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://schemas.xmlsoap.org/wsdl/
Source: XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/CheckForOfferingChange
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/GetLatestDSCBrandingInfo
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/GetLatestDSCBrandingInfoTestPage
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/T
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/TU
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/TestLog
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/UpdateDownloadCounter
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://tempuri.org/checkForUpdate
Source: rundll32.exe, 00000016.00000003.2175414540.0000000006FD4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2175414540.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://test.support.xerox.com/String
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EDC2000.00000004.00000800.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EBBF000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://transactions-services.idns-ext.xerox.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EBBF000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://transactions-services.idns-ext.xerox.comH
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EDC2000.00000004.00000800.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EBBF000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://transactions.services.xerox.com
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp String found in binary or memory: http://vyaskn.tripod.com
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.apache.org/licenses/
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.bouncycastle.org).
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.carterandcone.coml
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.chilkatsoft.com/
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designers
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designers/?
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designers8
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designers?
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fontbureau.com/designersG
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.fonts.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.founder.com.cn/cn
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.founder.com.cn/cn/bThe
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.founder.com.cn/cn/cThe
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.galapagosdesign.com/DPlease
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.goodfont.co.kr
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.icsharpcode.net/OpenSource/SharpZipLib/).
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.jiyu-kobo.co.jp/
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.sajatypeworks.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.sakkal.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.sandoll.co.kr
Source: Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.support.xerox.com/support/smart-esolutions/support
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.tiro.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.typography.netD
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.urwpp.deDPlease
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.w3.or
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.xerox.com/
Source: rundll32.exe, 00000016.00000003.2175414540.0000000006FD4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2175414540.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://www.xerox.com/String
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.xerox.com/about-
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.xerox.com/about-xero
Source: Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: http://www.xerox.com/about-xerox/privacy-policy
Source: rundll32.exe, 00000016.00000003.2175414540.0000000006FD4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2175414540.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: http://www.xerox.comString
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp String found in binary or memory: http://www.xerox.comT
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1642334288.0000021D483E2000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: http://www.zhongyicts.com.cn
Source: rundll32.exe, 00000016.00000003.2175414540.0000000006FD4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2175414540.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://dcs.support.xerox.comString
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EDF3000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://home.lcatterton.com
Source: Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: https://office.services.xerox.com/GDOSupport
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://office.services.xerox.com/XeroxServicesManager/
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E858000.00000004.00000800.00020000.00000000.sdmp, Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp String found in binary or memory: https://sectigo.com/CPS0
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E7C1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E7C1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/X
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EBBF000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/XeroxAP
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EBBF000.00000004.00000800.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EB0C000.00000004.00000800.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/XeroxAutoUpdate
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E7C1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/XeroxAutoUpdate/
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2EBBF000.00000004.00000800.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E8B6000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=11c27bc5-ae02-4
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E860000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=1bb4b441-967b-4
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1627949029.0000021D2E7C1000.00000004.00000800.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/p
Source: rundll32.exe, 00000016.00000003.2175414540.0000000006FD4000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2175414540.0000000006FAF000.00000004.00000020.00020000.00000000.sdmp String found in binary or memory: https://transactions.services.xerox.com/xeroxautoupdateString
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown HTTPS traffic detected: 13.14.0.17:443 -> 192.168.2.16:49712 version: TLS 1.2
Drops certificate files (DER)
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\mypfx.pfx (copy) Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\mycredentials.spc (copy) Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-ajgiex4m.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-ctp1fcj2.tmp Jump to dropped file

Spam, unwanted Advertisements and Ransom Demands
barindex
Reads the Security eventlog
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security Jump to behavior
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
Reads the System eventlog
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\DSC Download Manager Log Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System Jump to behavior
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\Xerox DM (Device Management)
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Key opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
Creates files inside the system directory
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\6834c2.msi
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI387B.tmp
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\inprogressinstallinfo.ipi
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI48B8.tmp
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\SourceHash{2B1A8AE0-5F3D-47BC-9A48-4476E731ED44}
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI55E8.tmp
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI55F9.tmp
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\6834c5.msi
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\6834c5.msi
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\{2B1A8AE0-5F3D-47BC-9A48-4476E731ED44}
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\{2B1A8AE0-5F3D-47BC-9A48-4476E731ED44}\appicon.ico
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI9053.tmp
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI90D1.tmp
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\CustomAction.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\InstallerResources.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Deployment.WindowsInstaller.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Xerox.Installer.Platform.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Web.Administration.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\CustomAction.config
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\CustomAction.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\InstallerResources.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Deployment.WindowsInstaller.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Xerox.Installer.Platform.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Web.Administration.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\CustomAction.config
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\CustomAction.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\InstallerResources.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Deployment.WindowsInstaller.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Xerox.Installer.Platform.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Web.Administration.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\CustomAction.config
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\CustomAction.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\InstallerResources.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Deployment.WindowsInstaller.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Xerox.Installer.Platform.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Web.Administration.dll
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\CustomAction.config
Deletes files inside the Windows folder
Source: C:\Windows\System32\msiexec.exe File deleted: C:\Windows\Installer\MSI387B.tmp
Detected potential crypto function
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Code function: 0_2_023046B7 0_2_023046B7
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 15_2_00795D58 15_2_00795D58
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 15_2_00792F08 15_2_00792F08
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 15_2_00792C1C 15_2_00792C1C
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Code function: 15_2_00792CAC 15_2_00792CAC
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 19_3_04E45848 19_3_04E45848
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 19_3_04E45839 19_3_04E45839
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 19_3_04E452D8 19_3_04E452D8
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 20_3_074D4F98 20_3_074D4F98
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 20_3_074D5508 20_3_074D5508
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 20_3_074D54F8 20_3_074D54F8
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 21_3_050A5839 21_3_050A5839
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 21_3_050A5848 21_3_050A5848
Source: C:\Windows\SysWOW64\rundll32.exe Code function: 21_3_050A52D8 21_3_050A52D8
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_00007FFEC8341089 23_2_00007FFEC8341089
Sample file is different than original file name gathered from version info
Source: XDA_CDS v6.8.54_SE.exe Binary or memory string: OriginalFilename vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameDownloadManager.exe0 vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650296995.00000000022B9000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: <OriginalFilename>DownloadManager.exe</OriginalFilename> vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650713073.0000000002300000.00000004.00001000.00020000.00000000.sdmp Binary or memory string: OriginalFilename vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650713073.0000000002300000.00000004.00001000.00020000.00000000.sdmp Binary or memory string: !OriginalFilename"0 vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameDownloadManager.exe vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: <OriginalFilename>DownloadManager.exe</OriginalFilename> vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000002.1650818475.0000000002690000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: OriginalFilenameDownloadManager.exe0 vs XDA_CDS v6.8.54_SE.exe
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000000.1181188237.0000000000467000.00000002.00000001.01000000.00000003.sdmp Binary or memory string: OriginalFilenameDownloadManager.exe vs XDA_CDS v6.8.54_SE.exe
Uses 32bit PE files
Source: XDA_CDS v6.8.54_SE.exe Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp Binary or memory string: order by NewCSSecurityAdminAccessHistory.SlNo asc
Source: classification engine Classification label: mal48.evad.winEXE@26/460@1/1
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{380298ff-87f5-4840-8e13-f575d9f814fa}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{380298ff-87f5-4840-8e13-f575d9f814fa}:sqlce_se_lck:1
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Mutant created: \Sessions\1\BaseNamedObjects\mutex_xerox_setupexe_XDA
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1baf0fff-8ff8-4ad7-853e-308cb5fe69c1}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{d3fb13ff-ac5b-4eed-9970-9588ee2a13c1}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{9b424dff-1b15-420c-b5a6-dbcf3e16f5dc}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1baf0fff-8ff8-4ad7-853e-308cb5fe69c1}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{d3fb13ff-ac5b-4eed-9970-9588ee2a13c1}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{3178dfff-5f7d-44ca-9a0f-36ba459aabbb}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{3178dfff-5f7d-44ca-9a0f-36ba459aabbb}:sqlce_se_lck:1
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Mutant created: \Sessions\1\BaseNamedObjects\Xerox.Installer.Platform.InfoLogging.C:_ProgramData_Xerox_InstallLogs_Xerox_XDA_6.8.54_08_10_2024_1728410229.txt
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{b07e51ff-f097-4cea-b56f-ab9ae221b226}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: NULL
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\netfxeventlog.1.0
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{df3249ff-b2d7-4c6e-bcbc-5236145e924c}:sqlce_se_lck:2
Source: C:\Windows\System32\conhost.exe Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3724:120:WilError_03
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{df3249ff-b2d7-4c6e-bcbc-5236145e924c}:sqlce_se_lck:1
Source: C:\Windows\System32\conhost.exe Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:780:120:WilError_03
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}_131072_304673:x
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{bd2e91ff-6e22-4a19-a1a5-36fa4c868fd8}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{bd2e91ff-6e22-4a19-a1a5-36fa4c868fd8}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}_131072_304673:splk:3252
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{b07e51ff-f097-4cea-b56f-ab9ae221b226}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\SSCE_FILELOG_FILE_MUTEX_
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{e091f1ff-fb6f-4c22-ad00-10d87f662316}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{e091f1ff-fb6f-4c22-ad00-10d87f662316}:sqlce_se_lck:1
Source: C:\Windows\SysWOW64\rundll32.exe Mutant created: \Sessions\1\BaseNamedObjects\Xerox.Installer.Platform.InfoLogging.C:_ProgramData_Xerox_InstallLogs_Xerox_XDA_6.8.54.html
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}_131072_304673
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{96ce06ff-bf76-4d37-bd13-a6405b46fe85}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}_131072_304674
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{96ce06ff-bf76-4d37-bd13-a6405b46fe85}:sqlce_se_lck:2
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Mutant created: \Sessions\1\BaseNamedObjects\mutex_xerox_bootstrapper_XDA
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Mutant created: \Sessions\1\BaseNamedObjects\Xerox.Installer.Platform.Core.MSI
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}_131072_304674:splk:3252
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Mutant created: \Sessions\1\BaseNamedObjects\7fdc7a35-d7e6-dc11-843d-001aa0e3d086
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{bd3fdeff-4161-433f-a3c1-8caae8c068dc}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{bd4c19ff-8769-40c3-9435-e083ec635ab6}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{bd3fdeff-4161-433f-a3c1-8caae8c068dc}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{e28fa0ff-b2b2-4627-badb-171839625d8f}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{0a19ceff-7763-49d6-9b68-8cf70b795430}:sqlce_se_lck:1
Source: C:\Windows\SysWOW64\rundll32.exe Mutant created: \Sessions\1\BaseNamedObjects\Xerox.Installer.Platform.InfoLogging.C:_ProgramData_Xerox_InstallLogs_Xerox_XDA_6.8.54.ldhtml
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{e28fa0ff-b2b2-4627-badb-171839625d8f}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{0a19ceff-7763-49d6-9b68-8cf70b795430}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{bd4c19ff-8769-40c3-9435-e083ec635ab6}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{db8b02ff-eb84-42b8-a669-69da75084aad}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{db8b02ff-eb84-42b8-a669-69da75084aad}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{9b424dff-1b15-420c-b5a6-dbcf3e16f5dc}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{adb6acff-40ea-4f12-bc3c-52cbeaf30c8b}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{1a4b1382-eeb5-4d59-b0fa-b93f83a518e1}_131072_304674:x
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{adb6acff-40ea-4f12-bc3c-52cbeaf30c8b}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{35d13aff-f0e1-4aa5-b85e-95f004fae8c4}:sqlce_se_lck:1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{35d13aff-f0e1-4aa5-b85e-95f004fae8c4}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{f0b24dff-cdc3-4be1-ba47-4ccfef54184b}:sqlce_se_lck:2
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Mutant created: \Sessions\1\BaseNamedObjects\Global\{f0b24dff-cdc3-4be1-ba47-4ccfef54184b}:sqlce_se_lck:1
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe File created: C:\Users\user\AppData\Local\Temp\DSC Jump to behavior
Source: XDA_CDS v6.8.54_SE.exe Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe File read: C:\Users\user\Desktop\desktop.ini Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI387B.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6830312 2 CustomAction!CustomActionsShared.ExecuteSequence.ExecuteInitialize
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_CANNOT_FIND_JOB', N'Cannot find job in the queue.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_USER_INITATED_SYNCHRONIZATION', N'Benutzer hat Synchronisierung mit {0}-Server eingeleitet');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_TONER_LEVEL_10PCTLOW1', N'Niveau de toner : Magenta faible 10 %');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_LOW_PROFILE_DESKTOP', N'Low Profile Desktop');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ILLEGAL_MASK_CLASS', N'[tr_tr]Illegal Mask for that Class of IP Address.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_MAIN_SYSTEM_CHASSIS', N'Telaio di sistema principale');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_PRINTER_SEARCH_COMPLETED', N'Druckersuche abgeschlossen.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_SCAN_FILE_COUNT', N'Telling scans naar bestand');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_DAYS1', N'nap');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_EMAIL_SETTINGS1', N'E-Mail Settings');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_DO_WANT_UPLOAD', N'Deseja carregar o arquivo selecionado?');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_DRUM_REPLACE', N'Trommel ersetzen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_FLOOR', N'|iB\');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_BLACK_TONER', N'Zwarte toner');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_FIND_MORE', N'Rechercher encore');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_NOT_REGISTERED1', N'Non registrato');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_EXPORT', N'Export');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_UPDATE_SERVER', N'Server aktualisieren');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'BLACK_COMMON_NUMBER_WRONG', N'Onjuist nummer zwarte inkt.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_SMARTCARD', N'SmartCard');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PRINTER_TYPE', N'Printer Type');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_CLEAR_SELECTED_TRAPS', N'Eliminar trampas seleccionadas');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_CANNOT_FIND_JOB', N'Der Auftrag wurde nicht in der Warteschlange gefunden.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_APPLICATION_SUCCESSFULLY_REGISTERED', N'Seu aplicativo foi registrado com sucesso.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_LARGE_MONOCHROME_PRINT', N'Compte d''impression monochrome grand format');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_PROXY_TEST_TIMED', N'[hu_hu]Proxy test timed out.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_SAP_ENABLED', N'SAP ativado');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_DATE', N'Tarih');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_PRINTER_MIB', N'Imprimante MIB');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_PLEASE_WAIT_WHILE', N'Attendere la fine dell''esportazione dei dati.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_WIZARD_CAN_ALWAYS1', N'[hu_hu]This wizard can always be accessed from the "Configuration Wizard" button.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_STARTUP_WIZARD', N'Autostart-Assistent');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_FAILED_RETRIEVE_SCOPE1', N'Falha em recuperar a lista de impressoras no escopo');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_PRINTER_CONTROL_LANGUAGE', N'Linguagem de Controle de Impressora');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_ASSET', N'Risorsa');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (16, N'SDE_IBM_5250', N'IBM 5250');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_SERVER_FAX_IMPRESSIONS', N'Odbitki faksowane serwera');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_QUEUE_EMAIL_ALERTS', N'Wachtrijstatusalarmen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_INVALID_PORT_NUMBER2', N'Invalid Port Number. Must be between 1 and 65535.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_RESET_PRINTER', N'[tr_tr]Reset Printer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_EXPANSION_CHASSIS', N'[hu_hu]Expansion Chassis');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SCAN_RESOLUTION', N'Risoluzione di scansione');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_COMPUTER_NAME', N'Computer Name');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_AGENT_FAILED_COMMUNICATE', N'Falha do agente em se comunicar com o servidor');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_EMAIL_ALERTS_ALTERNATE', N'E-Mail-Warnungen');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_NUMBER_MANAGED_PRINTERS1', N'Anzahl an verwalteten Druckern');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_LARGE_COLOR_PRINT', N'Telling grote kleurenafdrukken');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_VERSION_PRODUCT_ALREADY', N'This version of the product is already installed on this machine. Please go to Add/Remove Programs to remove it.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_INSTALLATION_DATE', N'Installation Date');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_AGENT_INSTALLED', N'Agente instalado');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_UNIX', N'[tr_tr]Unix');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_JAPAN', N'Japan');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_FILE_UPLOADED_ALREADY', N'El archivo ya se ha cargado.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_YEARS', N't^');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SINGLE_IMPRESSION', N'Impressioni singole');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_IP_SUBNET_SCAN', N'[hu_hu]IP Subnet Scan');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_UNMANAGED_NETWORK_PRINTERS', N'[tr_tr]Unmanaged Network Printers Report settings modified');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_UNDEFINED_PDL_INTERPRETER', N'[tr_tr]undefined PDL interpreter detected');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_CLOUDDM_INSTALLING', N'Installation en cours');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_COLUMN', N'[tr_tr]Column');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_CLOSE1_XDA', N'Kapat');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_APP_SOCKET', N'App Socket');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (16, N'SDE_IBM_3270', N'IBM 3270');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_PLEASE_SEE_CONTENT', N'[tr_tr]Please see content to review warnings');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_LOCAL_ALERTS', N'Alertas locais');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_XEROXGRAPHIC_UNIT_MISSING', N'Xerografische module ontbreekt');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PRODNAME_PCH_REPORT', N'%PRODUCTNAME% Page Count History Report');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (16, N'SDE_WINDOWS', N'Windows');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_DQUOT', N'"');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_READ_STATUS', N'Read Status');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_TOTAL1', N'Total');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PAGESUSER', N'Pages/User');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_DEVICE_IMPORT', N'Drucker-Import');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_CURRENT_LEVEL', N'Derzeitige Stufe');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_COMMUNICATION_EMAIL_SERVER', N'Comunicazione con il server di posta {0} attiva');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_HEBREW', N'[tr_tr]Hebrew');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ACTUAL_TRAPS_REGISTERED', N'[tr_tr]The actual traps registered depends on the printer manufacturer.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'HRS_XDA', N'[tr_tr]hrs');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SERVICE_PROVIDER', N'Fornitore del servizio');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_OUTGOING_MAIL_SERVER1', N'The Outgoing Mail Server information must be configured on the Network page.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_INVALID_SUBNET_MASK', N'Subnet mask non valida.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_STACK', N'Stapelen');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_1_ADDITIONAL_CARD', N'[1] Leitor de placa adicional conectado');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_XDA_DISABLED', N'XDA has been disabled!');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_AUTOIPV6', N'AutoIPv6');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_NONE1', N'Brak');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ALERT_TABLE_TRAPS', N'[tr_tr]Alert Table Traps');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_REMOTE_ALERTS', N'Alertes distantes');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_CUMULATIVE_TIME_STATE', N'Tiempo acumulativo en el estado');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_CUSTPROP_5', N'Campo personalizado 5');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_NONCOMPLIANT_ERROR_RECEIVED', N'Nicht-konformen Fehler erhalten');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_XEROX_PRINT_AGENT7', N'Print Agent hat nicht angehalten');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_NETWORK_SCANNING_IMAGES5', N'[tr_tr]Network Scanning Images Sent (Units)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_BACKUP_SERVER_PORT', N'Back-upserverpoort');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_COPYRIGHT', N'Copyright');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_INITIATED_REGISTRATION_FMTSTR', N'Aanvang registratie bij de {0} server voltooid');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_MANAGED_PRINT_SERVER', N'Scansione server di stampa gestiti');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_SOFTWARE_INFORMATION', N'Informatie over de software');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_START_IP_ADDRESS2', N'Indirizzo IP iniziale');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_PASS_WARNING_HIGHER', N'Passa avvertenza e superiore');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_SERIAL_NUMBER_FMTSTRPCTMETERING1', N'[tr_tr]Serial Number: {0}%CRLF%%SVC_SUITE_NAME% Registration Status: {1}%CRLF%DNS Name: {2}%CRLF%IP Address: {3}%CRLF%IPX Network: {4}%CRLF%IPX Address: {5}%CRLF%Printer Model: {6}%CRLF%Printer Location: {7}%CRLF%');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_COLOR_PRINTED_EXTRA', N'Hojas muy largas impresas en color');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_HOLE_PUNCH_WASTE', N'Contenitore scarti di perforatura pieno');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_JOBS', N'Jobs');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_BACK1_XDA', N'Terug');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PLEASE_VALIDATE_INFORMATION', N'Please validate that the information you have entered is correct. To do this click the "Back" button.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_WINDOWS', N'Windows');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_RETRIEVING_SUPPLIES_INFORMATION', N'[hu_hu]Retrieval of supplies information');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_A3', N'A3 (420mm x 297 mm)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_FAILED_RETRIEVE_OUT', N'[tr_tr]Failed to retrieve the Out of Scope printer status');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_WINDOWS_NOT_CONFIGURED', N'Windows has not been configured for IPv6');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_INSTALLATION_DATE', N'Installatiedatum');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_2_SIDED_SHEETS', N'2-zijdige vellen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_CHANGE_UPDATE_SETTINGS', N'Actualizar opciones');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_VALIDATION_ERROR_FMTSTR', N'Erreur de validation : la longueur [{0}] est trop longue.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_ZERO_0_HOPS_XDA', N'[hu_hu]Zero (0) hops means that the search is limited to the local subnet.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (10, N'SDE_AUTOMATIC_METER_READ', N'%SVC_SUITE_NAME%');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_XEROX_DEVICE_AGENT', N'Xerox Device Agent');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_CONTRACT_SETUP_NOT1', N'Contract opstellen is niet voltooid. Probeer het over 5 minuten opnieuw.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_NETWARE', N'[tr_tr]NetWare');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_REGISTRATION_PENDING', N'Anmeldung steht bevor');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_PRINT_TEST_PAGE1', N'Testseite direkt drucken');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_ACCOUNT', N'Account');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_IMAGING_DEVICE_PROTOCOL', N'Imaging Device Protocol interpreter (Apple)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_TONER_LEVEL_LOW2', N'Livello toner: Giallo scarso');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_UNABLE_REGISTER_DEVICES1_XDA', N'Impossibile registrare i dispositivi');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_UNABLE_TURN_OFF1', N'Kan %AMR_SVC_NAME% niet uitschakelen voor {0}. Bevestiging met de Xerox Communication Server mislukt.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_ARABIC', N'Arabo');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_OVERALL_STATUS', N'Gesamtstatus');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_FAILURE_UNKNOWN_REASON', N'Storing met onbekende oorzaak.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_NETWORK_ADDRESS', N'Netzwerkadresse');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (10, N'SDE_WINDOWS_2000', N'Windows 2000');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_FOR_FURTHER_ASSISTANCE', N'Neem voor meer hulp contact op met uw {0}.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_COMMUNICATION_PROBLEM_DUE', N'[hu_hu]The communication problem is due to an issue in the Xerox Communication Gateway and cannot be resolved locally. If the communication does not restart after 48 hours, please contact Support for further instruction.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_DEFINITION_WHICH_ALERTS', N'De definitie van welke alarmen een fout of waarschuwing vormen, wordt gebruikt voor het bepalen van de kleur van het statuspictogram.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_STAPLE_LOW', N'Nieten bijna op');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_FMTSTR_CRITICAL_SYSTEM', N'{0} system status(es) occurred:');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ERROR_XAM_DATA', N'[tr_tr]Error with Xerox Services Manager data export.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_SCANNER_FEED_ROLLER', N'Renouvellement galet d''alimentation du scanner');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (9, N'SDE_XEROX_PRINT_AGENT2', N'Xerox Print Agent');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_UNABLE_CONNECT_XEROX', N'Connexion impossible avec le Service de programmation de Xerox. Lancer le Service via le programmation de gestion des services.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_PRINTED_2_SIDED6', N'Afgedrukte 2-zijdige vellen (eenheden)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_UNDO_FAILED', N'[hu_hu]Undo failed.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_NETHERLANDS', N'Holandia');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_REPORT_PAGE_COUNT', N'A report of page count histories for printers that have historical data collection enabled in %PRODUCTNAME%.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_MICROSOFT_OLE', N'[hu_hu]Microsoft OLE');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_ALTERNATE_SERVER_4', N'Servidor Alternativo 4');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_LEVEL_3_IMPRESSIONS6', N'[tr_tr]Level 3 Impressions Transmitted');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_DECLINE', N'Recusar');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_TRIM', N'Trim');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_OS_VERSION', N'[tr_tr]OS Version');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_WINDOWS_NT_40', N'Servidor do Windows NT 4.0');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_CONFIGURE_EIP_APPLICATIONS', N'[tr_tr]Configure EIP Applications');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_STACK', N'Stos');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_XEROX_SUPPORT_SERVICES', N'Xerox Support Services');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_PARALLEL_PORT', N'Porta paralela');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_CARD_READER_TYPE', N'Card Reader Type');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_QUEUE_STATUS_AGE', N'[tr_tr]Queue Status Age');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_BLACK_SINGLE_IMPRESSIONS', N'Impresiones a una cara en negro (unidades)');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SETTING_NO_SEARCH', N'Impostando l''opzione "Nessuna ricerca", in quanto non sono fornite impostazioni SNMP v1/V2 ed SNMP v3.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_REPORT_STATUS_DETAILED', N'[tr_tr]A report of status and detailed alerts that have been detected by %PRODUCTNAME% from network printers.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_SITE_STATUS_EXPORT', N'Standort-Status-Export');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_NEVER', N'Jamais');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_THANK_INSTALLING_XEROX', N'Vielen Dank, dass Sie Xerox Device Agent installiert haben. Bitte schicken Sie im Falle eines Systemabsturzes Diagnosedaten an Xerox und helfen Sie uns damit, unsere Produkte weiter zu verbessern.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_DOMAIN', N'Domaine');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_IN_PROGRESS', N'Bezig');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_PATH_DOES_NOT', N'Il percorso non esiste.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_FOLDER_NAME_CURRENTLY_XDA', N'Een map met deze naam bestaat momenteel in de door u geselecteerde doelmap. Wijzig de naam van de map of verplaats deze naar een andere bestemming.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_PRINTED_IMPRESSIONS', N'[hu_hu]Printed Impressions');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_DUPLICATE_REGISTRATION', N'Zduplikowana rejestracja');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_DISPLAY_PROMPT_1', N'Mostrar anuncio 1');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_THERMAL_TRANSFER', N'Transfert thermal');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_SYSTEM_DISABLED', N'Systeem uitgeschakeld');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_PHOTOGRAPHIC_IMAGE_SETTER', N'Impositore immagine fotografica');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_PHONE', N'Telefon');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_LESS_THAN_EQUAL', N'Menor que o igual a');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_SEARCH_NOW', N'Nu zoeken');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_FAX_IMPRESSIONS', N'[tr_tr]Fax Impressions');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_COLOR_PAGE_COUNT', N'Telling kleurenpagina''s');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_PRINTER_DRIVER_NOT1', N'[tr_tr]Printer driver not installed.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_SUCCESSFULLY_SENT_REGISTERED', N'[tr_tr]Successfully sent registered printer status information for %SVC_SUITE_NAME% to the Xerox Communication Server.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_PHYSICAL_CONNECTION', N'Fysische toestand');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_INDEX', N'Indice analitico');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SEARCH_SUCCEEDED', N'Ricerca riuscita');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_PRINTED', N'Gedruckt');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_ORIGINATING_GROUP_NAME', N'Name der Ausgangsgruppe');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_FAILED_REGISTER_BECAUSE2', N'[tr_tr]Failed to register because the server rejected the registration due to incorrect application type identity.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PIZZA_BOX', N'Pizza Box');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_UNABLE_REGISTER_DEVICES1_XDA', N'No se pueden registrar los dispositivos:');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_COLOR_COPIED_21', N'Gekopieerde 2-zijdige vellen in kleur');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_FAX_IMAGES_RECEIVED5', N'Fax Images Received Transmitted');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_FUJI_XEROX_METER11', N'[hu_hu]Fuji Xerox Meter 2 (Units)');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_RUN_SNMP_V3', N'Run SNMP V3 Discovery');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_TEST_FAILED', N'Test mislukt');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_COMMUNICATION_ERRORS', N'Errori di comunicazione');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_CURRENT_VERSION', N'Huidige versie:');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_HELP_IMPROVE_XEROX', N'Help mee om Xerox Device Agent te verbeteren');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_AUTHENTICATION_TYPE', N'[tr_tr]Authentication Type');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_NETWORK_PRINTER', N'Network Printer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_TONER_LEVEL_LOW1', N'Tonerniveau: Magenta bijna op');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_TRUNK_NAME', N'Nombre del gabinete');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_SDE_BATCH_TEST3', N'SDE_BATCH_TEST3');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_AUTOMATIC', N'Automatyczny');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_IPV6_ADDRESS_ALREADY', N'IPv6-adres staat al in lijst.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_DEBUG_REGISTRATION_FAILURE', N'Foutdetails registratie ');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_HARD_DRIVE_SIZE', N'[hu_hu]Hard Drive Size');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_POLL_XWC', N'XWC abfragen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_BACKUP_SERVER_ADDRESS', N'Indirizzo server di backup');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_DETAILED_INFORMATION_RETRIEVAL', N'[tr_tr]Detailed information retrieval not supported.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_SKILL_LEVEL', N'Skill Level');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_LARGE_MONOCHROME_PRINT', N'Totale stampe grandi in b/n');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_UNMANAGED_DIRECTLY_CONNECTED1', N'Nicht verwaltete, direkt angeschlossene Drucker');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_IP', N'IP');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_TECHNICIAN_DISPATCH_REQUIRED', N'Wartungsbesuch erforderlich');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_DEVICE_IDENTITY_INFO', N'Info su ID dispositivo');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ENABLE_SASL_BINDS', N'[tr_tr]Enable SASL Binds to LDAP');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_UPDATE_FMTSTR_AVAILABLE', N'[tr_tr]An update of {0} is available. Would you like to install it?');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_ROOM', N'Pomieszczenie');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_CONSUMABLE_INFO', N'[tr_tr]Consumable Info');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_MARKER_INDEX', N'Marker Index');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_DIRECTORY_STATUS_RETRIEVAL', N'[tr_tr]Directory Status Retrieval');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_NEW', N'Nowy');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_FOLLOWING_CRITICAL_SYSTEM', N'[hu_hu]The following critical system statuses have occurred at {0} on {1}:');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_IMPORT_FILE_EXAMPLES', N'Importa file di esempi');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_RAW_TCP_PORT', N'Porta TCP bruta');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_LEASED', N'Geleast');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_METERS_SUCCESSFULLY_EXPORTED1', N'Dados satisfatoriamente exportados.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PLEASE_ENTER_WORKPLACE_XDA', N'Please enter your workplace credentials');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_COMPUTER_DOMAIN_DISCOVERY', N'Computerdomein-discovery');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_NOT_REGISTERED2', N'Niezarejestrowany');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_TONER_LEVEL_LOW', N'Tonerstufe: Cyan niedrig');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_NEW_XDA', N'New');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_REGISTRATION_NOT_REQUESTED', N'Registro no pedido');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PLEASE_CONTACT_ADMINISTRATOR2_XDA', N'Please contact your administrator for assistance.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_MONARCH', N'Enveloppe Monarch (3,9 x 7,5 pouces)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PAPER_TRAYS', N'Paper Trays');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_MB', N'MB');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_LEGAL_85_X', N'[tr_tr]Legal (8.5 x 14")');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_XEROX_SERVICES_GROUPS', N'Groupes de Services Xerox ');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_POLL_XWC', N'Interroger XWC');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_COPIED_LARGE_SHEETS4', N'Hojas grandes de copia (unidades)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_IP_ADDRESS_DNS', N'IP Address or DNS Name');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_FINISHER_FAULT', N'Errore stazione di finitura');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_SYNCHRONIZE', N'Senkronize Et');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_GERMAN', N'Almanca');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (22, N'SDE_DOT_MATRIX', N'Dot Matrix');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (9, N'SDE_SINGLE_IMPRESSION', N'pS!k');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_HOURS', N'Hour(s)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_SEARCH_RESULTS', N'[tr_tr]Search Results');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_REPOSITORY_5', N'[hu_hu]Repository 5');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_PROCEED', N'Devam Et');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_WINDOWS_XP2003', N'Windows XP/2003/Vista/2008');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SERVER_PING_FAILED', N'Esecuzione ping server non riuscita.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_UPNP', N'UPnP/SSDP');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_NOT_SUPPORTED_BY2', N'Not supported by the printer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_LABEL', N'Etykieta');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_COLOR_PRINTED_LARGE5', N'Afgedrukte grote gekleurde vellen (eenheden)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_FUSER_OVERTEMP', N'[tr_tr]Fuser Overtemp');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_UTILIZATION_PERCENTAGE', N'Auslastung (in Prozent)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_IEEE_1394', N'IEEE 1394');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_OS_SERIAL_NUMBER', N'OS serienummer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_TOTALS', N';`
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_MICROSOFT_EXCEL_WORKSHEET', N'Foglio di lavoro di Microsoft Excel');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_INSTALLATION_DATE', N'Data di installazione');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_USER_DOES_NOT21', N'Gebruiker heeft niet voldoende machtiging(en) om licentiecontrole uit te voeren.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_NETWARE_REMOTE_PRINTER', N'[hu_hu]NetWare Remote Printer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_MONOCHROME_PAGE_COUNT1', N'[tr_tr]Monochrome Page Count Unit');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_READ_ME', N'LisezMoi');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_DIFFERENCE', N'Diferencia');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_INPUT_TRAY_EMPTY', N'Einzugsfach leer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_TO_RECEIVE_EMAIL', N'[hu_hu]To receive E-Mail alerts, the E-Mail settings need to be configured.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_MMDDYY_HHMMSS', N'[tr_tr]MM/DD/YY HH:MM:SS');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (22, N'SDE_SNMP_V3', N'SNMP v3');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_DUPLEX_PERCENTAGE', N'Porcentaje a 2 caras');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_REGISTRATION_TRANSFERRED', N'[tr_tr]Registration Transferred');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_MICROSOFT_VXD_API', N'Microsoft VxD API');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_REGISTER_TRAPS_SELECTED', N'Traps registreren voor geselecteerde fabrikanten');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_FMTSTR_VERSION_FMTSTR', N'Er is een nieuwe versie van {0} beschikbaar als upgrade. Het systeem heeft niet genoeg geheugen om de nieuwe versie uit te voeren. Verhoog het systeemgeheugen naar {1} MB om de upgrade succesvol uit te voeren.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_GO', N'Ir');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SNMP_V3', N'SNMP v3');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_WMI', N'WMI');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_DOT_MATRIX_24', N'Matrice di punti 24 ');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_XDA_DISABLED', N'[tr_tr]XDA has been disabled!');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_IPV4_ADDRESS', N'IPv4-adres');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_XAM_DATA_EXPORTED1', N'Los datos del Xerox Services Manager se exportaron mediante el servicio de Web.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_PAGESUSER', N'Pages/Utilisateur');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_SERVER_NOT_LISTENING', N'[hu_hu]Server is not listening on the specified port.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_TOTAL_BLACK_FMTSTR', N'Toplam Siyah: {0} Birimler: {1}');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_PRIVATE', N'Prywatny');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_PRINTING', N'Imprimindo');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_FROM_EMAIL_ADDRESS_XDA', N'From Email Address');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_LEASE_END_DATE', N'Lease End Date');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_NOT_AVAILABLE', N'Not Available');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_STATUS_PRINTERS_LIST', N'[tr_tr]The status of printers in the list is read on a regular basis.');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PLEASE_TRY_ENTER1', N'Please try to enter the Exchange Server address.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_PRODUCT_ID', N'ID de produit');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_NOT_REGISTERED1', N'No registrado');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_TOTAL_PRINTERS1', N'Total de impressoras');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_LARGE_IMPRESSIONS', N'Grote afdrukken');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_CURRENT_VERSION1', N'[hu_hu]Current Version');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_WORKSTATION_REQUESTED_CONFIGURATION', N'Von Workstation angeforderte Konfiguration:');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_NOT_SPECIFIED', N'Non specificato');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_BLACK_COLOR_LEVEL4', N'Schwarz und Farbe Stufe 1-Drucke (Einheiten)');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_DONE_XDA', N'[tr_tr]Done');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_DOCUMENT_NAME', N'Dokumentname');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_ACTIVE_DIRECTORY_COULD', N'De actieve directory kon niet worden gecontacteerd. ');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_UNEXPECTED_ERROR_OCCURRED1_XDA', N'ER IS EEN ONVERWACHTE FOUT OPGETREDEN');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_COMMUNITY_NAME', N'Nazwa lokalna');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_GRAPHIC_DOCUMENT', N'Grafisch document');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_SNMP_V2', N'[hu_hu]SNMP V2');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_LEGAL_85_X', N'Legal (8,5 inch x 14 inch)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_IPX_ADDRESSES', N'Indirizzi IPX');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_UNABLE_TURN_OFF1', N'Impossibile disattivare %AMR_SVC_NAME% per {0}. Conferma al server di comunicazione Xerox non riuscita.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_LOADINSCOPEASSETS_FAILED_WHILE', N'LoadInscopeAssets mislukt bij het ophalen van gegevens.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_EMAIL_ADDRESSES', N'E-mailadressen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_CANNOT_COMMUNICATE_SERVER', N'Impossibile comunicare con il server.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_COMMUNITY_NAMES_MUST', N'[tr_tr]Community names must have at least one member.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_ENABLE_DISABLE_DISPLAYING', N'Abilita o disabilita visualizzazione dei popup');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_WAITING', N'Bekliyor');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_CURRENT_XDA', N'Aktualny');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_RACK_MOUNT_CHASSIS', N'[tr_tr]Rack Mount Chassis');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_GRAPHIC_DOCUMENT', N'Graphic Document');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_EXTRA_LONG_IMPRESSIONS', N'Impressioni Extra long');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_DISCOVERY_METHOD', N'Discovery-Methode');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_REGISTERED_BILLING_SERVICE1', N'[hu_hu]Registered, Service Enabled');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PRINTER_CONDITIONS_ANNOUNCE1', N'Printer conditions that announce warnings such as Low Toner, Missing Consumables, etc.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_HOURS2', N'Uren');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_HOURLY', N'Hourly');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_FOR_PARTNERS', N'[hu_hu]For Partners');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_SCAN_INTERNET_FAX', N'Escanear al fax de Internet');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_ION_DEPOSITION', N'Ion Deposition');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_ENVELOPE', N'Busta');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_STATUS_AGE', N'Czas statusu');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_BEING_TESTED', N'Em teste');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_CLICK_CONTINUE_AGAIN', N'Klik opnieuw op Doorgaan om te proberen de printer toe te voegen via IPP.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_DUPLEX_PAGE_COUNT', N'2-zijdige paginatelling');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_BUSY', N'Ocupada');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SITE_IDENTITY', N'ID sito');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_WINDOWS_NT_401', N'Windows NT 4.0 Workstation');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_FUNCTION_USED_DETERMINE', N'[tr_tr]The function used to determine the target computer operating system failed. The computer could be offline or it could have denied access to %PRODUCTNAME%.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_COMMENTS_OPTIONAL_BUT', N'[tr_tr]Comments are optional but should be enclosed in double quotes.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_STATIC', N'Statique');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_DO_WANT_CONTINUE1', N'Wilt u doorgaan met zoeken?');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_IMPORT', N'Importuj');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_CPU_PROCESSORS', N'CPU-Prozessoren');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_PRINTER_CONDITIONS_ANNOUNCE1', N'Conditions de l''imprimante qui annoncent des avertissements comme Fin de toner, Manque de consommables, etc.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ADD_EIP_APPLICATIONS1', N'[tr_tr]Add EIP Applications');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_STAPLE', N'Pinzatura');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_FUSER_OVERTEMP', N'Temperatura excessiva do fusor');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_GROUP', N'Grupo');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_CUSTPROP_14', N'[tr_tr]Custom property 14');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_COMPUTER_PING_FAILED', N'[tr_tr]Computer ping failed.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_DEFINITION_WHICH_ALERTS', N'La definizione degli avvertimenti come errore o come attenzione viene usata per colorare l''icona dello stato.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_CUSTPROP_110', N'Campo personalizzato 1');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_OUTPUT_TRAY_MISSING', N'Falta la bandeja de salida');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_CHINESE', N'[hu_hu]Chinese');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_MULTIPLE_VALUES_CAN', N'(Multiple addresses are separated by semi colons)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_NEGOTIATE', N'Negociar');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PURGEUPLOADED', N'Purge all uploaded diagnostic files');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_STACK', N'Pile');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_WINDOWS', N'Windows');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_NO_SERVICES_DETECTED', N'[hu_hu]No services detected for this device.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_DO_WANT_STOP1', N'Wollen Sie die Synchronisierung wirklich abbrechen?');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_IPV4_RANGE', N'Zakres IPv4');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_NO_EIP_APPLICATIONS3', N'There are no EIP applications to remove from the selected printer(s).');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_DESCRIPTION1', N'Description:');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_PHONE_NUMBER', N'[tr_tr]Phone Number');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_SPACESAVING', N'[tr_tr]Space-Saving');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_SPECIFIED_PRINTER_PREVIOUSLY', N'The specified printer was previously found.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_USER_GUIDE', N'Gebruikershandleiding');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_CLOUD_FLEET_MGMT', N'Cloud Fleet Mgt');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_NOT_COMPATIBLE_TARGET', N'[tr_tr]NOT COMPATIBLE: The target printer does not support the %PRODUCTNAME% required MIB-II (RFC 1213) ''ifPhysAddress'' object. Please ensure that the latest available firmware is installed on the target printer');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_INSCOPE_PRINTER_LIST', N'In-scope printer list is empty.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_COLLECT_TRAPS_30', N'Raccogli trap per 30 secondi prima di interrogare il dispositivo');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_CUSTPROP_15', N'Propiedad personalizada 15');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_IP_SOURCE', N'IP-Quelle');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_BLACK_COPIED_IMPRESSIONS', N'[tr_tr]Black Copied Impressions');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_CONTACT_US', N'Contact Us');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (8, N'SDE_PRINTER_CONTROL_LANGUAGE', N'PCL (HP)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_RAW_TCP_PORT', N'Porta Raw TCP');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_DEVICE_ALREADY_EXISTS1', N'El dispositivo ya existe en el sistema:');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PROCEED', N'Proceed');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_SERVER_STATUS_UNKNOWN', N'Server Status Unknown');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_SCANNER_FEED_ROLLER1', N'Scanner-Zufuhrrolle ersetzen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_LARGE_MONOCHROME_COPY', N'[tr_tr]Large Monochrome Copy Count');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_MICROSOFT_POWERPOINT_PRESENTATION', N'Presentazione di Microsoft PowerPoint');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_COULD_NOT_CONNECT', N'[hu_hu]Could not connect with the server.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_SCAN_SERVER_FAX', N'Escanear al fax del servidor');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_END_IP_ADDRESS', N'Adresse IP de fin');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_APPLICATION_DISABLED_CUSTOMER1', N'Este aplicativo foi desabilitado, pois o cliente foi desabilitado.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_ENTER', N'Entrer une valeur.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_CUSTOMER_NAME', N'[tr_tr]Customer Name');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_X_COORDINATE', N'X Coordinate');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_HEBREW', N'Ebraico');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_QUEUE_NAME2', N'Naam wachtrij');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SOME_POP3_SETTINGS', N'Alcune impostazioni POP3 non sono presenti.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_ISO_10180COMPLIANT_STANDARD', N'ISO 10180-compliant Standard Page Description Language interpreter');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_CYAN', N'Cyan');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_ALL_PRINTERS', N'Alle printers');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_WMI', N'WMI');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_SHARE_NAME', N'Nome compartilhado');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_COLOR_EXTRA_LONG', N'[hu_hu]Color Extra Long Sheets');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_TCP_TRANSPORT', N'Trasporto TCP');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_UNMANAGED_NETWORK_PRINTERS', N'Rapporto Stampanti di rete non gestite');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_RESTORE_DEFAULTS', N'Standaardwaarden herstellen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_TONER_LEVEL_50PCTLOW1', N'[tr_tr]Toner level: 50% Low Magenta');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PPA_XDAPE_SWITCH', N'PPA to XDAPE switch not completed.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_MAXIMUM_NUMBER_GROUPS', N'The maximum number of groups has been reached. In order to create a group you need to delete another group.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_MAGENTA_TONER', N'Toner Magenta');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_COMMIT_FAILED', N'Conferma non riuscita.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_SERVICE_NOT_ENABLED', N'Service not enabled');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_WINDOWS_NT_402', N'Windows NT 4.0 Workstation o Server');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (21, N'SDE_DNS1', N'DNS');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (9, N'SDE_BLANKS', N'zz}v');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_SELECTED_CSV_FILE', N'[hu_hu]Selected CSV File is not in correct format');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_COLOR_LARGE_IMPRESSIONS30', N'Impressioni grandi a colori trasmesse');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_FEET', N'[hu_hu]Feet');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_NETWORK_PRINTER_ALLIANCE', N'Network Printer Alliance Protocol (NPAP)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_COMPUTER_PING_FAILED', N'Esecuzione ping computer non riuscita.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_GRAPHIC_DOCUMENT', N'[hu_hu]Graphic Document');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_SCANNER_ICON', N'Ikona skanera');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_PORT_MONITOR_NAME', N'Name des Anschluss-Monitors');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (22, N'SDE_MULTICAST_RADIUS', N'Multicast Radius');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_OPERATING_SYSTEM_NOT_XDA', N'This operating system is not supported. Please refer to the readme file for more information');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_COPY_TO_SENDER', N'Copiar al remitente');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_STOP_DISCOVERY', N'Discovery stoppen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_JOB_SUBMISSION_TIME', N'Ora invio lavoro');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_AUTHENTICATION_SERVER_OPTIONAL', N'[tr_tr]Authentication Server (Optional)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_MINUTE', N'Minuto');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_TONER_LEVEL_10PCTLOW3', N'[tr_tr]Toner level: 10% Low Black');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_REGISTERED_BILLING_SERVICE', N'Registrado, sin servicios activados');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_SYSTEM_DOES_NOT', N'[hu_hu]Your system does not have enough memory to support this application. Please see the user''s guide pre-installation requirements.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_TYPE_SETTER', N'[tr_tr]Type Setter');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_ACTIVE_DIRECTORY_DEAD1', N'Verlopen invoeringen in actieve directory');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_POLISH', N'Polski');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_ANALOG_FAX_SENT', N'Telling analoge faxverzendingen');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_CHECK_UPDATES', N'Comprobar si hay actualizaciones');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SERVICE_LEVEL', N'Livello di assistenza');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_TCPIP_ENABLED', N'TCP/IP ativado');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_MICROSOFT_NETWORKING', N'Microsoft Networking');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_ILLEGAL_IP_MASK', N'Indirizzo IP per Mask illegale.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (8, N'SDE_TIME', N'Bf;R');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_COPIED_LARGE_SHEETS4', N'Folhas grandes copiadas (unidades)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_MIXED_OBJECT_DOCUMENT', N'Mixed Object Document Content-interpreter');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_FAILED_WRITE_TEMPLATE1', N'Failed to write template pool server information on printer.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_CONFIGURE_EIP_APPS', N'[tr_tr]Configure EIP Apps');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_EXPORT_FAILED', N'Export mislukt');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_REGISTERED', N'Registrado');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_EXCLUDE_DATA_ELEMENTS', N'Excluir elementos de datos (por razones de seguridad)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_ELECTROPHOTOGRAPHIC_LASER', N'Laser elettrofotografico');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_AVERAGE_COVERAGE_CYAN', N'[hu_hu]Average Coverage - Cyan');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_PUBLISHER', N'Publisher');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_XEROX_COMMUNICATION_SERVER', N'Serveur de communication Xerox');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_ABOUT_3', N'Info');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_UNKNOWN1', N'Se desconoce');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_A5', N'A5 (148mm x 210mm)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_DNS', N'DNS');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (8, N'SDE_MBSEC', N'Mb/sec');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_UPDATE_SCHEDULE_JA', N'Programma aggiorn.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_PROXY_TEST_PASSED', N'[tr_tr]Proxy test passed.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_ERROR_CODE', N'[tr_tr]Error Code');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_CLOUDDM_INSTALLATION_FAILED', N'Installatie mislukt');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_EMBEDDED_FAX_IMAGES2', N'Imagens de fax embutido recebidas');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_POWER_USAGE_SUMMARY', N'[hu_hu]Power Usage Summary');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_FUJI_XEROX_METER25', N'Medidor 1 Fuji Xerox transmitido');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (5, N'SDE_B5_ISO', N'Enveloppe B5 (176mm x 250mm)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_DIRECT_PRINTER_MANUAL', N'Direct Printer Manual Feed Required');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_XEROX', N'Xerox');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_XEROX_ASSET_NUMBER', N'Assetnummer Xerox');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_FUJI_XEROX_METER', N'Fuji Xerox Meter 1');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_ALTERNATE_DNS_SERVER1', N'Servidor DNS 2 alternativo');
Source: DbCreate.exe, 00000017.00000002.2561819399.000001D5B8E64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_FILE_UPLOADED_SUCCESSFULLY', N'[hu_hu]File uploaded successfully');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_PRINT_SERVER_NAME', N'Naam afdrukserver');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_OPERATION_CENTER', N'Operation Center');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_IS_EXACTLY', N'Es exactamente');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_UNINSTALL1', N'desinstalar');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_LINEMATRIX_PRINTER_INTERPRETER', N'Interpreter drukarki Line/Matrix');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (10, N'SDE_1_2', N'#1 & #2');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_BINDERY_FILE_SERVER2', N'[hu_hu]Bindery File Server 3');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SCANNER_ICON', N'Icona Scanner');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_CANON_PRINT_SYSTEMS', N'Canon Print Systems Language-interpreter');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (18, N'SDE_SMTP_SECURITY_NEEDED', N'[tr_tr]SMTP Security (needed by some SMTP Servers)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_PRINTER_ENTRY_NOT', N'Nie znaleziono wpisu drukarki w pliku tcpmon.ini.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_SYSTEM_NAME', N'Nome sistema');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_SEARCH_SCHEDULE', N'Zoekschema');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_2_SIDED_SHEETS7', N'2-seitige Bogen (Einheiten)');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_CATEGORY', N'Category');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_WINDOWS_NOT_CONFIGURED', N'Windows is niet geconfigureerd voor IPv6');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (3, N'SDE_STATUS_HISTORY_REPORT', N'Status-Protokollbericht');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (7, N'SDE_MANUFACTURER4', N'Fabricante');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_PUBLISHER_GUID', N'Publisher GUID');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_COULD_NOT_INITIALIZE', N'Could not initialize site with the configured Xerox Services Manager');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (2, N'SDE_SNMP_GET_COMMUNITY1', N'The SNMP GET community name is invalid, the device did respond to the SNMP SET (or READ/WRITE) community name.');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (6, N'SDE_DAYS1', N'Giorni');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_IS_EXACTLY', N'Is exact');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (20, N'SDE_NEC_PAGE_PRINTER', N'[hu_hu]NEC Page printer interpreter');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_PRINTER_STATUS1', N'Estado de la impresora');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7064000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (4, N'SDE_LEASE_COVERAGE_DETAILS', N'Detalles de cobertura del alquiler');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A4002000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2437447722.000001D5A6E51000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (17, N'SDE_DIE_CUTTER', N'Wzornik');
Source: DbCreate.exe, 00000017.00000000.2192905308.000001D5A3602000.00000002.00000001.01000000.00000025.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B7A64000.00000004.00000800.00020000.00000000.sdmp, DbCreate.exe, 00000017.00000002.2561819399.000001D5B8464000.00000004.00000800.00020000.00000000.sdmp Binary or memory string: INSERT INTO [LouserzationString] (LanguageID, LouserzedStringEnum, LouserzedString) VALUES (11, N'SDE_CHARGEBACK_CODE_NOT', N'Chargebackcode niet gevonden.');
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe File read: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Jump to behavior
Source: unknown Process created: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe "C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe"
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Process created: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe "C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe"
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe "C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe" /L1033 /v"XMLLocation=\"C:\Users\user\AppData\Local\Temp\DSC\xrs.val\"" SKIPLC=false
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe /prereqcheck /L1033 LOG="C:\ProgramData\Xerox\InstallLogs\Xerox_XDA_6.8.54_08_10_2024_1728410229.txt" /bootstrapped
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe /v"XMLLocation=\"C:\Users\user\AppData\Local\Temp\DSC\xrs.val\"" SKIPLC=false /L1033 LOG="C:\ProgramData\Xerox\InstallLogs\Xerox_XDA_6.8.54_08_10_2024_1728410229.txt" /bootstrapped
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe "C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe" SQLCE
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown Process created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exe Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 398AEE39D053096B8B7CCBB4A051E035
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI387B.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6830312 2 CustomAction!CustomActionsShared.ExecuteSequence.ExecuteInitialize
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI48B8.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6834390 8 CustomAction!CustomActionsShared.ExecuteSequence.ExecuteBegin
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI55F9.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6837765 14 CustomAction!CustomActionsShared.ExecuteSequence.SilentExecuteValidations
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI90D1.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6852843 20 CustomAction!CustomActionsShared.ExecuteSequence.InstallExecuteSeq
Source: C:\Windows\SysWOW64\rundll32.exe Process created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe "C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DBCreate.exe" SQLCE
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Process created: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe "C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe" Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe "C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe" /L1033 /v"XMLLocation=\"C:\Users\user\AppData\Local\Temp\DSC\xrs.val\"" SKIPLC=false Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe /prereqcheck /L1033 LOG="C:\ProgramData\Xerox\InstallLogs\Xerox_XDA_6.8.54_08_10_2024_1728410229.txt" /bootstrapped Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe /v"XMLLocation=\"C:\Users\user\AppData\Local\Temp\DSC\xrs.val\"" SKIPLC=false /L1033 LOG="C:\ProgramData\Xerox\InstallLogs\Xerox_XDA_6.8.54_08_10_2024_1728410229.txt" /bootstrapped Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe "C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe" SQLCE Jump to behavior
Source: C:\Windows\System32\msiexec.exe Process created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 398AEE39D053096B8B7CCBB4A051E035
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI387B.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6830312 2 CustomAction!CustomActionsShared.ExecuteSequence.ExecuteInitialize
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI48B8.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6834390 8 CustomAction!CustomActionsShared.ExecuteSequence.ExecuteBegin
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI55F9.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6837765 14 CustomAction!CustomActionsShared.ExecuteSequence.SilentExecuteValidations
Source: C:\Windows\SysWOW64\msiexec.exe Process created: C:\Windows\SysWOW64\rundll32.exe rundll32.exe "C:\Windows\Installer\MSI90D1.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_6852843 20 CustomAction!CustomActionsShared.ExecuteSequence.InstallExecuteSeq
Source: C:\Windows\SysWOW64\rundll32.exe Process created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe "C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DBCreate.exe" SQLCE
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: edputil.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: windows.staterepositoryps.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: appresolver.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: bcp47langs.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: slc.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: sppc.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: onecorecommonproxystub.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: onecoreuapcommonproxystub.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: pcacli.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Section loaded: sfc_os.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: version.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: vcruntime140_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: wbemcomn.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: amsi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: windowscodecs.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: dwrite.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: textshaping.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: textinputframework.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: coreuicomponents.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: rasapi32.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: rasman.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: rtutils.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: mswsock.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: winhttp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: ondemandconnroutehelper.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: iphlpapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: dhcpcsvc6.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: dhcpcsvc.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: dnsapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: winnsi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: rasadhlp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: fwpuclnt.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: secur32.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: schannel.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: mskeyprotect.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: ntasn1.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: ncrypt.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: ncryptsslp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: msasn1.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: gpapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: edputil.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: windows.staterepositoryps.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: appresolver.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: bcp47langs.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: slc.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: sppc.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: onecorecommonproxystub.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: onecoreuapcommonproxystub.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: msimg32.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: dwmapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: textinputframework.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: coreuicomponents.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe Section loaded: textshaping.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: version.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: vcruntime140_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: msi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: mscoree.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: version.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: vcruntime140_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: ucrtbase_clr0400.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: windows.storage.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: wldp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: profapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: cryptsp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: rsaenh.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: cryptbase.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: msi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: dwrite.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: textshaping.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: riched20.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: usp10.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: msls31.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: windowscodecs.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: textinputframework.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: coreuicomponents.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: ntmarta.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: coremessaging.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: wintypes.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: propsys.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: edputil.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: windows.staterepositoryps.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: appresolver.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: bcp47langs.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: slc.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: sppc.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: onecorecommonproxystub.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: onecoreuapcommonproxystub.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: srpapi.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: tsappcmp.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: netapi32.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Section loaded: wkscli.dll Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: mscoree.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: vcruntime140_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Section loaded: cryptbase.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: apphelp.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: aclayers.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: sfc.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: sfc_os.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: msi.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: tsappcmp.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: userenv.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: profapi.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: sspicli.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: netapi32.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: wkscli.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: netutils.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: wldp.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: msasn1.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: cryptsp.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: rsaenh.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: cryptbase.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: msisip.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: gpapi.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: mscoree.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: version.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: rstrtmgr.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: ncrypt.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: ntasn1.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: windows.storage.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: pcacli.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: mpr.dll
Source: C:\Windows\System32\msiexec.exe Section loaded: cabinet.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: apphelp.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: aclayers.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: mpr.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sfc.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: sfc_os.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: kernel.appcore.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: msi.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: cabinet.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: cabinet.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: cabinet.dll
Source: C:\Windows\SysWOW64\msiexec.exe Section loaded: cabinet.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: mscoree.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: version.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: vcruntime140_clr0400.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: ucrtbase_clr0400.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: ucrtbase_clr0400.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: wldp.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: profapi.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: rsaenh.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: msasn1.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: gpapi.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: urlmon.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: iertutil.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: srvcli.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: netutils.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: sspicli.dll
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Section loaded: propsys.dll
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32 Jump to behavior
Source: Window Recorder Window detected: More than 3 window changes detected
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Window detected: &Cancel&Next >License agreementSQL Server SelectionDatabase ServerSQL Database CreationDestination FolderDatabase OptionsReady To InstallInstallation ProgressSetup Complete&View ReadmeLicense agreementPlease read the following license agreement carefully.I &do not accept the terms in the license agreementI &accept the terms in the license agreementXerox CorporationSoftware End-User License Agreement (EULA)1.WHEN USED IN THIS EULA XEROX MEANS XEROX CORPORATION. YOU MEANS THE INDIVIDUAL OR LEGAL ENTITY ACQUIRING THE SOFTWARE. Please read this EULA carefully before downloading installing or using the Licensed Software. BY DOWNLOADING INSTALLING OR USING THE LICENSED SOFTWARE YOU ARE AGREEING TO BE LEGALLY BOUND BY THE TERMS OF THIS EULA GOVERNING THE USE OF THE LICENSED software. If you do not agree to the terms of this EULA downloading installation and use of the Licensed Software are strictly prohibited.2.Licensed Software. This EULA applies to the following software products (as they are issued as of the date of this EULA) and any subsequent upgrades supplements add-ons and substitute releases thereof: Xerox Device Manager (XDM) Xerox Device Agent (XDA) and the XDA family of software products CentreWare Web (CWW) Xerox Workplace Cloud Agent (XWCA) when provided with XDA and to any other software products provided with this EULA each a Licensed Software.3.Xerox Tools. The Xerox Tools are certain software-based components documentation and methodology-based components hosted by Xerox and used to provide print services to customers. No rights are granted to you under this EULA with respect to the hosted Xerox Tools. The Licensed Software interacts with the Xerox Tools as set forth in Paragraph 6 below.4.License Grant. Xerox grants You a non-exclusive non-transferable license to install the Licensed Software on a host computer or server and to use the Licensed Software provided to you (a) if you have a contract for print services with Xerox or a Xerox-authorized service provider (Contract) to use XDM or XDA for the purpose of receiving print services during the term of the Contract; or (b) if you downloaded CWW from an authorized Xerox website to use CWW in accordance with the terms set forth on the authorized Xerox website or the accompanying user manual or documentation. If the Licensed Software includes software developed by a third party such third party shall be considered a third party beneficiary of Your obligations under this EULA. The readme and notice files may include third party flow down terms and conditions which are a part of this EULA. This EULA incorporates by reference and makes a part hereof any readme or notice files accompanying the Licensed Software. Title to the Licensed Software and all copies shall at all times reside exclusively with Xerox and/or its licensor(s). 5.Licensed Software Updates. Xerox may provide or otherwise make available updates bug fixes feature enhancements or improvem
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Window detected: &Cancel&Next >License agreementSQL Server SelectionDatabase ServerSQL Database CreationDestination FolderDatabase OptionsReady To InstallInstallation ProgressSetup Complete&View ReadmeLicense agreementPlease read the following license agreement carefully.I &do not accept the terms in the license agreementI &accept the terms in the license agreementXerox CorporationSoftware End-User License Agreement (EULA)1.WHEN USED IN THIS EULA XEROX MEANS XEROX CORPORATION. YOU MEANS THE INDIVIDUAL OR LEGAL ENTITY ACQUIRING THE SOFTWARE. Please read this EULA carefully before downloading installing or using the Licensed Software. BY DOWNLOADING INSTALLING OR USING THE LICENSED SOFTWARE YOU ARE AGREEING TO BE LEGALLY BOUND BY THE TERMS OF THIS EULA GOVERNING THE USE OF THE LICENSED software. If you do not agree to the terms of this EULA downloading installation and use of the Licensed Software are strictly prohibited.2.Licensed Software. This EULA applies to the following software products (as they are issued as of the date of this EULA) and any subsequent upgrades supplements add-ons and substitute releases thereof: Xerox Device Manager (XDM) Xerox Device Agent (XDA) and the XDA family of software products CentreWare Web (CWW) Xerox Workplace Cloud Agent (XWCA) when provided with XDA and to any other software products provided with this EULA each a Licensed Software.3.Xerox Tools. The Xerox Tools are certain software-based components documentation and methodology-based components hosted by Xerox and used to provide print services to customers. No rights are granted to you under this EULA with respect to the hosted Xerox Tools. The Licensed Software interacts with the Xerox Tools as set forth in Paragraph 6 below.4.License Grant. Xerox grants You a non-exclusive non-transferable license to install the Licensed Software on a host computer or server and to use the Licensed Software provided to you (a) if you have a contract for print services with Xerox or a Xerox-authorized service provider (Contract) to use XDM or XDA for the purpose of receiving print services during the term of the Contract; or (b) if you downloaded CWW from an authorized Xerox website to use CWW in accordance with the terms set forth on the authorized Xerox website or the accompanying user manual or documentation. If the Licensed Software includes software developed by a third party such third party shall be considered a third party beneficiary of Your obligations under this EULA. The readme and notice files may include third party flow down terms and conditions which are a part of this EULA. This EULA incorporates by reference and makes a part hereof any readme or notice files accompanying the Licensed Software. Title to the Licensed Software and all copies shall at all times reside exclusively with Xerox and/or its licensor(s). 5.Licensed Software Updates. Xerox may provide or otherwise make available updates bug fixes feature enhancements or improvem
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll Jump to behavior
Source: XDA_CDS v6.8.54_SE.exe Static PE information: certificate valid
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File opened: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\msvcr90.dll Jump to behavior
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.PDB source: dbVersionDetect.exe, 0000000F.00000002.1892522532.00000000007E3000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: Microsoft.Web.Administration.pdb source: rundll32.exe, 00000013.00000003.1937540569.0000000004C60000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000013.00000003.1943162223.000000000325E000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000014.00000003.1977139019.000000000327C000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000015.00000003.2011135049.000000000319C000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000016.00000003.2162785269.00000000029DC000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\agent\_work\1\s\DSC\Device.SmartClient\Installer\INSTALLERS\XDASIXFOUR\Controller\bin\Release\Merged.Controller.pdb source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\MasterRepo\DSC\Device.SmartClient\ZPrototypes\dbVersionDetect\dbVersionDetect\obj\x86\Debug\dbVersionDetect.pdb source: dbVersionDetect.exe, 0000000F.00000002.1895473062.0000000002401000.00000004.00000800.00020000.00000000.sdmp, dbVersionDetect.exe, 0000000F.00000000.1889093552.0000000000012000.00000002.00000001.01000000.00000011.sdmp
Source: Binary string: mscorlib.pdb source: dbVersionDetect.exe, 0000000F.00000002.1895473062.0000000002401000.00000004.00000800.00020000.00000000.sdmp
Source: Binary string: C:\agent\_work\1\s\DSC\Device.SmartClient\Installer\INSTALLERS\XDASIXFOUR\Release\Bootstrapper.pdb& source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598044610.0000000000CCA000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: C:\agent\_work\1\s\DSC\Device.SmartClient\Installer\INSTALLERS\XDASIXFOUR\Release\Bootstrapper.pdb source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598044610.0000000000CCA000.00000002.00000001.01000000.0000000D.sdmp
Source: Binary string: b77a5c561934e089\mscorlib.pdb source: dbVersionDetect.exe, 0000000F.00000002.1892522532.000000000082F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xml9 source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xmlSTLIST. source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xml8 source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Windows\symbols\exe\dbVersionDetect.pdb source: dbVersionDetect.exe, 0000000F.00000002.1892522532.00000000007E3000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: ProductVersion%Init file copying =bin\Infrastructure.Library.dllEbin\Old_Infrastructure.Library.dll=bin\Infrastructure.Library.pdbEbin\Old_Infrastructure.Library.pdb?Infrastructure.Library_5435.dll?Infrastructure.Library_5435.pdb?Infrastructure.Library_5447.dll?Infrastructure.Library_5447.pdbEDM Error Patch Files move failed: ?Unable to stop Service / Shell -DM Error ReplaceDlls: +Starting XDA service ]The xda.service status is currently set to {0}QStarting XDA service fails source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xmlSTa source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: sqlceqp40.pdb source: DbCreate.exe, DbCreate.exe, 00000017.00000002.2804693445.000001D5BF954000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Program Files (x86)\Xerox\DSC Packager\Util\DownloadManager452\DownloadManager\Output\DownloadManager.pdb source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1182537096.0000000002ADC000.00000004.00000020.00020000.00000000.sdmp, XDA_CDS v6.8.54.exe, 00000001.00000000.1184318523.0000021D2C8D2000.00000002.00000001.01000000.00000005.sdmp
Source: Binary string: XEROXS~1.PDBXerox.SmartClientExportUtility.pdbgle.dllXMLMicrosoft.Rest.ClientRuntime.Azure.xmlST` source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: m@C:\Windows\dbVersionDetect.pdb source: dbVersionDetect.exe, 0000000F.00000002.1891229583.00000000001A8000.00000004.00000010.00020000.00000000.sdmp
Source: Binary string: XEROXX~1.PDBXerox.XDAMonitorService.pdb source: DbCreate.exe, 00000017.00000002.2797736517.000001D5BF7C2000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\agent\_work\8\s\build\ship\x86\SfxCA.pdb source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.000000000304B000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002738000.00000002.00000001.01000000.0000000F.sdmp
Source: Binary string: C:\agents\_work\6\s\Xerox.Installer.Platform\bin\Release\Merged\Xerox.Installer.Platform.pdb source: rundll32.exe, 00000013.00000003.1937540569.0000000004C60000.00000004.00000020.00020000.00000000.sdmp

Data Obfuscation
barindex
.NET source code contains potential unpacker
Source: DotNetZip-zsgczx5e.tmp.12.dr, LoaderSQLCe.cs .Net Code: Init System.Reflection.Assembly.Load(byte[])
Source: DotNetZip-zsgczx5e.tmp.12.dr, LoaderSQLCe.cs .Net Code: Init System.Reflection.Assembly.Load(byte[])
Source: DotNetZip-zsgczx5e.tmp.12.dr, LoaderSQLCe.cs .Net Code: Init
Source: DotNetZip-zsgczx5e.tmp.12.dr, LoaderSQLCe.cs .Net Code: ExecuteReaderCommand
PE file contains an invalid checksum
Source: DotNetZip-f0wwtvlh.tmp.12.dr Static PE information: real checksum: 0x5f825 should be: 0x5f120
Source: DotNetZip-zsgczx5e.tmp.12.dr Static PE information: real checksum: 0x0 should be: 0xc161
Source: DotNetZip-k2hbywmz.tmp.12.dr Static PE information: real checksum: 0x12519 should be: 0x12da9
Source: DotNetZip-1tvdvqva.tmp.12.dr Static PE information: real checksum: 0x53934 should be: 0x580ce
Source: DotNetZip-j5r5ej54.tmp.12.dr Static PE information: real checksum: 0x9c961 should be: 0xa9853
Source: DotNetZip-epzoghya.tmp.12.dr Static PE information: real checksum: 0x1a46a should be: 0x1cc45
PE file contains sections with non-standard names
Source: DotNetZip-epzoghya.tmp.12.dr Static PE information: section name: PAGELK
Source: DotNetZip-pmx3nkns.tmp.12.dr Static PE information: section name: PAGELK
Source: DotNetZip-f0wwtvlh.tmp.12.dr Static PE information: section name: PAGELK
Source: DotNetZip-3bs3rbix.tmp.12.dr Static PE information: section name: PAGELK
Uses code obfuscation techniques (call, push, ret)
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Code function: 0_2_006A3076 push 00000000h; retf 0_2_006A3078
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Code function: 11_2_00007FFEC83759A4 push es; ret 11_2_00007FFEC83759AF
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_51E372EB push rax; ret 23_2_51E372F1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_51E3739B push rax; ret 23_2_51E373A1
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_00007FFEC8344563 push ds; retf 23_2_00007FFEC8344564
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_00007FFEC8345A6D push 8B485E40h; iretd 23_2_00007FFEC8345A72
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_00007FFEC8344708 push ebp; retf 23_2_00007FFEC8344718
Source: DotNetZip-nhkoeko1.tmp.12.dr Static PE information: section name: .text entropy: 6.922045894978299

Persistence and Installation Behavior
barindex
Installs new ROOT certificates
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Registry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419 Blob
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Registry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\A43489159A520F0D93D032CCAF37E7FE20A8B419 Blob
Creates processes with suspicious names
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe File created: \xerox device agent partner edition (xda pe) v6.8.54.exe
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe File created: \xerox device agent partner edition (xda pe) v6.8.54.exe
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe File created: \xerox device agent partner edition (xda pe) v6.8.54.exe Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe File created: \xerox device agent partner edition (xda pe) v6.8.54.exe Jump to behavior
Drops PE files
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\BouncyCastle.Crypto.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Wizard.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Runtime.CompilerServices.Unsafe.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ICSharpCode.SharpZipLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxCPrnClone2.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcecompact40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Data.Conversion.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\Microsoft.VC90.CRT\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Memory.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\HtmlAgilityPack.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\AgentUtilities.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcese40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Text.Unicode.Scsu.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.DTS.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxDiscoveryConst.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.Unity.Configuration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.XrxDiscovery.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\Microsoft.VC90.CRT.64\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceca40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Provider.Factory.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.UltraWinGrid.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Security35.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-q5xs0dya.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\DotNetLib.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-epzoghya.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe File created: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceme40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT.64\msvcp90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtUtilities35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Security.Cryptography.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-uy335h0z.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XRXPAREMOTEINSTALLERLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.WebBrowser.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Entities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI387B.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.WebProxyService.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Logging.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Shared.v8.3.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-nhkoeko1.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI48B8.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-f0wwtvlh.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.ObjectBuilder.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtServiceProxy35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\Interop.IWshRuntimeLibrary.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\msvcr90.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ChilkatDotNet4.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI90D1.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Address.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.Meters.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.GenericClient.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\IWSLicenseChecker.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Azure.Storage.Blob.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Caching.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.SqlCeClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XEROXGETCONFIGLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Threading.Tasks.Dataflow.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Identity.Dsc.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceme35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcDesCrypt.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\CWWLibDb.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-1tvdvqva.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CALaw.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\stdole.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-k3tcwu20.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SmartClientExportUtility.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ProxyAuthValidator.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Spatial.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcecompact40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\System.Spatial.resources.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceme40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Rest.ClientRuntime.Azure.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT.64\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMDOCS.EFIUtil.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Ipp.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.NetFwPublicTypeLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Workspaces.OutlookBar.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Data.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-15clpdrb.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.XDAMonitorService.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\msvcr100.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SchedulerDB.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.mshtml.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT\msvcm90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Entities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.AssemblyLoader.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.ModelCapabilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.ApplicationEntitlement.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Infra.ThreadModel.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.LexmarkWebServices.Utility.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Azure.Storage.Common.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Module.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcese40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DotNetServiced.dll Jump to dropped file
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe File created: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XEROXSETCONFIGLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtClient35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcInstallPrinterst3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XdaConfigTool.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Library.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Rest.ClientRuntime.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Caching.Cryptography.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\System.Data.SqlServerCe.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.DeviceStatus.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.SecurityProvider.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\LogCopier.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.ContstantsLib.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-bc3j0yvu.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceer40EN.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtClientInterfaces35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtServiceProxyInterfaces35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.IProvider.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\msvcr100.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceqp40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Library.Synchronization.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Entity.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Protocol.Http.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDALogCollator.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxScheduler.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\DirectPrinterDiscoveryHelper.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ChilkatDotNet4.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.CompositeUI.WinForms.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Discovery.CommunicationProtocol.Entities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.ObjectBuilder2.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcDos.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceqp40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XLMClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Logging.Database.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Provider.Venafi.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.FeatureLicensing.Lib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Threading.Tasks.Extensions.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\microsoft.web.services.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxWmiNetAPI.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Data.SqlCe.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcecompact40.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceer35EN.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.Misc.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceer40EN.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceca40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.CompositeUI.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\ShortcutXDA.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcese40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceqp40.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\SNMPSupport.exe Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-j5r5ej54.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcecompact35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Services.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Layout.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Security.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcecompact40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Web.Services3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Data.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceqp40.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XRXCNETPARAMIPIPXLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtServiceProxyCdp35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Utilities.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceer40EN.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceme40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xda.Shell.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceqp35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Data.OData.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Data.Services.Client.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.EIP.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.CWWLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.Utilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.CREOACCOUNTINGSERVICELib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Common.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxFxSdk.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\AxInterop.SHDocVw.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\RulesEngine.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xda.Service.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\Xerox.Security.Cryptography.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceer40EN.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcInstallPrinterst3.64.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceca35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Text.Ascii.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Newtonsoft.Json.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Discovery.CommunicationProtocol.Http.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.ValueTuple.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-c2a3eezk.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcPaRemoteInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DMFeatureToggle.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMDOCS.CREOUTIL.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-k2hbywmz.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI55F9.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XPATypeDefLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Library.ScheduledTasks.CommandHandler.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcNetParamIPIPX.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\MSIConfig.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcese40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Logging.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XrxDesCrypt.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Data.SqlServerCe.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XrxcDos.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.SqlClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Data.SqlServerCe.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT\msvcp90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.UltraWinTabControl.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\UnitTestInterface.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Settings.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceca40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.Unity.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Synchronization.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Exceptions35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Azure.KeyVault.Core.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-400bjbqb.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Interface.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Data.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.Process.ADFF.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.WindowsAzure.Storage.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceme40.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-zsgczx5e.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\System.Data.SqlServerCe35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-3bs3rbix.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.VistaDbClient.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\System.Data.SqlServerCe.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XRXCINSTALLPRINTERST3Lib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\BrandingTask.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SDI.XDM.Utils.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcese35.dll (copy) Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\System.Data.SqlServerCe.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Text35.Core35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcese40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Data.Edm.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Repackager.Utilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceca40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceme40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceer40EN.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SDI.TypeDefLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcecompact40.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-pmx3nkns.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.FeatureToggle.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XLMAUClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Business.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceca40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Buffers.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxSnmpCollection.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.Process.DDFF.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT.64\msvcm90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\DocumentFormat.OpenXml.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceqp40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Provider.MSNDES.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Numerics.Vectors.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Printers.dll Jump to dropped file
Drops PE files to the windows directory (C:\Windows)
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI387B.tmp Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI48B8.tmp Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI90D1.tmp Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI90D1.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe File created: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Windows\Installer\MSI55F9.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\bin\xda.service.InstallLog
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\ReadMe.txt
Source: C:\Windows\System32\msiexec.exe File created: C:\Program Files (x86)\CDS\XDA_CDS\data\ReadMeData.txt
Creates or modifies windows services
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Registry key created: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Xerox DM (Device Management) Jump to behavior
Stores large binary data to the registry
Source: C:\Windows\System32\msiexec.exe Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CCBBF9E1485AF63CE47ABF8E9E648C2504FC319D Blob
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\msiexec.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\rundll32.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process information set: NOOPENFILEERRORBOX
Allocates memory with a write watch (potentially for evading sandboxes)
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Memory allocated: 21D2CCE0000 memory reserve | memory write watch Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Memory allocated: 21D467C0000 memory reserve | memory write watch Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Memory allocated: 3430000 memory reserve | memory write watch Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Memory allocated: 1D280000 memory reserve | memory write watch Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Memory allocated: 33A0000 memory reserve | memory write watch Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Memory allocated: 1CFA0000 memory reserve | memory write watch Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Memory allocated: 790000 memory reserve | memory write watch
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Memory allocated: 2400000 memory reserve | memory write watch
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Memory allocated: 4400000 memory reserve | memory write watch
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Memory allocated: 1D5A5450000 memory reserve | memory write watch
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Memory allocated: 1D5BEE50000 memory reserve | memory write watch
Contains long sleeps (>= 3 min)
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 922337203685477 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 600000 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599889 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599780 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599668 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599557 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599445 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599333 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599207 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599080 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598968 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598858 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598735 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598623 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598512 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598400 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598289 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598178 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598053 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597925 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597813 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597702 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597590 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597477 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597368 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597256 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597128 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597016 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596904 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596792 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596680 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596568 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596440 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596328 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596216 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596104 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595993 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595881 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595756 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595631 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595503 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595391 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595279 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595168 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595056 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594944 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594832 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594720 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594592 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Thread delayed: delay time: 922337203685477 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Thread delayed: delay time: 922337203685477
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Thread delayed: delay time: 922337203685477
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Window / User API: threadDelayed 9783 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Window / User API: threadDelayed 1077 Jump to behavior
Found dropped PE file which has not been started or loaded
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\BouncyCastle.Crypto.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Wizard.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Runtime.CompilerServices.Unsafe.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI55F9.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ICSharpCode.SharpZipLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxCPrnClone2.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcecompact40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\Microsoft.VC90.CRT\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Memory.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\AgentUtilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\HtmlAgilityPack.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcese40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Text.Unicode.Scsu.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.DTS.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxDiscoveryConst.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.Unity.Configuration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\Microsoft.VC90.CRT.64\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.XrxDiscovery.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceca40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Provider.Factory.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.UltraWinGrid.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Security35.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-q5xs0dya.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\DotNetLib.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-epzoghya.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceme40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT.64\msvcp90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtUtilities35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Security.Cryptography.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-uy335h0z.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XRXPAREMOTEINSTALLERLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Entities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.WebBrowser.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI387B.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.WebProxyService.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Logging.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Shared.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI48B8.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-nhkoeko1.tmp Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-f0wwtvlh.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.ObjectBuilder.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtServiceProxy35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\Interop.IWshRuntimeLibrary.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ChilkatDotNet4.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\msvcr90.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI90D1.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Address.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.Meters.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.GenericClient.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\IWSLicenseChecker.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Azure.Storage.Blob.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.SqlCeClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Caching.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Threading.Tasks.Dataflow.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XEROXGETCONFIGLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Identity.Dsc.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceme35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcDesCrypt.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\CWWLibDb.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CALaw.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-1tvdvqva.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\stdole.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SmartClientExportUtility.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-k3tcwu20.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ProxyAuthValidator.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Spatial.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Web.Administration.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcecompact40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\System.Spatial.resources.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceme40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Rest.ClientRuntime.Azure.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT.64\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMDOCS.EFIUtil.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Ipp.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.NetFwPublicTypeLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Workspaces.OutlookBar.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Data.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-15clpdrb.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.XDAMonitorService.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\msvcr100.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SchedulerDB.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.mshtml.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Entities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT\msvcm90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.AssemblyLoader.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.ModelCapabilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Infra.ThreadModel.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.ApplicationEntitlement.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.LexmarkWebServices.Utility.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Azure.Storage.Common.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Module.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcese40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DotNetServiced.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XEROXSETCONFIGLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtClient35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcInstallPrinterst3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hans\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XdaConfigTool.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Library.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Caching.Cryptography.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Rest.ClientRuntime.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\System.Data.SqlServerCe.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Discovery.DeviceStatus.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.SecurityProvider.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\LogCopier.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.ContstantsLib.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-bc3j0yvu.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceer40EN.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtClientInterfaces35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.IProvider.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtServiceProxyInterfaces35.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI55F9.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\msvcr100.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceqp40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Entity.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Library.Synchronization.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Protocol.Http.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDALogCollator.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxScheduler.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ChilkatDotNet4.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\DirectPrinterDiscoveryHelper.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.CompositeUI.WinForms.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Discovery.CommunicationProtocol.Entities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.ObjectBuilder2.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcDos.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceqp40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XLMClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Logging.Database.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Provider.Venafi.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.FeatureLicensing.Lib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\microsoft.web.services.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Threading.Tasks.Extensions.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxWmiNetAPI.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Data.SqlCe.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcecompact40.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI90D1.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceer35EN.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.Misc.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceer40EN.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceca40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.CompositeUI.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\ShortcutXDA.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\it\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcese40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceqp40.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI48B8.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\SNMPSupport.exe Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-j5r5ej54.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Services.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcecompact35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Layout.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Security.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcecompact40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.Data.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Web.Services3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceqp40.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI387B.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XRXCNETPARAMIPIPXLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Mdt.MdtServiceProxyCdp35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Net.Utilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceme40.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceer40EN.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Data.OData.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xda.Shell.exe Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceqp35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Data.Services.Client.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.CWWLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.EIP.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\zh-Hant\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.Utilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.CREOACCOUNTINGSERVICELib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI90D1.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Common.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxFxSdk.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\AxInterop.SHDocVw.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI387B.tmp-\CustomAction.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\RulesEngine.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xda.Service.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\Xerox.Security.Cryptography.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceer40EN.64.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI48B8.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcInstallPrinterst3.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Text.Ascii.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceca35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Newtonsoft.Json.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI48B8.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Discovery.CommunicationProtocol.Http.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.ValueTuple.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-c2a3eezk.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DMFeatureToggle.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcPaRemoteInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMDOCS.CREOUTIL.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-k2hbywmz.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI55F9.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XPATypeDefLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Library.ScheduledTasks.CommandHandler.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxcNetParamIPIPX.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Deployment.WindowsInstaller.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\MSIConfig.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlcese40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Logging.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Data.SqlServerCe.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XrxDesCrypt.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XrxcDos.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.SqlClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Data.SqlServerCe.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.UltraWinTabControl.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\fr\Microsoft.Data.Edm.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\UnitTestInterface.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT\msvcp90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infragistics2.Win.v8.3.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Settings.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceca40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ko\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.Unity.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Synchronization.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Exceptions35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Azure.KeyVault.Core.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Infrastructure.Interface.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-400bjbqb.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Data.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.Process.ADFF.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.WindowsAzure.Storage.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceme40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\System.Data.SqlServerCe35.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-3bs3rbix.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.CWW.DiscoveryDb.Data.VistaDbClient.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI387B.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\System.Data.SqlServerCe.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\de\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\BrandingTask.exe Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Interop.XRXCINSTALLPRINTERST3Lib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SDI.XDM.Utils.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ja\Microsoft.Data.Services.Client.resources.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlcese35.dll (copy) Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\System.Data.SqlServerCe.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.Text35.Core35.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcese40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.Data.Edm.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Repackager.Utilities.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceca40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceme40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlceer40EN.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.SDI.TypeDefLib.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\sqlcecompact40.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.FeatureToggle.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\DotNetZip-pmx3nkns.tmp Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XLMAUClient.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.Business.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\sqlceca40.64.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Buffers.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XrxSnmpCollection.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\XDMExpress.Process.DDFF.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT\msvcr90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\ru\System.Spatial.resources.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Microsoft.VC90.CRT.64\msvcm90.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\es\Microsoft.Data.OData.resources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI55F9.tmp-\InstallerResources.dll Jump to dropped file
Source: C:\Windows\SysWOW64\rundll32.exe Dropped PE file which has not been started: C:\Windows\Installer\MSI90D1.tmp-\Xerox.Installer.Platform.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\DocumentFormat.OpenXml.dll Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\sqlceqp40.dll (copy) Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xerox.DM.CertManagement.Provider.MSNDES.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\System.Numerics.Vectors.dll Jump to dropped file
Source: C:\Windows\System32\msiexec.exe Dropped PE file which has not been started: C:\Program Files (x86)\CDS\XDA_CDS\bin\Modules.Printers.dll Jump to dropped file
Found large amount of non-executed APIs
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe API coverage: 5.9 %
May sleep (evasive loops) to hinder dynamic analysis
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -3689348814741908s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -600000s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599889s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599780s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599668s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599557s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599445s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599333s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599207s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -599080s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598968s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598858s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598735s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598623s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598512s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598400s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598289s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598178s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -598053s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597925s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597813s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597702s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597590s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597477s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597368s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597256s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597128s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -597016s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596904s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596792s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596680s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596568s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596440s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596328s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596216s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -596104s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595993s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595881s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595756s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595631s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595503s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595391s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595279s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595168s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -595056s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -594944s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -594832s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -594720s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe TID: 5388 Thread sleep time: -594592s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe TID: 3736 Thread sleep time: -922337203685477s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe TID: 5320 Thread sleep time: -53850s >= -30000s Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe TID: 4448 Thread sleep time: -922337203685477s >= -30000s
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe TID: 4348 Thread sleep time: -922337203685477s >= -30000s
Sample execution stops while process was sleeping (likely an evasion)
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe Last function: Thread delayed
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe File Volume queried: C:\ FullSizeInformation Jump to behavior
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation
Source: C:\Windows\System32\msiexec.exe File Volume queried: C:\ FullSizeInformation
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 922337203685477 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 600000 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599889 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599780 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599668 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599557 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599445 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599333 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599207 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 599080 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598968 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598858 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598735 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598623 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598512 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598400 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598289 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598178 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 598053 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597925 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597813 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597702 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597590 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597477 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597368 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597256 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597128 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 597016 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596904 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596792 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596680 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596568 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596440 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596328 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596216 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 596104 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595993 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595881 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595756 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595631 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595503 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595391 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595279 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595168 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 595056 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594944 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594832 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594720 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Thread delayed: delay time: 594592 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Thread delayed: delay time: 922337203685477 Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Thread delayed: delay time: 922337203685477
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe File opened: C:\Users\user\AppData\Local\Temp\
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000003.1648256128.00000000006D1000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\\?\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\
Source: XDA_CDS v6.8.54_SE.exe, 00000000.00000000.1181115172.0000000000401000.00000020.00000001.01000000.00000003.sdmp Binary or memory string: =HgFSV
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1644804906.0000021D48A00000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\DosDevices\D:
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46ECF000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\8b}c
Source: XDA_CDS v6.8.54.exe, 00000001.00000002.1638900974.0000021D46F01000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process information queried: ProcessInformation Jump to behavior
Enables debug privileges
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process token adjusted: Debug Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process token adjusted: Debug Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process token adjusted: Debug Jump to behavior
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Process token adjusted: Debug
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Memory allocated: page read and write | page guard Jump to behavior
Creates a process in suspended mode (likely to inject code)
Source: C:\Users\user\Desktop\XDA_CDS v6.8.54_SE.exe Process created: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe "C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe" Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Process created: C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe "C:\Users\user\AppData\Local\Temp\DSC\Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe" /L1033 /v"XMLLocation=\"C:\Users\user\AppData\Local\Temp\DSC\xrs.val\"" SKIPLC=false Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Process created: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe "C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe" SQLCE Jump to behavior
Source: C:\Windows\SysWOW64\rundll32.exe Process created: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe "C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DBCreate.exe" SQLCE
Source: Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe, 0000000A.00000000.1598093959.0000000003055000.00000002.00000001.01000000.0000000D.sdmp, Setup.exe, 0000000B.00000000.1679541432.0000000002742000.00000002.00000001.01000000.0000000F.sdmp, rundll32.exe, 00000013.00000003.1937540569.0000000004CA4000.00000004.00000020.00020000.00000000.sdmp Binary or memory string: Shell_TrayWnd
Queries the volume information (name, serial number etc) of a device
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userbrii.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userbrib.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userbriz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Candaral.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\comici.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\consola.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\consolai.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\consolab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\consolaz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\constani.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\couri.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\framd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\taile.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\pala.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\palai.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\palab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BELLB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BERNHC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userFR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userFI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userFB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userST.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userSTI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userSTB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\userSTBI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SCHLBKI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SCHLBKB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\COPRGTB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\DUBAI-REGULAR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\DUBAI-MEDIUM.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\DUBAI-LIGHT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\DUBAI-BOLD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ERASBD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FELIXTI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FREESCPT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GARAIT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GLECB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\GOUDYSTO.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\HARLOWSI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\JOKERMAN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LBRITEDI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LEELAWAD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LFAXD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LFAXDI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LTYPEB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MTCORSVA.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ONYX.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PALSCRI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PER_____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\REFSPCL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCKI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCC____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\ROCCB___.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SCRIPTBL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\STENCIL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCCB____.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TCCEB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\VINERITC.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\flat_officeFontsPreview.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OFFSYM.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OFFSYMSL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OFFSYMSB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OFFSYMXL.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OFFSYML.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\OFFSYMB.TTF VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\Windows\Fonts\arial.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C62BCD12-CEDF-448E-ACEE-31D7748E3F75\Setup.exe Queries volume information: C:\ VolumeInformation Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Queries volume information: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\bfcc5xtj.2w0\lq2brwcq.eam\dbVersionDetect.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\msiexec.exe Queries volume information: C:\ VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI387B.tmp-\Microsoft.Deployment.WindowsInstaller.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI387B.tmp-\CustomAction.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI387B.tmp-\Xerox.Installer.Platform.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI48B8.tmp-\Microsoft.Deployment.WindowsInstaller.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI48B8.tmp-\CustomAction.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI48B8.tmp-\Xerox.Installer.Platform.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI55F9.tmp-\Microsoft.Deployment.WindowsInstaller.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI55F9.tmp-\CustomAction.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI55F9.tmp-\Xerox.Installer.Platform.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI90D1.tmp-\Microsoft.Deployment.WindowsInstaller.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI90D1.tmp-\CustomAction.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI90D1.tmp-\Xerox.Installer.Platform.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Installer\MSI90D1.tmp-\InstallerResources.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\Windows\SysWOW64\rundll32.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\System.Data.SqlServerCe.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCDiscovery.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\bin\Xda.Service.exe VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Queries volume information: C:\Program Files (x86)\CDS\XDA_CDS\data\DSCMain.sdf VolumeInformation
Source: C:\Program Files (x86)\CDS\XDA_CDS\InstallerSupport\database\DbCreate.exe Code function: 23_2_51EF6844 GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter, 23_2_51EF6844
Source: C:\Users\user\AppData\Local\Temp\DSC\XDA_CDS v6.8.54.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid Jump to behavior
Adds / modifies Windows certificates
Source: C:\Windows\System32\msiexec.exe Registry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\CCBBF9E1485AF63CE47ABF8E9E648C2504FC319D Blob
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1529182 Sample: XDA_CDS v6.8.54_SE.exe Startdate: 08/10/2024 Architecture: WINDOWS Score: 48 83 transactions-services.idns-ext.xerox.com 2->83 85 transactions.services.xerox.com 2->85 95 Suricata IDS alerts for network traffic 2->95 97 .NET source code contains potential unpacker 2->97 11 msiexec.exe 2->11         started        14 XDA_CDS v6.8.54_SE.exe 4 2->14         started        signatures3 process4 file5 73 C:\Program Files (x86)\CDS\...\DbCreate.exe, PE32 11->73 dropped 75 C:\...\DbCreate.exe.config, XML 11->75 dropped 77 C:\Windows\Installer\MSI90D1.tmp, PE32 11->77 dropped 81 250 other files (none is malicious) 11->81 dropped 16 msiexec.exe 11->16         started        79 C:\Users\user\AppData\...\XDA_CDS v6.8.54.exe, PE32 14->79 dropped 18 XDA_CDS v6.8.54.exe 18 7 14->18         started        process6 dnsIp7 22 rundll32.exe 16->22         started        25 rundll32.exe 16->25         started        27 rundll32.exe 16->27         started        29 rundll32.exe 16->29         started        87 transactions-services.idns-ext.xerox.com 13.14.0.17, 443, 49712, 49714 XEROX-WBUS United States 18->87 99 Reads the Security eventlog 18->99 101 Reads the System eventlog 18->101 31 Xerox Device Agent Partner Edition (XDA PE) v6.8.54.exe 5 18->31         started        signatures8 process9 file10 55 C:\Windows\...\Xerox.Installer.Platform.dll, PE32 22->55 dropped 57 C:\...\Microsoft.Web.Administration.dll, PE32 22->57 dropped 59 Microsoft.Deployme...indowsInstaller.dll, PE32 22->59 dropped 65 2 other files (none is malicious) 22->65 dropped 33 DbCreate.exe 22->33         started        67 5 other files (none is malicious) 25->67 dropped 69 5 other files (none is malicious) 27->69 dropped 61 C:\Windows\...\Xerox.Installer.Platform.dll, PE32 29->61 dropped 71 4 other files (none is malicious) 29->71 dropped 63 C:\Users\user\AppData\Local\...\Setup.exe, PE32 31->63 dropped 36 Setup.exe 1 43 31->36         started        39 Setup.exe 1 31->39         started        process11 file12 89 Installs new ROOT certificates 33->89 91 Reads the Security eventlog 33->91 93 Reads the System eventlog 33->93 41 conhost.exe 33->41         started        47 C:\Users\user\...\sqlcese40.dll (copy), PE32 36->47 dropped 49 C:\Users\user\...\sqlcese35.dll (copy), PE32 36->49 dropped 51 C:\Users\user\...\sqlceqp40.dll (copy), PE32 36->51 dropped 53 29 other files (none is malicious) 36->53 dropped 43 dbVersionDetect.exe 36->43         started        signatures13 process14 process15 45 conhost.exe 43->45         started       
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
13.14.0.17
 transactions-services.idns-ext.xerox.com United States
22390 XEROX-WBUS true

Contacted Domains

Name IP Active
transactions-services.idns-ext.xerox.com 13.14.0.17 true
transactions.services.xerox.com unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://transactions.services.xerox.com/XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=1bb4b441-967b-455b-8874-10a3a6ff206e true
    		unknown
    https://transactions.services.xerox.com/XeroxAutoUpdate/DownloadFile.aspx?DownLoadID=11c27bc5-ae02-43fe-93a0-af3015e8a46c true
      		unknown
      https://transactions.services.xerox.com/ true
        		unknown