IOC Report
HABICO116N_2024-04-26_16_58_38.139.zip

loading gif

Files

File Path
Type
Category
Malicious
HABICO116N_2024-04-26_16_58_38.139.zip
Zip archive data, at least v4.5 to extract, compression method=deflate
initial sample
 malicious
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cert9.db
SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 9, database pages 7, cookie 0x5, schema 4, UTF-8, version-valid-for 9
modified
 malicious
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cert9.db-journal
SQLite Rollback Journal
dropped
 malicious
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\key4.db
SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
 malicious
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\key4.db-journal
SQLite Rollback Journal
dropped
 malicious
C:\Windows\Temp\is-T0PV4.tmp\gbpcefwr64.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-Core-Heap-Obsolete-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-Core-Kernel32-Private-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-Core-Kernel32-Private-L1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-Eventing-ClassicProvider-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-Security-Lsalookup-L2-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-core-file-l2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-core-file-l2-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-core-louserzation-obsolete-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-core-string-l2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\API-MS-Win-security-provider-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-base-util-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-com-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-comm-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-console-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-datetime-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-debug-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-fibers-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-file-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-file-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-file-l1-2-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-interlocked-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-kernel32-legacy-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-libraryloader-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-libraryloader-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-louserzation-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-louserzation-l1-2-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-memory-l1-1-2.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-namedpipe-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-privateprofile-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-processthreads-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-processthreads-l1-1-2.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-shlwapi-obsolete-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-stringloader-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-synch-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-sysinfo-l1-2-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-threadpool-legacy-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-threadpool-private-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-core-wow64-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-conio-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-convert-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-filesystem-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-heap-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-process-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-runtime-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-stdio-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-crt-utility-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-eventing-consumer-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-security-base-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-security-sddl-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-service-core-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-service-core-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-service-private-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-service-winsvc-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\api-ms-win-shcore-stream-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-00JJP.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-1D0ID.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-257GR.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-2R39D.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-3BN84.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-5ERA9.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-5L4LQ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-5N7BM.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-5V3FO.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-6GDPM.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-7037H.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-8HES7.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-9AID7.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-9T1MH.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-9VM8C.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-A3DG0.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-AEBSU.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-ARARM.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-C4DKQ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-DC0KH.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-DDQS8.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-DDUV9.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-E743S.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-EBS3T.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-F237R.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-F54EF.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-FIL7C.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-GBV4Q.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-GQLAS.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-GSI34.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-GTJ3V.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-HENGA.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-HLK4M.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-HN243.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-J35ES.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-J422F.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-J6E0V.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-JQ9T3.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-K5OLE.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-KH558.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-KNACJ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-LRJJ4.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-MRJTF.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-NHJKQ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-NJRSC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-O55NU.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-O6F2S.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-OVEKC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-PEVQJ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-PTTR1.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-Q260F.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-S8JMT.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-SNI07.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-ST47B.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-SUDDL.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-T9BJK.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-U4KRV.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-VDCES.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\is-VJTAG.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\msvcp120.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\msvcp140.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\msvcp140_1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\msvcp140_2.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\msvcr120.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\vcruntime140_32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\wsaxbco.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files (x86)\Topaz OFD\Warsaw\wsbrmu.dll
ASCII text, with CRLF line terminators
dropped
C:\Program Files\Mozilla Firefox\defaults\pref\autoconf_warsaw.js
ASCII text
dropped
C:\Program Files\Topaz OFD\Warsaw:bmh6Lm9wemo
data
dropped
C:\Program Files\Topaz OFD\Warsaw:oyhagmu138iahnc
ASCII text, with no line terminators
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Core-Heap-Obsolete-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Core-Kernel32-Private-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Core-Kernel32-Private-L1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-EventLog-Legacy-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Eventing-ClassicProvider-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Eventing-Controller-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Eventing-Legacy-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Eventing-Provider-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Security-Lsalookup-L2-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-Security-Lsalookup-L2-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-core-file-l2-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-core-file-l2-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-core-louserzation-obsolete-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-core-string-l2-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-core-string-obsolete-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-core-xstate-l2-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-devices-config-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-devices-config-L1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-security-lsapolicy-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\API-MS-Win-security-provider-L1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-base-util-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-com-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-comm-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-console-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-datetime-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-datetime-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-debug-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-debug-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-delayload-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-errorhandling-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-errorhandling-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-fibers-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-fibers-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-file-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-file-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-file-l1-2-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-handle-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-heap-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-interlocked-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-io-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-io-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-kernel32-legacy-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-kernel32-legacy-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-libraryloader-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-libraryloader-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-louserzation-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-louserzation-l1-2-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-memory-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-memory-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-memory-l1-1-2.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-namedpipe-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-privateprofile-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-privateprofile-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-processenvironment-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-processenvironment-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-processthreads-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-processthreads-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-processthreads-l1-1-2.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-processtopology-obsolete-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-profile-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-realtime-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-registry-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-registry-l2-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-rtlsupport-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-shlwapi-legacy-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-shlwapi-obsolete-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-shutdown-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-string-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-stringansi-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-stringloader-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-synch-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-synch-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-sysinfo-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-sysinfo-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-sysinfo-l1-2-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-threadpool-l1-2-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-threadpool-legacy-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-threadpool-private-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-timezone-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-url-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-util-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-version-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-wow64-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-core-xstate-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-conio-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-convert-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-environment-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-filesystem-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-heap-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-locale-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-math-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-multibyte-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-private-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-process-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-runtime-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-stdio-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-string-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-time-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-crt-utility-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-eventing-consumer-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-security-base-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-security-cryptoapi-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-security-sddl-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-core-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-core-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-management-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-management-l2-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-private-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-private-l1-1-1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-service-winsvc-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\api-ms-win-shcore-stream-l1-1-0.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\concrt140.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\config.cfgc (copy)
data
dropped
C:\Program Files\Topaz OFD\Warsaw\core.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\features.datc (copy)
data
dropped
C:\Program Files\Topaz OFD\Warsaw\gas.dbd (copy)
data
dropped
C:\Program Files\Topaz OFD\Warsaw\is-0MV76.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-0U1PU.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-0VCHS.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-1299M.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-175RL.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-19RUB.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-1OSP7.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-243TO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2A08E.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2F7HQ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2G5JK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2HSS0.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2LNO6.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2MC0P.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-2OJ4D.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-3BFDH.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-3HLCR.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-3NU1J.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-44GIE.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-46BQS.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-46HPO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-4828T.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-4BMCK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-4JF0M.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-517JO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-610F5.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-61PSV.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-69J1V.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-761MJ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7EU8J.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7GP3D.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7N3QM.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7NOH4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7PA03.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7TIHM.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7V331.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-7V354.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-81M5D.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-8438K.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-8P99Q.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-8V501.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-919DS.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-91AV8.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-9KKRG.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-9POKC.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-9Q97G.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-9V2J4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-A3J84.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-A46SK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-A4G7I.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-ACRA5.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-AGO4M.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-AIIPN.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-B3OT0.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-B7FAP.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-BH3SO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-BI5Q3.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-BRS51.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-C26N7.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-C7O6K.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-CD182.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-CK4LU.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-D55QV.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-D8QQL.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-DG9B3.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-DI3QD.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-DJ7QD.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-DMHK4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-DUU0T.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-E4NUM.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-EG0JV.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-EN56H.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-EOEQ4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-EP3EK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-F090J.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-F3DLB.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-F5AV1.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-FAMCK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-FLHH1.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-FMBU4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-FTTDO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-G4AKA.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-G54TJ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-GQHVJ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-GS9C6.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-H1A10.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-H2KBE.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-H8NKL.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-HAU0N.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-HB8HP.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-HBD7J.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-HFR2O.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-HQTIK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-HV2M7.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-I85L4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-ICFPN.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-ISCLI.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-J5PQV.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-J9SHO.tmp
data
dropped
C:\Program Files\Topaz OFD\Warsaw\is-JAPFR.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-JAUEN.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-JNP9A.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-K8UEM.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-KDOHO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-KNR3D.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-KOOUU.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-KS05A.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-L47KC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-L4JD0.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-L8OLS.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-LEC8A.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-LK6MP.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-LPAT3.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-LS2RM.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-LSJ6G.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-M3NNI.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-M4GM5.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-MPT1M.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-MPU51.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-NG6HC.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-NMSAK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-NOFUA.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-O735A.tmp
data
dropped
C:\Program Files\Topaz OFD\Warsaw\is-OI81U.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-OLVVS.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-OP56C.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-P2IB0.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-P3DP5.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-P50AP.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-P7A57.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-PGQV8.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-PH93P.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-PQ4GA.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-PREND.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-PRSE3.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-Q6IJT.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-QIHTM.tmp
data
dropped
C:\Program Files\Topaz OFD\Warsaw\is-QJ10O.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-QLOJM.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-QNGBI.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-R6OEI.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-RAB4C.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-RDFPT.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-RFLP3.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-RQIEJ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-S0KNU.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-S3S2M.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-S5H0H.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-S9VJJ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-SB1JP.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-SELNG.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-SF2F5.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-SGQL5.tmp
data
dropped
C:\Program Files\Topaz OFD\Warsaw\is-SRETI.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-SSPGO.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-T08P3.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-T585E.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-TB7UC.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-TIL59.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-TL64V.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-TS8A4.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-TUF46.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-UCIJQ.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-UJ7L5.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-UNS0G.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-V2BBJ.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-V4FD9.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-VF293.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\is-VOV28.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\local.data
data
dropped
C:\Program Files\Topaz OFD\Warsaw\msvcp120.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\msvcp140.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\msvcp140_1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\msvcp140_2.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\msvcr120.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\opt
ASCII text, with very long lines (372), with no line terminators
dropped
C:\Program Files\Topaz OFD\Warsaw\ucrtbase.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\unins000.dat
InnoSetup Log 64-bit Warsaw {20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}, version 0x418, 103183 bytes, 849224\37\SYSTEM\37, C:\Program Files\Topaz OFD\Warsaw\376\377\
dropped
C:\Program Files\Topaz OFD\Warsaw\unins000.msg
InnoSetup messages, version 6.0.0, 261 messages (UTF-16), Cancel installation
dropped
C:\Program Files\Topaz OFD\Warsaw\uninstall.dat (copy)
data
dropped
C:\Program Files\Topaz OFD\Warsaw\uninstall_core.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\uninstall_mustache.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\uninstaller.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\vccorlib140.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\vcruntime140.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\vcruntime140_1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\ws.dat
data
dropped
C:\Program Files\Topaz OFD\Warsaw\ws.datr
data
dropped
C:\Program Files\Topaz OFD\Warsaw\wsaxbco.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsaxbco64.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsddin64.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsffcmgr32.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsffcmgr64.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftbmo.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftdhm.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftdl.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftfac.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftfw.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsfthfm.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsfthte.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftms.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftnmr.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftpgm.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftpp.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftprm.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftprm_w8.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftscr.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftscruc.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftstm.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsfttr.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftui.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftup.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wsftwm.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbbpp32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbbpp64.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbdhm32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbdhm64.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbhte32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbhte64.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbij.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbij_w8.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbllh.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslblsei.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbmid.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbscr32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbscr64.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbscrwh32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbuan.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wslbvpsp.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Program Files\Topaz OFD\Warsaw\wstlcup.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\ProgramData:chnpbmzkyg
data
dropped
C:\ProgramData\Temp\_cd\.hcd
data
dropped
C:\ProgramData\Temp\_cd\589e49d4745d647094694c4d7b625bc5.wtcf (copy)
Certificate, Version=3
dropped
C:\ProgramData\Temp\_cd\8709caecdc1b32d6decf74ca8a4fd123.wtcf
Certificate, Version=3
dropped
C:\ProgramData\Temp\_cd\88561e6508a6a0d226eac047f2994a11.wtcf
Certificate, Version=3
dropped
C:\ProgramData\Temp\_cd\c054fe2fb26941c1a6cca23251b6efc3.wtcf
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\Temp\cert_temp\cert2.cer
Certificate, Version=3
dropped
C:\ProgramData\Temp\wslog.dat
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookie
ASCII text, with no line terminators
dropped
C:\Users\user\Desktop\HABICO116N_2024-04-26_16_58_38.139\Device\HarddiskVolume3\Users\Habico\AppData\Local\Temp\MicrosoftEdgeDownloads\7fbe5683-d8bf-40f0-a123-f37dcb0001b0\Instala o do M dulo Adicional de Seguran a CAIXA.log
ISO-8859 text, with CRLF line terminators
modified
C:\Windows\Fonts\dbldwrsw.ttf (copy)
TrueType Font data, 10 tables, 1st "OS/2", 15 names, Macintosh, Copyright (c) 2015, GAS INFORMATICA LTDA.dbldwrswRegularwarsaw-Bold-2015:2:13dbldwrswVersion 1.0
dropped
C:\Windows\Fonts\is-01DD9.tmp
TrueType Font data, 10 tables, 1st "OS/2", 15 names, Macintosh, Copyright (c) 2015, GAS INFORMATICA LTDA.dbldwrswRegularwarsaw-Bold-2015:2:13dbldwrswVersion 1.0
dropped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
Unicode text, UTF-16, little-endian text, with CRLF line terminators
modified
C:\Windows\System32\drivers\is-DAPBJ.tmp
Windows setup INFormation
dropped
C:\Windows\System32\drivers\is-NNSG7.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\drivers\is-O3BFN.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\drivers\is-QRBJL.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\drivers\is-RQ3BD.tmp
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\System32\drivers\is-VGUV7.tmp
data
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-EventLog-Legacy-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-Eventing-Controller-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-Eventing-Legacy-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-Eventing-Provider-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-Security-Lsalookup-L2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-core-string-obsolete-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-core-xstate-l2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-devices-config-L1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-devices-config-L1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\API-MS-Win-security-lsapolicy-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-datetime-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-debug-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-delayload-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-errorhandling-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-errorhandling-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-fibers-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-handle-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-heap-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-io-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-io-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-kernel32-legacy-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-memory-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-memory-l1-1-1.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-privateprofile-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-processenvironment-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-processenvironment-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-processthreads-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-processtopology-obsolete-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-profile-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-realtime-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-registry-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-registry-l2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-rtlsupport-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-shlwapi-legacy-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-shutdown-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-string-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-stringansi-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-synch-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-sysinfo-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-sysinfo-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-threadpool-l1-2-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-timezone-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-url-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-util-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-version-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-core-xstate-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-environment-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-locale-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-math-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-multibyte-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-private-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-string-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-crt-time-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-security-cryptoapi-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-service-management-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-service-management-l2-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\api-ms-win-service-private-l1-1-0.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\concrt140.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\corefixer.exe (copy)
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\error.bmp (copy)
PC bitmap, Windows 3.x format, 164 x 314 x 4, image size 26376, resolution 2835 x 2835 px/m, cbSize 26494, bits offset 118
dropped
C:\Windows\TEMP\is-5L66I.tmp\ucrtbase.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\TEMP\is-5L66I.tmp\vccorlib140.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\0
ASCII text, with CRLF line terminators
modified
C:\Windows\Temp\is-5L66I.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\check_core.bat
DOS batch file, ASCII text, with CRLF line terminators
modified
C:\Windows\Temp\is-5L66I.tmp\get_version.exe
PE32+ executable (console) x86-64, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-0N7L2.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-0PT5M.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-1UP2T.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-245ML.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-261PJ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-2KIRS.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-31L3I.tmp
PE32+ executable (GUI) x86-64, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-3HHPB.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-47H94.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-4N8P9.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-4TV0M.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-4UJCA.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-5NMFO.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-5Q6CC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-69B7M.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-79IGP.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-7BSLN.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-7IO91.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-7JJPM.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-7PGAC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-8D5J6.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-8GD0B.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-8P6T2.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-9BRTU.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-9MEU6.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-A1JBC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-A6RUS.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-E76FA.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-EC67U.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-F0IEN.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-FVT0H.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-GV6UC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-H8KK3.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-I05AI.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-I1032.tmp
PC bitmap, Windows 3.x format, 164 x 314 x 4, image size 26376, resolution 2835 x 2835 px/m, cbSize 26494, bits offset 118
dropped
C:\Windows\Temp\is-5L66I.tmp\is-I859F.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-I9PHC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-ICBSJ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-J3TRQ.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-KNS80.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-LH7AK.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-MED3Q.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-N40L8.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-NONPG.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-NQ6ER.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-NS7KP.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-OD80C.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-OJ526.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-PCK64.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-PGMJ9.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-PJLAC.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-Q6BO0.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-QPS0A.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-QTR63.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-RNJ8M.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-RP4UP.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-RSD7C.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-S1AQH.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-U3JD8.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-UB020.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-V78PE.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\is-VSNQB.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Windows\Temp\is-5L66I.tmp\tmp.txt
ASCII text, with CRLF line terminators
modified
C:\Windows\Temp\is-5L66I.tmp\version.txt
ASCII text, with CRLF line terminators
dropped
C:\Windows\system32\drivers\wsddfac.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\system32\drivers\wsddntf.cat (copy)
data
dropped
C:\Windows\system32\drivers\wsddntf.inf (copy)
Windows setup INFormation
dropped
C:\Windows\system32\drivers\wsddntf.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\system32\drivers\wsddpp.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
C:\Windows\system32\drivers\wsddprm.sys (copy)
PE32+ executable (native) x86-64, for MS Windows
dropped
\Device\ConDrv
ASCII text, with CRLF, CR line terminators
dropped
There are 623 hidden files, click here to show them.

Domains

Name
IP
Malicious
cef.dnofd.com
18.239.225.30
dn.gastecnologia.com.br
13.32.87.91
d89qlgit85ox9.cloudfront.net
18.64.174.114
cloud.gastecnologia.com.br
unknown

IPs

IP
Domain
Country
Malicious
13.32.87.91
dn.gastecnologia.com.br
United States
18.64.174.114
d89qlgit85ox9.cloudfront.net
United States
23.204.76.112
unknown
United States
127.0.0.1
unknown
unknown